BrianKrebs – Page 71 – WindowsTechs.com

Nuclear Bot Author Arrested in Sextortion Case

Posted on December 17, 2019 by BrianKrebs

Last summer, a wave of sextortion emails began flooding inboxes around the world. The spammers behind this scheme claimed they’d hacked your computer and recorded videos of you watching porn, and promised to release the embarrassing footage to all your contacts unless a bitcoin demand was paid. Now, French authorities say they’ve charged two men they believe are responsible for masterminding this scam. One of them is a 21-year-old hacker interviewed by KrebsOnSecurity in 2017 who openly admitted to authoring a banking trojan called “Nuclear Bot.” Continue reading Nuclear Bot Author Arrested in Sextortion Case→

Ransomware Gangs Now Outing Victim Businesses That Don’t Pay Up

Posted on December 17, 2019 by BrianKrebs

As if the scourge of ransomware wasn’t bad enough already: Several prominent purveyors of ransomware have signaled they plan to start publishing data stolen from victims who refuse to pay up. To make matters worse, one ransomware gang has now created a public Web site identifying recent victim companies that have chosen to rebuild their operations instead of acquiescing to their tormentors. Continue reading Ransomware Gangs Now Outing Victim Businesses That Don’t Pay Up→

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

Posted on December 16, 2019 by BrianKrebs

The U.S. Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “Evil Corp” and stole roughly $100 million from businesses and consumers. As it happens, for several years KrebsOnSecurity closely monitored the day-to-day communications and activities of the accused and his accomplices. What follows is an insider’s look at the back-end operations of this gang. Continue reading Inside ‘Evil Corp,’ a $100M Cybercrime Menace→

The Great $50M African IP Address Heist

Posted on December 11, 2019 by BrianKrebs

A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions of dollars worth of the increasingly scarce resource to online marketers. The allegations stemmed from a three-year investigation by a U.S.-based researcher whose findings shed light on a murky area of Internet governance that is all too often exploited by spammers and scammers alike. Continue reading The Great $50M African IP Address Heist→

Patch Tuesday, December 2019 Edition

Posted on December 11, 2019 by BrianKrebs

Microsoft today released updates to plug three dozen security holes in its Windows operating system and other software. The patches include fixes for seven critical bugs — those that can be exploited by malware or miscreants to take control over a Windows system with no help from users — as well as another flaw in most versions of Windows that is already being exploited in active attacks. Continue reading Patch Tuesday, December 2019 Edition→

CISO Magazine Honors KrebsOnSecurity

Posted on December 10, 2019 by BrianKrebs

CISO Magazine, a publication dedicated to covering issues near and dear to corporate chief information security officers everywhere, has graciously awarded this author the designation of “Cybersecurity Person of the Year” in its December 2019 issue. Continue reading CISO Magazine Honors KrebsOnSecurity→

Ransomware at Colorado IT Provider Affects 100+ Dental Offices

Posted on December 7, 2019 by BrianKrebs

A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack this week that is disrupting operations for more than 100 dentistry practices, KrebsOnSecurity has learned.

Multiple sources affected say their IT provider, Englewood, Colo. based Complete Technology Solutions (CTS), was hacked, allowing a potent strain of ransomware known as “Sodinokibi” or “rEvil” to be installed on computers at more than 100 dentistry businesses that rely on the company for a range of services — including network security, data backup and voice-over-IP phone service. Continue reading Ransomware at Colorado IT Provider Affects 100+ Dental Offices→

Apple Explains Mysterious iPhone 11 Location Requests

Posted on December 5, 2019 by BrianKrebs

KrebsOnSecurity ran a story this week that puzzled over Apple’s response to inquiries about a potential privacy leak in its new iPhone 11 line, in which the devices appear to intermittently seek the user’s location even when all applications and system… Continue reading Apple Explains Mysterious iPhone 11 Location Requests→

The iPhone 11 Pro’s Location Data Puzzler

Posted on December 4, 2019 by BrianKrebs

One of the more curious behaviors of Apple’s new iPhone 11 Pro is that it intermittently seeks the user’s location information even when all applications and system services on the phone are individually set to never request this data. Apple says this is by design, but that response seems at odds with the company’s own privacy policy. Continue reading The iPhone 11 Pro’s Location Data Puzzler→

It’s Way Too Easy to Get a .gov Domain Name

Posted on November 27, 2019 by BrianKrebs

Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a .gov domain versus a commercial one ending in .com or .org. But a recent experience suggests this trust may be severely misplaced, and that it is relatively straightforward for anyone to obtain their very own .gov domain. Continue reading It’s Way Too Easy to Get a .gov Domain Name→