This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-03T14:11:11+00:00 www.secnews.physaphae.fr Krebs on Security - Chercheur Américain A 26-year-old Finnish man was sentenced to more than six years in prison today after being convicted of hacking into an online psychotherapy clinic, leaking tens of thousands of patient therapy records, and attempting to extort the clinic and patients.]]> 2024-04-30T13:34:32+00:00 https://krebsonsecurity.com/2024/04/man-who-mass-extorted-psychotherapy-patients-gets-six-years/ www.secnews.physaphae.fr/article.php?IdArticle=8491298 False Legislation None 3.0000000000000000 Krebs on Security - Chercheur Américain The U.S. Federal Communications Commission (FCC) today levied fines totaling nearly $200 million against the four major carriers -- including AT&T, Sprint, T-Mobile and Verizon -- for illegally sharing access to customers\' location information without consent.]]> 2024-04-29T20:56:42+00:00 https://krebsonsecurity.com/2024/04/fcc-fines-major-u-s-wireless-carriers-for-selling-customer-location-data/ www.secnews.physaphae.fr/article.php?IdArticle=8490873 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain The head of counterintelligence for a division of the Russian Federal Security Service (FSB) was sentenced last week to nine years in a penal colony for accepting a USD $1.7 million bribe to ignore the activities of a prolific Russian cybercrime group that hacked thousands of e-commerce websites. The protection scheme was exposed in 2022 when Russian authorities arrested six members of the group, which sold millions of stolen payment cards at flashy online shops like Trump\'s Dumps.]]> 2024-04-22T20:07:56+00:00 https://krebsonsecurity.com/2024/04/russian-fsb-counterintelligence-chief-gets-9-years-in-cybercrime-bribery-scheme/ www.secnews.physaphae.fr/article.php?IdArticle=8487009 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking into the state\'s revenue department in 2012 and stealing tax and bank account information for 3.6 million people. The answer may no longer be a mystery: KrebsOnSecurity found compelling clues suggesting the intrusion was carried out by the same Russian hacking crew that stole of millions of payment card records from big box retailers like Home Depot and Target in the years that followed.]]> 2024-04-16T11:26:55+00:00 https://krebsonsecurity.com/2024/04/who-stole-3-6m-tax-records-from-south-carolina/ www.secnews.physaphae.fr/article.php?IdArticle=8483396 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain The U.S. government is warning that smart locks securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. The lock\'s maker Chirp Systems remains unresponsive, even though it was first notified about the critical weakness in March 2021. Meanwhile, Chirp\'s parent company, RealPage, Inc., is being sued by multiple U.S. states for allegedly colluding with landlords to illegally raise rents.]]> 2024-04-15T14:51:17+00:00 https://krebsonsecurity.com/2024/04/crickets-from-chirp-systems-in-smart-lock-key-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8482811 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense customers to reset any credentials and secrets that may have been shared with the company, which is the same advice Sisense gave to its customers Wednesday evening.]]> 2024-04-11T20:48:06+00:00 https://krebsonsecurity.com/2024/04/why-cisa-is-warning-cisos-about-a-breach-at-sisense/ www.secnews.physaphae.fr/article.php?IdArticle=8480244 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain On April 9, Twitter/X began automatically modifying links that mention "twitter.com" to redirect to "x.com" instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links -- such as fedetwitter[.]com, which is currently rendered as fedex.com in tweets.]]> 2024-04-10T14:28:17+00:00 https://krebsonsecurity.com/2024/04/twitters-clumsy-pivot-to-x-com-is-a-gift-to-phishers/ www.secnews.physaphae.fr/article.php?IdArticle=8479369 False None FedEx 3.0000000000000000 Krebs on Security - Chercheur Américain If only Patch Tuesdays came around infrequently -- like total solar eclipse rare -- instead of just creeping up on us each month like The Man in the Moon. Although to be fair, it would be tough for Microsoft to eclipse the number of vulnerabilities fixed in this month\'s patch batch -- a record 147 flaws in Windows and related software.]]