Krebs on Security

JANUARY 27, 2020

Aleksei Burkov , an ultra-connected Russian hacker once described as “an asset of supreme importance” to Moscow, has pleaded guilty in a U.S.

Encryption 218

Encryption Government Access IT 218

Krebs on Security

JANUARY 24, 2020

If you’re running a business online, few things can be as disruptive or destructive to your brand as someone stealing your company’s domain name and doing whatever they wish with it.

Passwords 219

Passwords Encryption Authentication Communications 219

Krebs on Security

JANUARY 14, 2020

Microsoft today released updates to plug 50 security holes in various flavors of Windows and related software. The patch batch includes a fix for a flaw in Windows 10 and server equivalents of this operating system that prompted an unprecedented public warning from the U.S. National Security Agency.

Authentication 256

Authentication Security Access IT 256

Krebs on Security

JANUARY 7, 2020

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password.

Phishing 264

Phishing Passwords Authentication Access 264

Advertiser: Birst

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

IT

Krebs on Security

JANUARY 22, 2020

Apple is rolling out a new update to its iOS operating system that addresses the location privacy issue on iPhone 11 devices that was first detailed here last month. Beta versions of iOS 13.3.1

Privacy 220

Privacy IT 220

Krebs on Security

JANUARY 6, 2020

Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network.

Ransomware 250

Ransomware Passwords Authentication Insurance 250

Krebs on Security

JANUARY 28, 2020

In late December 2019, fuel and convenience store chain Wawa Inc. said a nine-month-long breach of its payment card processing systems may have led to the theft of card data from customers who visited any of its 850 locations nationwide.

Sales 162

Sales Retail Encryption Marketing 162

Krebs on Security

JANUARY 13, 2020

Anyone searching for a primer on how to spot clever phishing links need look no further than those targeting customers of Apple , whose brand by many measures remains among the most-targeted.

Phishing 226

Phishing Encryption 226

Krebs on Security

NOVEMBER 26, 2019

On Nov. 23, one of the cybercrime underground’s largest bazaars for buying and selling stolen payment card data announced the immediate availability of some four million freshly-hacked debit and credit cards.

Sales 285

Sales Retail Marketing Data breaches 285

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Personal data

Krebs on Security

NOVEMBER 25, 2019

Tiny hidden spy cameras are a common sight at ATMs that have been tampered with by crooks who specialize in retrofitting the machines with card skimmers. But until this past week I’d never heard of hidden cameras being used at gas pumps in tandem with Bluetooth-based card skimming devices.

Sales 285

Sales Encryption Security IT 285

Krebs on Security

NOVEMBER 26, 2019

Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a.gov domain versus a commercial one ending in.com or.org.

IT 284

IT Government Phishing Cybersecurity 284

Krebs on Security

NOVEMBER 22, 2019

A ransomware outbreak has besieged a Wisconsin based IT company that provides cloud data hosting, security and access management to more than 100 nursing homes across the United States.

Ransomware 285

Ransomware Data breaches Computer and Electronics Access 285

Krebs on Security

JANUARY 10, 2020

Computer and Electronics 215

Computer and Electronics Cybersecurity IT Security 215

Advertisement

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Krebs on Security

NOVEMBER 7, 2019

Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, a new study posits.

Data breaches 281

Data breaches Ransomware Cybersecurity IT 281

Krebs on Security

NOVEMBER 19, 2019

Ransomware 267

Ransomware Cloud Data breaches Cybersecurity 267

Krebs on Security

JANUARY 20, 2020

A Georgia man who co-founded a service designed to protect companies from crippling distributed denial-of-service (DDoS) attacks has pleaded to paying a DDoS-for-hire service to launch attacks against others. Tucker Preston , 22, of Macon, Ga.,

Systems administration 186

Systems administration IoT IT Security 186

Krebs on Security

NOVEMBER 18, 2019

The Russian government has for the past four years been fighting to keep 29-year-old alleged cybercriminal Alexei Burkov from being extradited by Israel to the United States.

IT 264

IT Government Encryption Communications 264

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Analytics

Krebs on Security

NOVEMBER 11, 2019

Passwords 261

Passwords Retail Encryption Data breaches 261

Krebs on Security

SEPTEMBER 27, 2019

Earlier this month, employees at more than 1,000 companies saw one or two paycheck’s worth of funds deducted from their bank accounts after the CEO of their cloud payroll provider absconded with $35 million in payroll and tax deposits from customers.

