The Coming Storm – Computer Security Articles

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

December 19, 2024 admin 0 Comments A Little Sunshine, acunetix, altug sara, altugsara321@gmail.com, araneida scanner, bilitro yazilim, Breadcrumbs, domaintools, FIN7, invicti security, matt sciberras, Ne'er-Do-Well News, neil roseman, ori0nbusiness@protonmail.com, silent push, The Coming Storm, u.s. department of health and human services, zach edwards

Credit to Author: BrianKrebs| Date: Thu, 19 Dec 2024 17:07:30 +0000

Cybercriminals are selling hundreds of thousands of credential sets stolen with the help of a cracked version of Acunetix, a powerful commercial web app vulnerability scanner, new research finds. The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey.

Independent Krebs

Why Phishers Love New TLDs Like .shop, .top and .xyz

December 3, 2024 admin @chenlun, A Little Sunshine, and mobile anti-abuse working group, Anti-Phishing Working Group, coalition against unsolicited commercial email, ICANN, interisle consulting, Internet Corporation for Assigned Names and Numbers, John Levine, Latest Warnings, malware, messaging, new gtlds, phishing, spam, The Coming Storm, U.S. Postal Service

Credit to Author: BrianKrebs| Date: Tue, 03 Dec 2024 13:27:31 +0000

Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds. Meanwhile, the nonprofit entity that oversees the domain name industry is moving forward with plans to introduce a slew of new gTLDs.

Independent Krebs

Hacker in Snowflake Extortions May Be a U.S. Soldier

November 26, 2024 admin A Little Sunshine, AT&T, boxfan, buttholio, connor riley moucka, cyb3rph4nt0m, ddos-for-hire, john erin binns, judische, kiberphant0m, naver, Ne'er-Do-Well News, proman557, ransomware, reverseshell, shi-bot, snowflake, South korea, telekomterrorist, The Coming Storm, vars_secc, Verizon, waifu

Credit to Author: BrianKrebs| Date: Wed, 27 Nov 2024 00:45:48 +0000

Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect — a prolific hacker known as Kiberphant0m — remains at large and continues to publicly extort victims. However, this person’s identity may not remain a secret for long: A careful review of Kiberphant0m’s daily chats across multiple cybercrime personas suggests they are a U.S. Army soldier who is or was recently stationed in South Korea.

Independent Krebs

Fintech Giant Finastra Investigating Data Breach

November 19, 2024 admin abyss0, breachforums, data breaches, finastra, ke-la.com, Latest Warnings, Ne'er-Do-Well News, The Coming Storm

Credit to Author: BrianKrebs| Date: Wed, 20 Nov 2024 01:12:15 +0000

The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of a potential breach after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company.

Independent Krebs

FBI: Spike in Hacked Police Emails, Fake Subpoenas

November 9, 2024 admin A Little Sunshine, emergency data request, fake edr, FBI, kodex, Latest Warnings, matt donahue, pwnstar, The Coming Storm, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Sat, 09 Nov 2024 19:20:26 +0000

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based technology companies.

Independent Krebs

Booking.com Phishers May Leave You With Reservations

November 1, 2024 admin A Little Sunshine, booking.com, Latest Warnings, phishing, secureworks, spear phishing, The Coming Storm, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Fri, 01 Nov 2024 21:12:38 +0000

A number of cybercriminal innovations are making it easier for scammers to cash in on your upcoming travel plans. This story examines a recent spear-phishing campaign that ensued when a California hotel had its booking.com credentials stolen. We’ll also explore an array of cybercrime services aimed at phishers who target hotels that rely on the world’s most visited travel website.

Independent Krebs

Change Healthcare Breach Hits 100M Americans

October 30, 2024 admin alphv, anthem inc., blackcat, data breaches, Equifax, Experian, hipaa journal, idx, Latest Warnings, ransomhub, sen. mark warner, Sen. Ron Wyden, The Coming Storm, TransUnion, u.s. department of health and human resources, united health group

Credit to Author: BrianKrebs| Date: Wed, 30 Oct 2024 13:34:08 +0000

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information.

Independent Krebs

The Global Surveillance Free-for-All in Mobile Ad Data

October 23, 2024 admin A Little Sunshine, accuweather, adx, android advertising id, app tracking transparency, apple, Associated Press, bid request, br24, daniel's law, Electronic Frontier Foundation, eva galperin, fog reveal, gasbuddy, google, Grindr, identifier for advertisers, judge andrew f. wilkinson judicial security act, justin sherman, justyna maloney, Latest Warnings, macy's, maid, mobile advertising id, MyFitnessPal, netzpolitik.org, scott maloney, Sen. Ron Wyden, silentpush, tangles, The Coming Storm, troutman pepper, U.S. Securities and Exchange Commission, webloc, zach edwards

Credit to Author: BrianKrebs| Date: Wed, 23 Oct 2024 11:30:18 +0000

Not long ago, the ability to remotely track someone’s daily movements just by knowing their home address, employer, or place of worship was considered a powerful surveillance tool that should only be in the purview of nation states. But a new lawsuit in a likely constitutional battle over a New Jersey privacy law shows that anyone can now access this capability, thanks to a proliferation of commercial services that hoover up the digital exhaust emitted by widely-used mobile apps and websites.

← Previous