Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach
BrianKrebs | | 1Password, A Little Sunshine, AdBlock Plus, Ars Technica, Chainalysis, Data breaches, Karim Toubba, lastpass breach, MetaMask, Nicholas Weaver, Nick Bax, Plex, Taylor Monahan, The Coming Storm, Unciphered, Web Fraud 2.0, Wladimir Palant
In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a ...
Why is .US Being Used to Phish So Many of Us?
BrianKrebs | | A Little Sunshine, Coalition for Online Accountability, Dean Marks, GoDaddy, Interisle Consulting Group, National Telecommunications and Information Administration, The Coming Storm, U.S. Department of Commerce, Web Fraud 2.0
Domain names ending in “.US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen ...
U.S. Hacks QakBot, Quietly Removes Botnet Infections
BrianKrebs | | DOJ, Don Alway, FBI, Federal Bureau of Investigation, Latest Warnings, Martin Estrada, Qakbot, Qbot, Ransomware, The Coming Storm, U.S. Department of Justice
The U.S. government today announced a coordinated crackdown against QakBot, a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. The international law enforcement operation involved ...
Kroll Employee SIM-Swapped for Crypto Investor Data
BrianKrebs | | A Little Sunshine, BlockFi, Data breaches, FTX, Kroll breach, Latest Warnings, SIM swapping, T-Mobile
Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services ...
Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.
BrianKrebs | | Assetnote, Canary Tokens, Cisco Talos, Haroon Meer, Hazel Burton, Ransomware, Security Tools, Shubham Shah, The Coming Storm, Thinkst
In large metropolitan areas, tourists are often easy to spot because they're far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is ...
Karma Catches Up to Global Phishing Service 16Shop
BrianKrebs | | 16Shop, Akamai, BandungXploiter, Breadcrumbs, Constella Intelligence, Cyberthread.id, Devilscream, FBI, Interpol, mcafee, Ne'er-Do-Well News, Riswanda Noor Supatra, Rizky Mauluna Sidik, Web Fraud 2.0
You've probably never heard of "16Shop," but there's a good chance someone using it has tried to phish you. Last week, the international police organization INTERPOL said it had shuttered the notorious ...
Diligere, Equity-Invest Are New Firms of U.K. Con Man
BrianKrebs | | Ardelis Solutions, Codes2You, Diligere, Equity-Invest, John Bernard, John Clifton Davies, Ne'er-Do-Well News, The Inside Knowledge
John Clifton Davies, a convicted fraudster estimated to have bilked dozens of technology startups out of more than $30 million through phony investment schemes, has a brand new pair of scam companies ...
Microsoft Patch Tuesday, August 2023 Edition
BrianKrebs | | adobe, CVE-2023-21709, CVE-2023-36884, CVE-2023-36910, CVE-2023-38180, Immersive Labs, Microsoft, Microsoft Patch Tuesday August 2023, Nikolas Cemerikic, Satnam Narang, Security Tools, Tenable, Time to Patch
Microsoft Corp. today issued software updates to plug more than 70 security holes in its Windows operating systems and related products, including a patch that addresses multiple zero-day vulnerabilities currently being exploited ...
Meet the Brains Behind the Malware-Friendly AI Chat Service ‘WormGPT’
BrianKrebs | | A Little Sunshine, Arctic Stealer, Breadcrumbs, ChatGPT, Daniel Kelley, DCRat, Google Bard, Hackforums, large language models, LLMs, Rafael Morais, ruiunashackers, The Coming Storm, WormGPT
WormGPT, a private new chatbot service advertised as a way to use Artificial Intelligence (AI) to help write malicious software without all the pesky prohibitions on such activity enforced by ChatGPT and ...
Teach a Man to Phish and He’s Set for Life
BrianKrebs | | A Little Sunshine, Check Point Software, Latest Warnings, linkedin, Microsoft, Microsoft 365, Phishing, right to left override, Web Fraud 2.0
One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. Like attaching a phishing email to a ...