Syndicated Blog - Security Boulevard

Syndicated Blog

Krebs on Security
In-depth security news and investigation
Who Is the Network Access Broker ‘Babam’?

Who Is the Network Access Broker ‘Babam’?

Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. More commonly, that access is purchased from a cybercriminal broker who specializes in stealing remote access credentials ...
Ubiquiti Developer Charged With Extortion, Causing 2020 “Breach”

Ubiquiti Developer Charged With Extortion, Causing 2020 “Breach”

In January 2021, technology vendor Ubiquiti Inc. [NYSE:UI] disclosed that a breach at a third party cloud provider had exposed customer account credentials. In March, a Ubiquiti employee warned that the company ...
The Internet is Held Together With Spit & Baling Wire

The Internet is Held Together With Spit & Baling Wire

Imagine being able to disconnect or redirect Internet traffic destined for some of the world's largest companies -- just by spoofing an email. This is the nature of a threat vector recently ...
Arrest in ‘Ransom Your Employer’ Email Scheme

Arrest in ‘Ransom Your Employer’ Email Scheme

In August, KrebsOnSecurity warned that scammers were contacting people and asking them to unleash ransomware inside their employer's network, in exchange for a percentage of any ransom amount paid by the victim ...
The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim's funds via Zelle, a "peer-to-peer" (P2P) payment service used by many financial institutions that allows ...
Tech CEO Pleads to Wire Fraud in IP Address Scheme

Tech CEO Pleads to Wire Fraud in IP Address Scheme

The CEO of a South Carolina technology firm has pleaded guilty to 20 counts of wire fraud in connection with an elaborate network of phony companies set up to obtain more than ...
Hoax Email Blast Abused Poor Coding in FBI Website

Hoax Email Blast Abused Poor Coding in FBI Website

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. According to an ...
SMS About Bank Fraud as a Pretext for Voice Phishing

SMS About Bank Fraud as a Pretext for Voice Phishing

Most of us have probably heard the term "smishing" -- which is a portmanteau for traditional phishing scams sent through SMS text messages. Smishing messages usually include a link to a site ...
Microsoft Patch Tuesday, November 2021 Edition

Microsoft Patch Tuesday, November 2021 Edition

Microsoft Corp. today released updates to quash at least 55 security bugs in its Windows operating systems and other software. Two of the patches address vulnerabilities that are already being used in ...
REvil Ransom Arrest, $6M Seizure, and $10M Reward

REvil Ransom Arrest, $6M Seizure, and $10M Reward

The U.S. Department of Justice said today it arrested a Ukrainian man who deployed ransomware on behalf of the REvil ransomware gang, a Russian cybercriminal collective that has extorted hundreds of millions ...