BrianKrebs – Page 56 – WindowsTechs.com

Hamas May Be Threat to 8chan, QAnon Online

Posted on January 5, 2021 by BrianKrebs

In October 2020, KrebsOnSecurity looked at how a web of sites connected to conspiracy theory movements QAnon and 8chan were being kept online by DDoS-Guard, a dodgy Russian firm that also hosts the official site for the terrorist group Hamas. New research shows DDoS-Guard relies on data centers provided by a U.S.-based publicly traded company, which experts say could be exposed to civil and criminal liabilities as a result of DDoS-Guard’s business with Hamas. Continue reading Hamas May Be Threat to 8chan, QAnon Online→

Happy 11th Birthday, KrebsOnSecurity!

Posted on December 30, 2020 by BrianKrebs

Today marks the 11th anniversary of KrebsOnSecurity! Thank you, Dear Readers, for your continued encouragement and support! With the ongoing disruption to life and livelihood wrought by the Covid-19 pandemic, 2020 has been a fairly horrid year by most accounts. And it’s perhaps fitting that this was also a leap year, piling on an extra […] Continue reading Happy 11th Birthday, KrebsOnSecurity!→

VMware Flaw a Vector in SolarWinds Breach?

Posted on December 18, 2020 by BrianKrebs

U.S. government cybersecurity agencies warned this week that the attackers behind the widespread hacking spree stemming from the compromise at network software firm SolarWinds used weaknesses in other, non-SolarWinds products to attack high-value targets. According to sources, among those was a flaw in software virtualization platform VMware, which the U.S. National Security Agency (NSA) warned on Dec. 7 was being used by Russian hackers to impersonate authorized users on victim networks. Continue reading VMware Flaw a Vector in SolarWinds Breach?→

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’

Posted on December 16, 2020 by BrianKrebs

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned. Continue reading Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’→

SolarWinds Hack Could Affect 18K Customers

Posted on December 15, 2020 by BrianKrebs

The still-unfolding breach at network management software firm SolarWinds may have resulted in malicious code being pushed to nearly 18,000 customers, the company said in a legal filing on Monday. Meanwhile, Microsoft should soon have some idea which and how many SolarWinds customers were affected, as it recently took possession of a key domain name used by the intruders to control infected systems. Continue reading SolarWinds Hack Could Affect 18K Customers→

U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

Posted on December 14, 2020 by BrianKrebs

Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds, a security vendor that helps the federal government and a range of Fortune 500 companies monitor the health of their IT networks. Given the breadth of the company’s customer base, experts say the incident may be just the first of many such disclosures. Continue reading U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise→

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company

Posted on December 10, 2020 by BrianKrebs

Payment card processing giant TSYS suffered a ransomware attack earlier this month. Since then reams of data stolen from the company have been posted online, with the attackers promising to publish more in the coming days. But the company says the malware did not jeopardize card data, and that the incident was limited to administrative areas of its business. Continue reading Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company→

Patch Tuesday, Good Riddance 2020 Edition

Posted on December 8, 2020 by BrianKrebs

Microsoft today issued its final batch of security updates for Windows PCs in 2020, ending the year with a relatively light patch load. Nine of the 58 security vulnerabilities addressed this month earned Microsoft’s most-dire “critical” label, meaning they can be abused by malware or miscreants to seize remote control over PCs without any help from users. Continue reading Patch Tuesday, Good Riddance 2020 Edition→

IRS to Make ID Protection PIN Open to All

Posted on December 4, 2020 by BrianKrebs

The U.S. Internal Revenue Service (IRS) said this week that beginning in 2021 it will allow all taxpayers to apply for an identity protection personal identification number (IP PIN), a single-use code designed to block identity thieves from falsely claiming a tax refund in your name. Currently, IP PINs are issued only to those who fill out an ID theft affidavit, or to taxpayers who’ve experienced tax refund fraud in previous years. Continue reading IRS to Make ID Protection PIN Open to All→

Account Hijacking Site OGUsers Hacked, Again

Posted on December 2, 2020 by BrianKrebs

For at least the third time in its existence, OGUsers — a forum overrun with people looking to buy, sell and trade access to compromised social media accounts — has been hacked. Continue reading Account Hijacking Site OGUsers Hacked, Again→