T-Mobile – Page 3 – Computer Security Articles

Credit to Author: Pieter Arntz| Date: Wed, 27 Jul 2022 10:32:19 +0000

T-Mobile has proposed to settle its 2021 data breach by paying $350 million, along with an incremental spend of $150 million in security.

The post T-Mobile agrees to pay customers $350 million in settlement over data breach appeared first on Malwarebytes Labs.

Independent Krebs

Fighting Fake EDRs With ‘Credit Ratings’ for Police

April 27, 2022 admin A Little Sunshine, apple, AT&T, Coinbase, discord, emergency data request, FBI, GitHub, google, kodex, LinkedIn, matt donahue, meta, microsoft, snapchat, T-Mobile, The Coming Storm, TikTok, twilio, Twitter, Verizon, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 27 Apr 2022 14:27:35 +0000

When KrebsOnSecurity last month explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media and technology providers, many security experts called it a fundamentally unfixable problem. But don’t tell that to Matt Donahue, a former FBI agent who recently quit the agency to launch a startup that aims to help tech companies do a better job screening out phony law enforcement data requests — in part by assigning trustworthiness or “credit ratings” to law enforcement authorities worldwide.

Independent Krebs

Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code

April 22, 2022 admin A Little Sunshine, amtrak, apple, bitbucket, Breadcrumbs, Dan Goodin, Doxbin, Electronic Arts, emergency data request, everlynn, Flashpoint, genesis, globant, iqor, kt, lapsus$, lapsus$ jobs, michelin, microsoft, Mobile Device Management, mox, Ne'er-Do-Well News, nvidia, recursion team, russian market, Samsung, sascar, SIM swapping, slack, source code theft, SWATting, T-Mobile, t-mobile atlas, whitedoxbin

Credit to Author: BrianKrebs| Date: Fri, 22 Apr 2022 13:09:39 +0000

KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion. LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to the tyrannical teenage leader of LAPSUS$, whose obsession with stealing and leaking proprietary computer source code from the world’s largest tech companies ultimately led to the group’s undoing.

MalwareBytes Security

TrickBot adds new trick to its arsenal: tampering with trusted texts

September 3, 2019 admin 2fa, account takeover fraud, ATO, Authy, C&C, Dell Secureworks, dynamic webinject, dyreza, emotet, Eternal Romance, EternalBlue, EternalChampion, Gold Blackburn, Google Authenticator, hasherezade, point-of-sale, port-out fraud, pos, SIM hijacking, SIM swapping, Sprint, T-Mobile, thetrick, trickbot, trickloader, trickster, Trojan.TrickBot, trojans, two-factor authentication, Verizon Wireless

Credit to Author: Jovi Umawing| Date: Tue, 03 Sep 2019 15:26:01 +0000

TrickBot’s latest feature allows it to tamper with the web sessions of users from Verizon, T-Mobile, and Sprint mobile carriers.

Categories:

Trojans

Tags: 2fa account takeover fraud ATO Authy C&C Dell Secureworks dynamic webinject dyreza emotet Eternal Romance EternalBlue EternalChampion Gold Blackburn Google Authenticator hasherezade point-of-sale port-out fraud POS SIM hijacking SIM swapping Sprint T-Mobile thetrick trickbot trickloader trickster Trojan.TrickBot two-factor authentication Verizon Wireless

MalwareBytes Security

Maine inches closer to shutting down ISP pay-for-privacy schemes

June 5, 2019 admin ACLU of Maine, AT&T, comcast, Data Privacy, data privacy laws, data privacy legislation, Facebook, google, GWI, internet service provider, ISP, L.D. 946, LD 946, Maine, Maine State Chamber of Commerce, pay-for-privacy, privacy, Ron Wyden, Senator Ron Wyden, Spectrum, Sprint, T-Mobile, Verizon, Wyden

Credit to Author: David Ruiz| Date: Wed, 05 Jun 2019 15:00:00 +0000

Unlike a data privacy proposal in the US and a new data privacy law in California, the Maine data privacy bill aimed at Internet Service Providers (ISPs) explicitly shuts down any pay-for-privacy schemes.

Categories:

Privacy

Tags: ACLU of Maine AT&T comcast Data privacy data privacy laws data privacy legislation facebook Google GWI internet service provider ISP L.D. 946 LD 946 Maine Maine State Chamber of Commerce pay-for-privacy Ron Wyden Senator Ron Wyden Spectrum Sprint T-Mobile Verizon Wyden

MalwareBytes Security

A week in security (February 4 – 8)

February 11, 2019 admin Amazon, apple, AT&T, Australia, bitcoin, bounty hunters, cryptocurrency, cryptography, cybersecurity, Do Not Track, ebooks, Facebook, google, instagram, internet, jeff bezos, John wick, kindle, messenger, safari, secure messaging, Security world, Sprint, T-Mobile, URLs, Week in security, WhatsApp, zcash, Zero-Day

Credit to Author: Malwarebytes Labs| Date: Mon, 11 Feb 2019 17:05:33 +0000

A roundup of security news from February 4 – 8, including Facebook’s secure messaging integration, Google’s changes to URLs, a scam involving the Kindle store and John Wick, and more.

Categories:

Tags: amazon Apple AT&T Australia bitcoin bounty hunters cryptocurrency cryptography cybersecurity Do Not Track ebooks facebook Google Instagram internet Jeff Bezos John wick kindle messenger safari secure messaging Sprint T-Mobile URLs whatsapp Zcash zero day

(Read more…)

The post A week in security (February 4 – 8) appeared first on Malwarebytes Labs.

Independent Krebs

Bug Bounty Hunter Ran ISP Doxing Service

November 9, 2018 admin aoler, Hackforums, Joel Ortiz, Mat Honan, Microsoft Xbox, Ne'er-Do-Well News, O&G, ogusers, Phobia, Phobias, Ryan, Ryan Stevenson, SIM swap, T-Mobile, wired

Credit to Author: BrianKrebs| Date: Fri, 09 Nov 2018 20:52:01 +0000

A Connecticut man who’s earned “bug bounty” rewards and public recognition from top telecom companies for finding and reporting security holes in their Web sites secretly operated a service that leveraged these same flaws to sell their customers’ personal data, KrebsOnSecurity has learned.

Independent Krebs

Busting SIM Swappers and SIM Swap Myths

November 6, 2018 admin A Little Sunshine, Caleb Tuttle, Christian Ferri, Erin West, John Rose, Latest Warnings, REACT Task Force, Samy Tarazi, SIM swap, T-Mobile, The Coming Storm, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 07 Nov 2018 05:49:37 +0000

KrebsOnSecurity recently had a chance to interview members of the REACT Task Force, a team of law enforcement officers and prosecutors based in Santa Clara, Calif. that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. Snippets from that fascinating conversation are recounted below, and punctuated by accounts from a recent victim who lost more than $100,000 after his mobile phone number was hijacked.