Krebs on Security

Description:

In-depth security news and investigation

URL:

http://krebsonsecurity.com/

Catalog:

Technology → Security
Tech → Bezpečnost

Publishes:

3.5 items/week

Account Hijacking Forum OGusers Hacked

18.May
Ogusers[.]com -- a forum popular among people involved in hijacking online accounts and conducting SIM swapping attacks to seize control over victims' phone numbers -- has itself been hacked, exposing the email addresses, hashed passwords, IP addresses and private messages for nearly 113,000 forum users.

Feds Target $100M ‘GozNym’ Cybercrime Network

17.May
Law enforcement agencies in the United States and Europe today unsealed charges against 11 alleged members of the GozNym malware network, an international cybercriminal syndicate suspected of stealing $100 million from more than 41,000 victims with the help of a stealthy banking trojan by the same name.

A Tough Week for IP Address Scammers

16.May
In the early days of the Internet, there was a period when Internet Protocol 4 (IPv4) addresses (e.g. 4.4.4.4) were given out like cotton candy to anyone who asked. But these days companies are queuing up to obtain new IP space from the various regional registries that periodically dole out the prized digits. With the value of a single IP hovering between $15-$25, those registries are now fight...

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003

14.May
Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003, citing the discovery of a "wormable" flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017. The vulnerability (CVE-2019-0709) resides in the "remote desktop services...

Nine Charged in Alleged SIM Swapping Ring

10.May
Eight Americans and an Irishman have been charged with wire fraud this week for allegedly hijacking mobile phones through SIM-swapping, a form of fraud in which scammers bribe or trick employees at mobile phone stores into seizing control of the target's phone number and diverting all texts and phone calls to the attacker's mobile device. From there, the attackers simply start requesting passwo...

What’s Behind the Wolters Kluwer Tax Outage?

7.May
Early in the afternoon on Friday, May, 3, I asked a friend to relay a message to his security contact at CCH, the cloud-based tax division of the global information services firm Wolters Kluwer in the Netherlands. The message was that the same file directories containing new versions of CCH's software were open and writable by any anonymous user, and that there were suspicious files in those di...

Feds Bust Up Dark Web Hub Wall Street Market

3.May
Federal investigators in the United States, Germany and the Netherlands announced today the arrest and charging of three German nationals and a Brazilian man as the alleged masterminds behind the Wall Street Market (WSM), one of the world's largest dark web bazaars that allowed vendors to sell illegal drugs, counterfeit goods and malware. Now, at least one former WSM administrator is reportedly...

Credit Union Sues Fintech Giant Fiserv Over Security Claims

3.May
A Pennsylvania credit union is suing financial industry technology giant Fiserv, alleging that "baffling" security vulnerabilities in the company's software are "wreaking havoc" on its customers. The credit union said the investigation that fueled the lawsuit was prompted by a 2018 KrebsOnSecurity report about a glaring security weakness a Fiserv platform that exposed personal and financial det...

Data: E-Retail Hacks More Lucrative Than Ever

1.May
For many years and until quite recently, credit card data stolen from online merchants has been worth far less in the cybercrime underground than cards pilfered from hacked brick-and-mortar stores. But new data suggests that over the past year, the economics of supply-and-demand have helped to double the average price fetched by card-not-present data, meaning cybercrooks now have far more incen...

P2P Weakness Exposes Millions of IoT Devices

26.April
A peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics includes several critical security flaws that expose the devices to eavesdropping, credential theft and remote compromise, new research has found.
© 2000-2019 ANNECA s.r.o., Klíšská 977/77, 400 01 Ústí nad Labem, Tel: +420 478571021, Email: info@pravednes.cz, Twitter: @pravednes