Hot Topics

Syndicated Blog

Krebs on Security
In-depth security news and investigation
https://krebsonsecurity.com
Phishing Domains Tanked After Meta Sued Freenom

Phishing Domains Tanked After Meta Sued Freenom

| | A Little Sunshine, AWPG Ecrime Exchange, Dave Piscitello, Freenom, Interisle Consulting Group, mastodon, Meta, NameCheap, OpenPhish, phishtank, spamhaus
The number of phishing websites tied to domain name registrar Freenom dropped precipitously in the months surrounding a recent lawsuit from social networking giant Meta, which alleged the free domain name provider ...
Krebs on Security
Interview With a Crypto Scam Investment Spammer

Interview With a Crypto Scam Investment Spammer

| | Arkose Labs, Breadcrumbs, Constella Intelligence, DomainTools, [email protected], Lolzteam, mastodon, Mondi Group, moonxtrade, [email protected], Ne'er-Do-Well News, quot.pw, Renaud Chaput, Sergey Proshutinskiy, TGM, Twitter, Web Fraud 2.0, ципа
Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. What follows is an interview with a Russian hacker responsible for a series ...
Krebs on Security
Wazawaka responds.

Russian Hacker “Wazawaka” Indicted for Ransomware

| | Babuk ransomware, Boriselcin, HIVE Ransomware, LockBit ransomware, Mikhail Pavolovich Matveev, Ne'er-Do-Well News, Orange, RAMP, Uhodiransomwar, Wazawaka
A Russian man identified by KrebsOnSecurity in January 2022 as a prolific and vocal member of several top ransomware groups was the subject of two indictments unsealed by the Justice Department today ...
Krebs on Security
Re-Victimization from Police-Auctioned Cell Phones

Re-Victimization from Police-Auctioned Cell Phones

| | A Little Sunshine, Dave Levin, graykey, Propertyroom.com, University of Maryland
Countless smartphones seized in arrests and searches by police forces across the United States are being auctioned online without first having the data on them erased, a practice that can lead to ...
Krebs on Security
Microsoft Patch Tuesday, May 2023 Edition

Microsoft Patch Tuesday, May 2023 Edition

| | Adam Barnett, BlackLotus, CVE-2023-24932, CVE-2023-24941, CVE-2023-28283, CVE-2023-29325, CVE-2023-29336, Immersive Labs, Kevin Breen, rapid7, SANS Internet Storm Center, Time to Patch
Microsoft today released software updates to fix at least four dozen security holes in its Windows operating systems and other software, including patches for two zero-day vulnerabilities that are already being exploited ...
Krebs on Security
Feds Take Down 13 More DDoS-for-Hire Services

Feds Take Down 13 More DDoS-for-Hire Services

| | Angel Manuel Colon Jr., booters, Cambridge University Cybercrime Center, Cory Anthony Palmer, DDoS-for-hire, FBI, Jeremiah Sam Evans Miller, John M. Dobbs, Matthew Gatrel, Ne'er-Do-Well News, Richard Clayton, Shamar Shattock, stressers, U.S. Department of Justice
The U.S. Federal Bureau of Investigation (FBI) this week seized 13 domain names connected to “booter” services that let paying customers launch crippling distributed denial-of-service (DDoS) attacks. Ten of the domains are ...
Krebs on Security
$10M Is Yours If You Can Get This Guy to Leave Russia

$10M Is Yours If You Can Get This Guy to Leave Russia

| | 79608229389, A Little Sunshine, Breadcrumbs, Constella Intelligence, Denis Gennadievich Kulkov, Intel 471, Joker's stash, K022YB190, KreenJo, Mazafaka, Ne'er-Do-Well News, Nordex, Nordexin, [email protected], [email protected], Try2Check, U.S. Department of Justice, U.S. Department of State, U.S. Secret Service, Unicc, Vault Market
The U.S. government this week put a $10 million bounty on the head of a Russian man who for the past 18 years operated Try2Check, one of the cybercrime underground's most trusted ...
Krebs on Security
Promising Jobs at the U.S. Postal Service, ‘US Job Services’ Leaks Customer Data

Promising Jobs at the U.S. Postal Service, ‘US Job Services’ Leaks Customer Data

| | Breadcrumbs, Farmer's Market, federaljobscenter.com, Gary Plott, Latest Warnings, Muhammed Tabish Mirza, Nextlevelsupportcenters, Postal Career Placement LLC, Postal Job Services Inc., Postal Operations Inc., Russell Ramage, Ryan Rawls, Smart Logistics, Stephanie Dayton, [email protected], U.S. Federal Trade Commission, United States Postal Service, US Job Services, USPS, USPS jobs
A sprawling online company based in Georgia that has made tens of millions of dollars purporting to sell access to jobs at the United States Postal Service (USPS) has exposed its internal ...
Krebs on Security
Many Public Salesforce Sites are Leaking Private Data

Many Public Salesforce Sites are Leaking Private Data

| | A Little Sunshine, Charan Akiri, DC Health, DC Health Link, Huntington Bank, Latest Warnings, Matthew Jennings, Mike Rupert, Salesforce Community websites, Scott Carbee, TCF Bank, The Coming Storm, Time to Patch, Vermont
A shocking number of organizations -- including banks and healthcare providers -- are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures all stem ...
Krebs on Security
3CX Breach Was a Double Supply Chain Compromise

3CX Breach Was a Double Supply Chain Compromise

| | 3CX, A Little Sunshine, ClearSky Security, Diamond Sleet, double supply chain breach, Elastic Security, ESET, ICONICSTEALER, Kaspersky Lab, kim zetter, Latest Warnings, macos, Mandiant, Marc-Etienne M.Leveille, Microsoft, Ne'er-Do-Well News, Peter Kalnai, supply chain, The Coming Storm, Trading Technologies, X_Trader, zero-day, ZINC
We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North ...
Krebs on Security
Load more