The Coming Storm – Page 14 – WindowsTechs.com

The Hidden Cost of Ransomware: Wholesale Password Theft

Posted on January 6, 2020 by BrianKrebs

Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. But all too often, ransomware victims fail to grasp that the crooks behind these attacks can and frequently do siphon every single password stored on each infected endpoint. The result of this oversight may offer attackers a way back into the affected organization, access to financial and healthcare accounts, or — worse yet — key tools for attacking the victim’s various business partners and clients. Continue reading The Hidden Cost of Ransomware: Wholesale Password Theft→

Ransomware Gangs Now Outing Victim Businesses That Don’t Pay Up

Posted on December 17, 2019 by BrianKrebs

As if the scourge of ransomware wasn’t bad enough already: Several prominent purveyors of ransomware have signaled they plan to start publishing data stolen from victims who refuse to pay up. To make matters worse, one ransomware gang has now created a public Web site identifying recent victim companies that have chosen to rebuild their operations instead of acquiescing to their tormentors. Continue reading Ransomware Gangs Now Outing Victim Businesses That Don’t Pay Up→

It’s Way Too Easy to Get a .gov Domain Name

Posted on November 27, 2019 by BrianKrebs

Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a .gov domain versus a commercial one ending in .com or .org. But a recent experience suggests this trust may be severely misplaced, and that it is relatively straightforward for anyone to obtain their very own .gov domain. Continue reading It’s Way Too Easy to Get a .gov Domain Name→

Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

Posted on November 26, 2019 by BrianKrebs

On Nov. 23, one of the cybercrime underground’s largest bazaars for buying and selling stolen payment card data announced the immediate availability of some four million freshly-hacked debit and credit cards. KrebsOnSecurity has learned this latest bat… Continue reading Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains→

110 Nursing Homes Cut Off from Health Records in Ransomware Attack

Posted on November 23, 2019 by BrianKrebs

A ransomware outbreak has besieged a Wisconsin based IT company that provides cloud data hosting, security and access management to more than 100 nursing homes across the United States. The ongoing attack is preventing these care centers from accessing crucial patient medical records, and the IT company’s owner says she fears this incident could soon lead not only to the closure of her business, but also to the untimely demise of some patients. Continue reading 110 Nursing Homes Cut Off from Health Records in Ransomware Attack→

Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks

Posted on November 7, 2019 by BrianKrebs

Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, a new study posits. Health industry experts say the findings should prompt a larger review of how security — or the lack thereof — may be impacting patient outcomes. Continue reading Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks→

NCR Barred Mint, QuickBooks from Banking Platform During Account Takeover Storm

Posted on November 3, 2019 by BrianKrebs

Banking industry giant NCR Corp. [NYSE: NCR] late last month took the unusual step of temporarily blocking third-party financial data aggregators Mint and QuicBooks Online from accessing Digital Insight, an online banking platform used by hundreds of financial institutions. That ban, which came in response to a series of bank account takeovers in which cybercriminals used aggregation sites to surveil and drain consumer accounts, has since been rescinded. But the incident raises fresh questions about the proper role of digital banking platforms in fighting password abuse. Continue reading NCR Barred Mint, QuickBooks from Banking Platform During Account Takeover Storm→

Cachet Financial Reeling from MyPayrollHR Fraud

Posted on October 25, 2019 by BrianKrebs

When NY based cloud payroll provider MyPayrollHR unexpectedly shuttered its doors last month and disappeared with $26 million worth of customer payroll deposits, its payments processor Cachet Financial Services ended up funding the bank accounts of MyPayrollHR client company employees anyway, graciously eating a $26 million loss which it is now suing to recover. Continue reading Cachet Financial Reeling from MyPayrollHR Fraud→

Feds Allege Adconion Employees Hijacked IP Addresses for Spamming

Posted on September 2, 2019 by BrianKrebs

Federal prosecutors in California have filed criminal charges against four employees of Adconion Direct, an email advertising firm, alleging they unlawfully hijacked vast swaths of Internet addresses and used them in large-scale spam campaigns. KrebsOn… Continue reading Feds Allege Adconion Employees Hijacked IP Addresses for Spamming→

Phishers are Angling for Your Cloud Providers

Posted on August 30, 2019 by BrianKrebs

Many companies are now outsourcing their marketing efforts to cloud-based Customer Relationship Management (CRM) providers. But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the client’s brand and thei… Continue reading Phishers are Angling for Your Cloud Providers→