ICSI – WindowsTechs.com

DEA Investigating Breach of Law Enforcement Data Portal

Posted on May 12, 2022 by BrianKrebs

The U.S. Drug Enforcement Administration (DEA) says it is investigating reports that hackers gained unauthorized access to an agency portal that taps into 16 different federal law enforcement databases. KrebsOnSecurity has learned the alleged compromise is tied to a cybercrime and online harassment community that routinely impersonates police and government officials to harvest personal information on their targets. Continue reading DEA Investigating Breach of Law Enforcement Data Portal→

‘Petya’ Ransomware Outbreak Goes Global

Posted on June 27, 2017 by BrianKrebs

A new strain of ransomware dubbed “Petya” is worming its way around the world with alarming speed. The malware appears to be spreading using a vulnerability in Microsoft Windows that the software giant patched in March 2017 — the same bug that was exploited by the recent and prolific WannaCry ransomware strain. Continue reading ‘Petya’ Ransomware Outbreak Goes Global→

Fraudsters Exploited Lax Security at Equifax’s TALX Payroll Division

Posted on May 18, 2017 by BrianKrebs

Identity thieves who specialize in tax refund fraud had big help this past tax year from Equifax, one of the nation’s largest consumer data brokers and credit bureaus. The trouble stems from TALX, an Equifax subsidiary that provides online payroll, HR and tax services. Equifax says crooks were able to reset the 4-digit PIN given to customer employees as a password and then steal W-2 tax data after successfully answering personal questions about those employees.

In a boilerplate text sent to several affected customers, Equifax said the unauthorized access to customers’ employee tax records happened between April 17, 2016 and March 29, 2017.

Beyond that, the extent of the fraud perpetrated with the help of hacked TALX accounts is unclear, and Equifax refused requests to say how many consumers or payroll service customers may have been impacted by the authentication weaknesses. Continue reading Fraudsters Exploited Lax Security at Equifax’s TALX Payroll Division→

Carders Park Piles of Cash at Joker’s Stash

Posted on March 21, 2016 by BrianKrebs

A steady stream of card breaches at retailers, restaurants and hotels has flooded underground markets with a historic glut of stolen debit and credit card data. Today there are at least hundreds of sites online selling stolen account data, yet only a handful of them actively court bulk buyers and organized crime rings. Faced with a buyer’s market, these elite shops set themselves apart by focusing on loyalty programs, frequent-buyer discounts, money-back guarantees and just plain old good customer service. Continue reading Carders Park Piles of Cash at Joker’s Stash→

The Lowdown on the Apple-FBI Showdown

Posted on February 22, 2016 by BrianKrebs

Many readers have asked for a primer summarizing the privacy and security issues at stake in the the dispute between Apple and the U.S. Justice Department, which last week convinced a judge in California to order Apple to unlock an iPhone used by one of assailants in the recent San Bernardino massacres. I don’t have much original reporting to contribute on this important debate, but I’m visiting it here because it’s a complex topic that deserves the broadest possible public scrutiny. Continue reading The Lowdown on the Apple-FBI Showdown→

This is Why People Fear the ‘Internet of Things’

Posted on February 18, 2016 by BrianKrebs

Imagine buying an internet-enabled surveillance camera, network attached storage device, or home automation gizmo, only to find that it secretly and constantly phones home to a vast peer-to-peer (P2P) network run by the Chinese manufacturer of the hardware. Now imagine that the geek gear you bought doesn’t actually let you block this P2P communication without some serious networking expertise or hardware surgery that few users would attempt. Continue reading This is Why People Fear the ‘Internet of Things’→