The Dark Nexus Between Harm Groups and ‘The Com’

Credit to Author: BrianKrebs| Date: Fri, 13 Sep 2024 12:16:45 +0000

A cyberattack that shut down some of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023: It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia. But that made-for-Hollywood narrative has eclipsed a far more hideous trend: Many of these young, Western cybercriminals are also members of fast-growing online groups that exist solely to bully, stalk, harass and extort vulnerable teens into physically harming themselves and others.

Read more

Crooks Steal Phone, SMS Records for Nearly All AT&T Customers

Credit to Author: BrianKrebs| Date: Fri, 12 Jul 2024 18:12:20 +0000

AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T said it delayed disclosing the incident in response to “national security and public safety concerns,” noting that some of the records included data that could be used to determine where a call was made or text message sent. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).

Read more

Hackers Steal Phone, SMS Records for Nearly All AT&T Customers

Credit to Author: BrianKrebs| Date: Fri, 12 Jul 2024 18:12:20 +0000

AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T said it delayed disclosing the incident in response to “national security and public safety concerns,” noting that some of the records included data that could be used to determine where a call was made or text message sent. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).

Read more

Law enforcement app SweepWizard leaks data on crime suspects

Categories: News

Tags: Erik McCauley

Tags: SweetWizard

Tags: law enforcement app

Tags: ODIN Intelligence

Tags: Wired

SweepWizard, an app designed to assist law enforcement is causing a bit of trouble, was found inadvertently leaking sweeping data for years.

(Read more…)

The post Law enforcement app SweepWizard leaks data on crime suspects appeared first on Malwarebytes Labs.

Read more

Hacker Charged With Extorting Online Psychotherapy Service

Credit to Author: BrianKrebs| Date: Thu, 03 Nov 2022 14:43:22 +0000

A 25-year-old Finnish man has been charged with extorting a once popular and now-bankrupt online psychotherapy company and its patients. Finnish authorities rarely name suspects in an investigation, but they were willing to make an exception for Julius “Zeekill” Kivimaki, a notorious hacker who — at the tender age of 17 — had been convicted of more than 50,000 cybercrimes, including data breaches, payment fraud, operating botnets, and calling in bomb threats.

Read more

The Original APT: Advanced Persistent Teenagers

Credit to Author: BrianKrebs| Date: Wed, 06 Apr 2022 17:55:38 +0000

Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. But few organizations have a playbook for responding to the kinds of virtual “smash and grab” attacks we’ve seen recently from LAPSUS$, a juvenile data extortion group whose short-lived, low-tech and remarkably effective tactics are putting some of the world’s biggest corporations on edge.

Read more

Who Owns Your Wireless Service? Crooks Do.

Credit to Author: BrianKrebs| Date: Wed, 07 Aug 2019 22:43:58 +0000

Incessantly annoying and fraudulent robocalls. Corrupt wireless company employees taking hundreds of thousands of dollars in bribes to unlock and hijack mobile phone service. Wireless providers selling real-time customer location data, despite repeated promises to the contrary. A noticeable uptick in SIM-swapping attacks that lead to multi-million dollar cyberheists. If you are somehow under the impression that you — the customer — are in control over the security, privacy and integrity of your mobile phone service, think again. And you’d be forgiven if you assumed the major wireless carriers or federal regulators had their hands firmly on the wheel.

Read more

Bug Bounty Hunter Ran ISP Doxing Service

Credit to Author: BrianKrebs| Date: Fri, 09 Nov 2018 20:52:01 +0000

A Connecticut man who’s earned “bug bounty” rewards and public recognition from top telecom companies for finding and reporting security holes in their Web sites secretly operated a service that leveraged these same flaws to sell their customers’ personal data, KrebsOnSecurity has learned.

Read more