A Little Sunshine – WindowsTechs.com

How Each Pillar of the 1st Amendment is Under Attack

Posted on March 31, 2025 by BrianKrebs

In an address to Congress this month, President Trump claimed he had “brought free speech back to America.” But barely two months into his second term, the president has waged an unprecedented attack on the First Amendment rights of journalists, students, universities, government workers, lawyers and judges.

This story explores a slew of recent actions by the Trump administration that threaten to undermine all five pillars of the First Amendment to the U.S. Constitution, which guarantees freedoms concerning speech, religion, the media, the right to assembly, and the right to petition the government and seek redress for wrongs. Continue reading How Each Pillar of the 1st Amendment is Under Attack→

When Getting Phished Puts You in Mortal Danger

Posted on March 27, 2025 by BrianKrebs

Many successful phishing attacks result in a financial loss or malware infection. But falling for some phishing scams, like those currently targeting Russians searching online for organizations that are fighting the Kremlin war machine, can cost you your freedom or your life. Continue reading When Getting Phished Puts You in Mortal Danger→

Arrests in Tap-to-Pay Scheme Powered by Phishing

Posted on March 21, 2025 by BrianKrebs

Authorities in at least two U.S. states last week independently announced arrests of Chinese nationals accused of perpetrating a novel form of tap-to-pay fraud using mobile devices. Details released by authorities so far indicate the mobile wallets being used by the scammers were created through online phishing scams, and that the accused were relying on a custom Android app to relay tap-to-pay transactions from mobile devices located in China. Continue reading Arrests in Tap-to-Pay Scheme Powered by Phishing→

DOGE to Fired CISA Staff: Email Us Your Personal Data

Posted on March 20, 2025 by BrianKrebs

A message posted on Monday to the homepage of the U.S. Cybersecurity & Infrastructure Security Agency (CISA) is the latest exhibit in the Trump administration’s continued disregard for basic cybersecurity protections. The message instructed recently-fired CISA employees to get in touch so they can be rehired and then immediately placed on leave, asking employees to send their Social Security number or date of birth in a password-protected email attachment — presumably with the password needed to view the file included in the body of the email. Continue reading DOGE to Fired CISA Staff: Email Us Your Personal Data→

Feds Link $150M Cyberheist to 2022 LastPass Hacks

Posted on March 8, 2025 by BrianKrebs

In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing this week, U.S. federal agents investigating a spectacular $150 million cryptocurrency heist said they had reached the same conclusion. Continue reading Feds Link $150M Cyberheist to 2022 LastPass Hacks→

Who is the DOGE and X Technician Branden Spikes?

Posted on March 7, 2025 by BrianKrebs

At 49, Branden Spikes isn’t just one of the oldest technologists who has been involved in Elon Musk’s Department of Government Efficiency (DOGE). As the current director of information technology at X/Twitter and an early hire at PayPal, Zip2, Tesla and SpaceX, Spikes is also among Musk’s most loyal employees. Here’s a closer look at this trusted Musk lieutenant, whose Russian ex-wife was once married to Elon’s cousin. Continue reading Who is the DOGE and X Technician Branden Spikes?→

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Posted on February 28, 2025 by BrianKrebs

One of the most notorious providers of abuse-friendly “bulletproof” web hosting for cybercriminals has started routing its operations through networks run by the Russian antivirus and security firm Kaspersky Lab, KrebsOnSecurity has learned. Continue reading Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab→

Trump 2.0 Brings Cuts to Cyber, Consumer Protections

Posted on February 23, 2025 by BrianKrebs

One month into his second term, President Trump’s actions to shrink the government through mass layoffs, firings and withholding funds allocated by Congress have thrown federal cybersecurity and consumer protection programs into disarray. At the same time, agencies are battling an ongoing effort by the world’s richest man to wrest control over their networks and data. Continue reading Trump 2.0 Brings Cuts to Cyber, Consumer Protections→

How Phished Data Turns into Apple & Google Wallets

Posted on February 18, 2025 by BrianKrebs

Carding — the underground business of stealing, selling and swiping stolen payment card data — has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores. Continue reading How Phished Data Turns into Apple & Google Wallets→

Nearly a Year Later, Mozilla is Still Promoting OneRep

Posted on February 13, 2025 by BrianKrebs

In mid-March 2024, KrebsOnSecurity revealed that the founder of the personal data removal service Onerep also founded dozens of people-search companies. Shortly after that investigation was published, Mozilla said it would stop bundling Onerep with the Firefox browser and wind down its partnership. But nearly a year later, Mozilla is still promoting it to Firefox users. Continue reading Nearly a Year Later, Mozilla is Still Promoting OneRep→