Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](|AS14618) to the bottom mailbox to add to the whitelist


2022-06-29 02:33   The Link Between AWM Proxy & the Glupteba Botnet    #Krebs on Security #安全文章 On December 7, 2021, Google announced it had sued two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. That same day, AWM Proxy -- a 14-year-old anonymity service that rents hacked PCs to cyberc

2022-06-22 21:06   Meet the Administrators of the RSOCKS Proxy Botnet    #Krebs on Security #安全文章 Authorities in the United States, Germany, the Netherlands and the U.K. last week said they dismantled the "RSOCKS" botnet, a collection of millions of hacked devices that were sold as "proxies" to cybercriminals looking for ways to route their malicious traffic through someone else's computer. Whil

2022-06-21 01:56   Why Paper Receipts are Money at the Drive-Thru    #Krebs on Security #安全文章 Check out the handmade sign posted to the front door of a shuttered Jimmy John's sandwich chain shop in Missouri last week. See if you can tell from the store owner's message what happened.

2022-06-15 12:52   Microsoft Patch Tuesday, June 2022 Edition    #Krebs on Security #安全文章 Microsoft on Tuesday released software updates to fix 60 security vulnerabilities in its Windows operating systems and other software, including a zero-day flaw in all supported Microsoft Office versions on all flavors of Windows that's seen active exploitation for at least two months now. On a ligh

2022-06-15 03:53   Ransomware Group Debuts Searchable Victim Data    #Krebs on Security #安全文章 Cybercrime groups that specialize in stealing corporate data and demanding a ransom not to publish it have tried countless approaches to shaming their victims into paying. The latest innovation in ratcheting up the heat comes from the ALPHV/BlackCat ransomware group, which has traditionally publishe

2022-06-14 08:09   “Downthem” DDoS-for-Hire Boss Gets 2 Years in Prison    #Krebs on Security #安全文章 A 33-year-old Illinois man was sentenced to two years in prison today following his conviction last year for operating services that allowed paying customers to launch powerful distributed denial-of-service (DDoS) attacks against hundreds of thousands of Internet users and websites.

2022-06-11 08:04   Adconion Execs Plead Guilty in Federal Anti-Spam Case    #Krebs on Security #安全文章 On the eve of their federal criminal trial for allegedly stealing vast swaths of Internet addresses for use in large-scale email spam campaigns, three current or former executives at online advertising firm Adconion Direct have agreed to plead guilty to lesser misdemeanor charges of fraud and misrep

2022-06-07 22:58   KrebsOnSecurity in New Netflix Series on Cybercrime    #Krebs on Security #安全文章 Netflix has a new documentary series airing next week -- "Web of Make Believe: Death, Lies & the Internet" -- in which Yours Truly apparently has a decent amount of screen time. The debut episode explores the far-too-common harassment tactic of "swatting" -- wherein fake bomb threats or hostage

2022-06-04 03:33   What Counts as “Good Faith Security Research?”    #Krebs on Security #安全文章 The U.S. Department of Justice (DOJ) recently revised its policy on charging violations of the Computer Fraud and Abuse Act (CFAA), a 1986 law that remains the primary statute by which federal prosecutors pursue cybercrime cases. The new guidelines state that prosecutors should avoid charging securi

2022-06-01 03:57   Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions    #Krebs on Security #安全文章 Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware g

2022-05-19 00:55   Senators Urge FTC to Probe Over Selfie Data    #Krebs on Security #安全文章 Some of more tech-savvy Democrats in the U.S. Senate are asking the Federal Trade Commission (FTC) to investigate identity-proofing company for "deceptive statements" the company and its founder allegedly made over how they handle facial recognition data collected on behalf of the Internal Rev

2022-05-18 09:07   When Your Smart ID Card Reader Comes With Malware    #Krebs on Security #安全文章 Millions of U.S. government employees and contractors have been issued a secure smart ID card that enables physical access to buildings and controlled spaces, and provides access to government computer networks and systems at the cardholder's appropriate security level. But many government employees

2022-05-12 19:00   DEA Investigating Breach of Law Enforcement Data Portal    #Krebs on Security #安全文章 The U.S. Drug Enforcement Administration (DEA) says it is investigating reports that hackers gained unauthorized access to an agency portal that taps into 16 different federal law enforcement databases. KrebsOnSecurity has learned the alleged compromise is tied to a cybercrime and online harassment

2022-05-11 10:34   Microsoft Patch Tuesday, May 2022 Edition    #Krebs on Security #安全文章 Microsoft today released updates to fix at least 74 separate security problems in its Windows operating systems and related software. This month's patch batch includes fixes for seven "critical" flaws, as well as a zero-day vulnerability that affects all supported versions of Windows.

2022-05-07 21:31   Your Phone May Soon Replace Many of Your Passwords    #Krebs on Security #安全文章 Apple, Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphones to sign in to websites or online services. Experts say the changes should help defeat many types of phi