2023-02-10 04:23   U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group    #Krebs on Security #安全文章 Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating "Trickbot," a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. The U.S. Depart

2023-02-08 06:16   KrebsOnSecurity in Upcoming Hulu Series on Ashley Madison Breach    #Krebs on Security #安全文章 KrebsOnSecurity will likely have a decent amount of screen time in an upcoming Hulu documentary series about the 2015 megabreach at marital infidelity site Ashley Madison. While I can't predict what the producers will do with the video interviews we shot, it's fair to say the series will explore tan

2023-02-06 00:14   Finland’s Most-Wanted Hacker Nabbed in France    #Krebs on Security #安全文章 Julius "Zeekill" Kivimäki, a 25-year-old Finnish man charged with extorting a local online psychotherapy practice and leaking therapy notes for more than 22,000 patients online, was arrested this week in France. A notorious hacker convicted of perpetrating tens of thousands of cybercrimes, Kivimäki

2023-01-26 03:58   Experian Glitch Exposing Credit Files Lasted 47 Days    #Krebs on Security #安全文章 On Dec. 23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer's full credit report -- armed with nothing more than a person's name, address, date of birth, and Social Security numb

2023-01-25 03:00   Administrator of RSOCKS Proxy Botnet Pleads Guilty    #Krebs on Security #安全文章 Denis Emelyantsev, a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week. The plea comes just months after Emelyantsev was ext

2023-01-20 12:09   New T-Mobile Breach Affects 37 Million Accounts    #Krebs on Security #安全文章 T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. In a filing with federal regulators, T-Mobile said an investigation determined that someone abused its systems to harvest subscriber data tied to approximately 37

2023-01-18 10:30   Thinking of Hiring or Running a Booter Service? Think Again.    #Krebs on Security #安全文章 Most people who operate DDoS-for-hire services attempt to hide their true identities and location. Proprietors of these so-called “booter” or “stresser” services — designed to knock websites and users offline — have long operated in a legally murky area of cybercrime law. But until recently, their b

2023-01-11 06:28   Microsoft Patch Tuesday, January 2023 Edition    #Krebs on Security #安全文章 Microsoft today released updates to fix nearly 100 security flaws in its Windows operating systems and other software. Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S. National Security Agency, and a critical Mic

2023-01-09 22:05   Identity Thieves Bypassed Experian Security to View Credit Reports    #Krebs on Security #安全文章 Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financi

2022-12-30 06:35   Happy 12th Birthday, KrebsOnSecurity!    #Krebs on Security #安全文章 KrebsOnSecurity turns 12 years old today. That's a crazy long time for an independent media outlet these days, but then again I'm liable to keep doing this as long as they keep letting me!Thanks to your readership and support, I was able to spend more time in 2022 on in-depth investigative stories -

2022-12-21 04:08   The Equifax Breach Settlement Offer is Real, For Now    #Krebs on Security #安全文章 Millions of people likely just received an email or snail mail notice saying they're eligible to claim a class action payment in connection with the 2017 megabreach at consumer credit bureau Equifax. Given the high volume of reader inquiries about this, it seemed worth pointing out that while this p

2022-12-20 09:24   Hacked Ring Cams Used to Record Swatting Victims    #Krebs on Security #安全文章 Two U.S. men have been charged with hacking into the Ring home security cameras of a dozen random people and then "swatting" them -- falsely reporting a violent incident at the target's address to trick local police into responding with force. Prosecutors say the duo used the compromised Ring device

2022-12-15 03:58   Six Charged in Mass Takedown of DDoS-for-Hire Sites    #Krebs on Security #安全文章 The U.S. Department of Justice (DOJ) today seized four-dozen domains that sold “booter” or “stresser” services — businesses that make it easy and cheap for even non-technical users to launch powerful Distributed Denial of Service (DDoS) attacks designed knock targets offline. The DOJ also charged si

2022-12-15 01:01   Microsoft Patch Tuesday, December 2022 Edition    #Krebs on Security #安全文章 Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The most pressing patches include a zero-day vulnerability in a Windows feature that tries to flag malicious files fr

2022-12-14 07:54   FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked    #Krebs on Security #安全文章 InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum