Other

IndependentKrebs

Ransomware for Dummies: Anyone Can Do It

Credit to Author: BrianKrebs| Date: Thu, 02 Mar 2017 03:14:52 +0000

Among today’s fastest-growing cybercrime epidemics is “ransomware,” malicious software that encrypts all of your computer files, photos, music and documents and then demands payment in Bitcoin to recover access to the files. A big reason for the steep increase in ransomware attacks in recent years comes from the proliferation of point-and-click tools sold in the cybercrime underground that make it stupid simple for anyone to begin extorting others for money.

Read More
IndependentKrebs

More on Bluetooth Ingenico Overlay Skimmers

Credit to Author: BrianKrebs| Date: Mon, 27 Feb 2017 01:54:58 +0000

This blog has featured several stories about “overlay” card and PIN skimmers made to be placed atop Ingenico-brand card readers at store checkout lanes. I’m revisiting the topic again because a security technician at a U.S.-based retailer recently shared a few photos of several of these devices pulled from compromised card terminals, and the images and his story offer a fair bit more detail than in previous articles on Ingenico overlay skimmers.

Read More
IndependentKrebs

iPhone Robbers Try to iPhish Victims

Credit to Author: BrianKrebs| Date: Fri, 24 Feb 2017 21:21:24 +0000

In another strange tale from the kinetic-attack-meets-cyberattack department, earlier this week I heard from a loyal reader in Brazil whose wife was recently mugged by three robbers who nabbed her iPhone. Not long after the husband texted the stolen phone — offering to buy back the locked device — he soon began receiving text messages stating the phone had been found. All he had to do to begin the process of retrieving the device was click the texted link and log in to the phishing page mimicking Apple’s site.

Read More
IndependentKrebs

How to Bury a Major Breach Notification

Credit to Author: BrianKrebs| Date: Tue, 21 Feb 2017 17:44:39 +0000

Amid the hustle and bustle of the RSA Security Conference in San Francisco last week, researchers at RSA released a startling report that received very little press coverage relative to its overall importance. The report detailed a malware campaign that piggybacked on a popular piece of software used by system administrators at some of the nation’s largest companies. Incredibly, the report did not name the affected software, and the vendor in question has apparently chosen to bury its breach disclosure. This post is an attempt to remedy that.

Read More
IndependentKrebs

February Updates from Adobe, Microsoft

Credit to Author: BrianKrebs| Date: Sun, 19 Feb 2017 21:09:22 +0000

A handful of readers have inquired as to the whereabouts of Microsoft’s usual monthly patches for Windows and related software. Microsoft opted to delay releasing any updates until next month, even though there is a zero-day vulnerability in Windows going around. However, Adobe did push out updates this week as per usual to fix critical issues in its Flash Player software

Read More
IndependentKrebs

Men Who Sent Swat Team, Heroin to My Home Sentenced

Credit to Author: BrianKrebs| Date: Fri, 17 Feb 2017 19:46:56 +0000

It’s been a remarkable week for cyber justice. On Thursday, a Ukrainian man who hatched a plan in 2013 to send heroin to my home and then call the cops when the drugs arrived was sentenced to 41 months in prison for unrelated cybercrime charges. Separately, a 19-year-old American who admitted to being part of a hacker group that sent a heavily-armed police force to my home in 2013 was sentenced to three years probation.

Read More
IndependentKrebs

Who Ran Leakedsource.com?

Credit to Author: BrianKrebs| Date: Wed, 15 Feb 2017 18:03:06 +0000

Late last month, multiple news outlets reported that unspecified law enforcement officials had seized the servers for Leakedsource.com, perhaps the largest online collection of usernames and passwords leaked or stolen in some of the worst data breaches — including billions of credentials for accounts at top sites like LinkedIn, Myspace, and Yahoo. In a development that may turn out to be deeply ironic, it seems that the real-life identity of Leakedsource’s principal owner may have been exposed by many of the same stolen databases he’s been peddling.

Read More
IndependentKrebs

Fast Food Chain Arby’s Acknowledges Breach


Sources at nearly a half-dozen banks and credit unions independently reached out over the past 48 hours to inquire if I’d heard anything about a data breach at Arby’s fast-food restaurants. Asked about the rumors, Arby’s told KrebsOnSecurity that it recently remediated a breach involving malicious software installed on payment card systems at hundreds of its restaurant locations nationwide.

Read More