The Coming Storm – Page 2 – WindowsTechs.com

Local Networks Go Global When Domain Names Collide

Posted on August 23, 2024 by BrianKrebs

The proliferation of new top-level domains (TLDs) has exacerbated a well-known security weakness: Many organizations set up their internal Microsoft authentication systems years ago using domain names in TLDs that didn’t exist at the time. Meaning, they are continuously sending their Windows usernames and passwords to domain names they do not control and which are freely available for anyone to register. Here’s a look at one security researcher’s efforts to map and shrink the size of this insidious problem. Continue reading Local Networks Go Global When Domain Names Collide→

National Public Data Published Its Own Passwords

Posted on August 19, 2024 by BrianKrebs

New details are emerging about a breach at National Public Data (NPD), a consumer data broker that recently spilled hundreds of millions of Americans’ Social Security Numbers, addresses, and phone numbers online. KrebsOnSecurity has learned that another NPD data broker which shares access to the same consumer records inadvertently published the passwords to its back-end database in a file that was freely available for download from its homepage until today. Continue reading National Public Data Published Its Own Passwords→

NationalPublicData.com Hack Exposes a Nation’s Data

Posted on August 15, 2024 by BrianKrebs

A great many readers this month reported receiving alerts that their Social Security Number, name, address and other personal information were exposed in a breach at a little-known but aptly-named consumer data broker called NationalPublicData.com. This post examines what we know about a breach that has exposed hundreds of millions of consumer records. We’ll also take a closer look at the data broker that got hacked — a background check company founded by an actor and retired sheriff’s deputy from Florida. Continue reading NationalPublicData.com Hack Exposes a Nation’s Data→

Phish-Friendly Domain Registry “.top” Put on Notice

Posted on July 23, 2024 by BrianKrebs

The Chinese company in charge of handing out domain names ending in “.top” has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. The warning comes amid the release of new findings that .top was the most common suffix in phishing websites over the past year, second only to domains ending in “.com.” Continue reading Phish-Friendly Domain Registry “.top” Put on Notice→

‘Operation Endgame’ Hits Malware Delivery Platforms

Posted on May 30, 2024 by BrianKrebs

Law enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware. Dubbed “the largest ever operation against botnets,” the international effort is being billed as the opening salvo in an ongoing campaign targeting advanced malware “droppers” or “loaders” like IcedID, Smokeloader and Trickbot. Continue reading ‘Operation Endgame’ Hits Malware Delivery Platforms→

Why Your Wi-Fi Router Doubles as an Apple AirTag

Posted on May 21, 2024 by BrianKrebs

Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly available data from Apple to track the location of billions of devices globally — including non-Apple devices like Starlink systems — and found they could use this data to monitor the destruction of Gaza, as well as the movements and in many cases identities of Russian and Ukrainian troops. Continue reading Why Your Wi-Fi Router Doubles as an Apple AirTag→

Why Your VPN May Not Be As Secure As It Claims

Posted on May 6, 2024 by BrianKrebs

Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target’s traffic off of the protection provided by their VPN without triggering any alerts to the user. Continue reading Why Your VPN May Not Be As Secure As It Claims→

Why CISA is Warning CISOs About a Breach at Sisense

Posted on April 11, 2024 by BrianKrebs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense customers to reset any credentials and secrets that may have been shared with the company, which is the same advice Sisense gave to its customers Wednesday evening. Continue reading Why CISA is Warning CISOs About a Breach at Sisense→

Recent ‘MFA Bombing’ Attacks Targeting Apple Users

Posted on March 26, 2024 by BrianKrebs

Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple’s password reset feature. In this scenario, a target’s Apple devices are forced to display dozens of system-level prompts that prevent the devices from being used until the recipient responds “Allow” or “Don’t Allow” to each prompt. Assuming the user manages not to fat-finger the wrong button on the umpteenth password reset request, the scammers will then call the victim while spoofing Apple support in the caller ID, saying the user’s account is under attack and that Apple support needs to “verify” a one-time code. Continue reading Recent ‘MFA Bombing’ Attacks Targeting Apple Users→

Incognito Darknet Market Mass-Extorts Buyers, Sellers

Posted on March 11, 2024 by BrianKrebs

Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. The bold mass extortion attempt comes just days after Incognito Market administrators reportedly pulled an “exit scam” that left users unable to withdraw millions of dollars worth of funds from the platform. Continue reading Incognito Darknet Market Mass-Extorts Buyers, Sellers→