Insurance 284

Insurance Financial Services Cloud IT 284

Krebs on Security

JANUARY 9, 2020

Passwords 197

Passwords Communications Blockchain Access 197

Krebs on Security

SEPTEMBER 11, 2019

MyPayrollHR , a now defunct cloud-based payroll processing firm based in upstate New York, abruptly ceased operations this past week after stiffing employees at thousands of companies.

Financial Services 286

Financial Services Cloud Insurance Ransomware 286

Krebs on Security

AUGUST 22, 2019

On Tuesday of this week, one of the more popular underground stores peddling credit and debit card data stolen from hacked merchants announced a blockbuster new sale: More than 5.3 million new accounts belonging to cardholders from 35 U.S. states.

Sales 285

Sales Energy and Utilities Retail Encryption 285

Krebs on Security

SEPTEMBER 9, 2019

The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned.

IT 276

IT Military Government Access 276

Krebs on Security

OCTOBER 15, 2019

“ BriansClub ,” one of the largest underground stores for buying stolen credit card data, has itself been hacked.

Sales 255

Sales Marketing Retail Data breaches 255

Krebs on Security

AUGUST 27, 2019

Imperva , a leading provider of Internet firewall services that help Web sites block malicious cyberattacks, alerted customers on Tuesday that a recent data breach exposed email addresses, scrambled passwords, API keys and SSL certificates for a subset of its firewall users. Redwood Shores, Calif.-based

Cybersecurity 279

Cybersecurity Passwords Cloud Authentication 279

Krebs on Security

NOVEMBER 20, 2019

A 21-year-old Illinois man was sentenced last week to 13 months in prison for running multiple DDoS-for-hire services that launched millions of attacks over several years.

IT 232

IT 232

Krebs on Security

SEPTEMBER 3, 2019

Many spam trends are cyclical: Spammers tend to switch tactics when one method of hijacking your time and attention stops working.

Phishing 274

Phishing IT Security 274

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015.

Systems administration 236

Systems administration Marketing Sales Passwords 236

Krebs on Security

AUGUST 7, 2019

Incessantly annoying and fraudulent robocalls. Corrupt wireless company employees taking hundreds of thousands of dollars in bribes to unlock and hijack mobile phone service. Wireless providers selling real-time customer location data, despite repeated promises to the contrary.

Communications 284

Communications Authentication Privacy Sales 284

Krebs on Security

JULY 30, 2019

Federal prosecutors this week charged a Seattle woman with stealing data from more than 100 million credit applications made with Capital One Financial Corp. Incredibly, much of this breach played out publicly over several months on social media and other open online platforms.

Cloud 285

Cloud Mining Insurance Data breaches 285

Krebs on Security

AUGUST 5, 2019

If you bank online and choose weak or re-used passwords, there’s a decent chance your account could be pilfered by cyberthieves — even if your bank offers multi-factor authentication as part of its login process.

Passwords 281

Passwords Risk Authentication Phishing 281

Krebs on Security

JULY 24, 2019

Nearly three dozen journalists at a broad range of major publications have been targeted by a far-right group that maintains a Deep Web database listing the personal information of people who threaten their views.

Government 286

Government IT Security 286

Krebs on Security

JULY 19, 2019

Cloud hosting provider iNSYNQ says it is trying to recover from a ransomware attack that shut down its network and has left customers unable to access their accounting data for the past three days.

Ransomware 284

Ransomware Cloud Cybersecurity Encryption 284

Krebs on Security

JULY 22, 2019

Big-three credit bureau Equifax has reportedly agreed to pay at least $650 million to settle lawsuits stemming from a 2017 breach that let intruders steal personal and financial data on roughly 148 million Americans.

Data breaches 283

Data breaches Sales Cybersecurity IT 283

Krebs on Security

DECEMBER 16, 2019

As if the scourge of ransomware wasn’t bad enough already: Several prominent purveyors of ransomware have signaled they plan to start publishing data stolen from victims who refuse to pay up.

Ransomware 202

Ransomware Data breaches Encryption Paper 202

Krebs on Security

AUGUST 12, 2019

The U.S. Securities and Exchange Commissio n (SEC) is investigating a security failure on the Web site of real estate title insurance giant First American Financial Corp.

Insurance 271

Insurance Authentication Access Cybersecurity 271