A Little Sunshine – Page 11

Who’s Behind the NetWire Remote Access Trojan?

Posted on March 9, 2023 by BrianKrebs

A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. The arrest coincided with a seizure of the NetWire sales website by the U.S. Federal Bureau of Investigation (FBI). While the defendant in this case hasn’t yet been named publicly, the NetWire website has been leaking information about the likely true identity and location of its owner for the past 11 years. Continue reading Who’s Behind the NetWire Remote Access Trojan?→

Sued by Meta, Freenom Halts Domain Registrations

Posted on March 7, 2023 by BrianKrebs

The domain name registrar Freenom, whose free domain names have long been a draw for spammers and phishers, has stopped allowing new domain name registrations. The move comes just days after the Dutch registrar was sued by Meta, which alleges the company ignores abuse complaints about phishing websites while monetizing traffic to those abusive domains. Continue reading Sued by Meta, Freenom Halts Domain Registrations→

Highlights from the New U.S. Cybersecurity Strategy

Posted on March 3, 2023 by BrianKrebs

The Biden administration today issued its vision for beefing up the nation’s collective cybersecurity posture, including calls for legislation establishing liability for software products and services that are sold with little regard for security. The White House’s new national cybersecurity strategy also envisions a more active role by cloud providers and the U.S. military in disrupting cybercriminal infrastructure, and names China as the single biggest cyber threat to U.S. interests. Continue reading Highlights from the New U.S. Cybersecurity Strategy→

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Posted on February 28, 2023 by BrianKrebs

Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device. Continue reading Hackers Claim They Breached T-Mobile More Than 100 Times in 2022→

When Low-Tech Hacks Cause High-Impact Breaches

Posted on February 27, 2023 by BrianKrebs

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. But it’s worth revisiting how this group typically got in to targeted companies: By calling employees and tricking them into navigating to a phishing website. Continue reading When Low-Tech Hacks Cause High-Impact Breaches→

Who’s Behind the Botnet-Based Service BHProxies?

Posted on February 24, 2023 by BrianKrebs

A security firm has discovered that a five-year-old crafty botnet known as Mylobot appears to be powering a residential proxy service called BHProxies, which offers paying customers the ability to route their web traffic anonymously through compromised computers. Here’s a closer look at Mylobot, and a deep dive into who may be responsible for operating the BHProxies service. Continue reading Who’s Behind the Botnet-Based Service BHProxies?→

New Protections for Food Benefits Stolen by Skimmers

Posted on February 17, 2023 by BrianKrebs

Millions of Americans receiving food assistance benefits just earned a new right that they can’t yet enforce: The right to be reimbursed if funds on their Electronic Benefit Transfer (EBT) cards are stolen by card skimming devices secretly installed at cash machines and grocery store checkout lanes. Continue reading New Protections for Food Benefits Stolen by Skimmers→

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Posted on February 9, 2023 by BrianKrebs

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “Trickbot,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. The U.S. Department of the Treasury says the Trickbot group is associated with Russian intelligence services, and that this alliance led to the targeting of many U.S. companies and government entities. Continue reading U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group→

KrebsOnSecurity in Upcoming Hulu Series on Ashley Madison Breach

Posted on February 7, 2023 by BrianKrebs

KrebsOnSecurity will likely have a decent amount of screen time in an upcoming Hulu documentary series about the 2015 megabreach at marital infidelity site Ashley Madison. While I can’t predict what the producers will do with the video interviews we shot, it’s fair to say the series will explore tantalizing new clues as to who may have been responsible for the attack. Continue reading KrebsOnSecurity in Upcoming Hulu Series on Ashley Madison Breach→

Experian Glitch Exposing Credit Files Lasted 47 Days

Posted on January 25, 2023 by BrianKrebs

On Dec. 23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer’s full credit report — armed with nothing more than a person’s name, address, date of birth, and Social Security number. Experian fixed the glitch, but remained silent about the incident for a month. This week, however, Experian acknowledged that the security failure persisted for nearly seven weeks, between Nov. 9, 2022 and Dec. 26, 2022. Continue reading Experian Glitch Exposing Credit Files Lasted 47 Days→