A Little Sunshine – Page 16

When Your Smart ID Card Reader Comes With Malware

Posted on May 18, 2022 by BrianKrebs

Millions of U.S. government employees and contractors have been issued a secure smart ID card that enables physical access to buildings and controlled spaces, and provides access to government computer networks and systems at the cardholder’s appropriate security level. But many government employees aren’t issued an approved card reader device that lets them use these cards at home or remotely, and so turn to low-cost readers they find online. What could go wrong? Here’s one example. Continue reading When Your Smart ID Card Reader Comes With Malware→

DEA Investigating Breach of Law Enforcement Data Portal

Posted on May 12, 2022 by BrianKrebs

The U.S. Drug Enforcement Administration (DEA) says it is investigating reports that hackers gained unauthorized access to an agency portal that taps into 16 different federal law enforcement databases. KrebsOnSecurity has learned the alleged compromise is tied to a cybercrime and online harassment community that routinely impersonates police and government officials to harvest personal information on their targets. Continue reading DEA Investigating Breach of Law Enforcement Data Portal→

Your Phone May Soon Replace Many of Your Passwords

Posted on May 7, 2022 by BrianKrebs

Apple, Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphones to sign in to websites or online services. Experts say the changes should help defeat many types of phishing attacks and ease the overall password burden on Internet users, but caution that a true passwordless future may still be years away for most websites. Continue reading Your Phone May Soon Replace Many of Your Passwords→

Russia to Rent Tech-Savvy Prisoners to Corporate IT?

Posted on May 2, 2022 by BrianKrebs

Faced with a brain drain of smart people fleeing the country following its invasion of Ukraine, the Russian Federation is floating a new strategy to address a worsening shortage of qualified information technology experts: Forcing tech-savvy people within the nation’s prison population to perform low-cost IT work for domestic companies. Continue reading Russia to Rent Tech-Savvy Prisoners to Corporate IT?→

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Posted on April 27, 2022 by BrianKrebs

When KrebsOnSecurity last month explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media and technology providers, many security experts called it a fundamentally unfixable problem. But don’t tell that to Matt Donahue, a former FBI agent who recently quit the agency to launch a startup that aims to help tech companies do a better job screening out phony law enforcement data requests — in part by assigning trustworthiness or “credit ratings” to law enforcement authorities worldwide. Continue reading Fighting Fake EDRs With ‘Credit Ratings’ for Police→

Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code

Posted on April 22, 2022 by BrianKrebs

KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion.

LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to the tyrannical teenage leader of LAPSUS$, whose obsession with stealing and leaking proprietary computer source code from the world’s largest tech companies ultimately led to the group’s undoing. Continue reading Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code→

Conti’s Ransomware Toll on the Healthcare Industry

Posted on April 18, 2022 by BrianKrebs

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other healthcare facilities since first surfacing in 2018 under the name “Ryuk.” Continue reading Conti’s Ransomware Toll on the Healthcare Industry→

RaidForums Gets Raided, Alleged Admin Arrested

Posted on April 12, 2022 by BrianKrebs

The U.S. Department of Justice (DOJ) said today it seized the website and user database for RaidForums, an extremely popular English-language cybercrime forum that sold access to more than 10 billion consumer records stolen in some of the world’s largest data breaches since 2015. The DOJ also charged the alleged administrator of RaidForums — 21-year-old Diogo Santos Coelho, of Portugal — with six criminal counts, including conspiracy, access device fraud and aggravated identity theft. Continue reading RaidForums Gets Raided, Alleged Admin Arrested→

Double-Your-Crypto Scams Share Crypto Scam Host

Posted on April 11, 2022 by BrianKrebs

Online scams that try to separate the unwary from their cryptocurrency are a dime a dozen, but a great many seemingly disparate crypto scam websites tend to rely on the same dodgy infrastructure providers to remain online in the face of massive fraud and abuse complaints from their erstwhile customers. Here’s a closer look at hundreds of phony crypto investment schemes that are all connected through a hosting provider which caters to people running crypto scams. Continue reading Double-Your-Crypto Scams Share Crypto Scam Host→

The Original APT: Advanced Persistent Teenagers

Posted on April 6, 2022 by BrianKrebs

Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. But few organizations have a playbook for responding to the kinds of virtual “smash and grab” attacks we’ve seen recently from LAPSUS$, a juvenile data extortion group whose short-lived, low-tech and remarkably effective tactics are putting some of the world’s biggest corporations on edge. Continue reading The Original APT: Advanced Persistent Teenagers→