> 2024-04-09T20:28:17+00:00 https://krebsonsecurity.com/2024/04/aprils-patch-tuesday-brings-record-number-of-fixes/ www.secnews.physaphae.fr/article.php?IdArticle=8478904 False Vulnerability None 2.0000000000000000 Krebs on Security - Chercheur Américain A cybercrook who has been setting up websites that mimic the self-destructing message service Privnote.com accidentally exposed the breadth of their operations recently when they threatened to sue a software company. The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers.]]> 2024-04-04T14:12:16+00:00 https://krebsonsecurity.com/2024/04/fake-lawsuit-threat-exposes-privnote-phishing-sites/ www.secnews.physaphae.fr/article.php?IdArticle=8475932 False Threat None 2.0000000000000000 Krebs on Security - Chercheur Américain Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called "The Manipulaters," a sprawling web hosting network of phishing and spam delivery platforms. In January 2024, The Manipulaters pleaded with this author to unpublish previous stories about their work, claiming the group had turned over a new leaf and gone legitimate. But new research suggests that while they have improved the quality of their products and services, these nitwits still fail spectacularly at hiding their illegal activities.]]> 2024-04-03T13:16:25+00:00 https://krebsonsecurity.com/2024/04/the-manipulaters-improve-phishing-still-fail-at-opsec/ www.secnews.physaphae.fr/article.php?IdArticle=8475228 False Spam None 3.0000000000000000 Krebs on Security - Chercheur Américain Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else. These missives draw on the recipient\'s natural curiosity about being copied on a private discussion, which is modified to include a malicious link or attachment. Here\'s the story of a recent thread hijacking attack in which a journalist was copied on a phishing email from the unwilling subject of a recent scoop.]]> 2024-03-28T23:56:13+00:00 https://krebsonsecurity.com/2024/03/thread-hijacking-phishes-that-prey-on-your-curiosity/ www.secnews.physaphae.fr/article.php?IdArticle=8472289 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple\'s password reset feature. In this scenario, a target\'s Apple devices are forced to display dozens of system-level prompts that prevent the devices from being used until the recipient responds "Allow" or "Don\'t Allow" to each prompt. Assuming the user manages not to fat-finger the wrong button on the umpteenth password reset request, the scammers will then call the victim while spoofing Apple support in the caller ID, saying the user\'s account is under attack and that Apple support needs to "verify" a one-time code.]]> 2024-03-26T15:37:54+00:00 https://krebsonsecurity.com/2024/03/recent-mfa-bombing-attacks-targeting-apple-users/ www.secnews.physaphae.fr/article.php?IdArticle=8470817 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain The nonprofit organization that supports the Firefox web browser said today it is winding down its new partnership with Onerep, an identity protection service recently bundled with Firefox that offers to remove users from hundreds of people-search sites. The move comes just days after a report by KrebsOnSecurity forced Onerep\'s CEO to admit that he has founded dozens of people-search networks over the years.]]> 2024-03-22T19:02:41+00:00 https://krebsonsecurity.com/2024/03/mozilla-drops-onerep-after-ceo-admits-to-running-people-search-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8468635 False None None 1.00000000000000000000 Krebs on Security - Chercheur Américain It\'s not unusual for the data brokers behind people-search websites to use pseudonyms in their day-to-day lives (you would, too). Some of these personal data purveyors even try to reinvent their online identities in a bid to hide their conflicts of interest. But it\'s not every day you run across a US-focused people-search network based in China whose principal owners all appear to be completely fabricated identities.]]> 2024-03-21T03:18:26+00:00 https://krebsonsecurity.com/2024/03/the-not-so-true-people-search-network-from-china/ www.secnews.physaphae.fr/article.php?IdArticle=8467664 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain The data privacy company Onerep.com bills itself as a Virginia-based service for helping people remove their personal information from almost 200 people-search websites. However, an investigation into the history of onerep.com finds this company is operating out of Belarus and Cyprus, and that its founder has launched dozens of people-search services over the years.]]> 2024-03-14T21:13:38+00:00 https://krebsonsecurity.com/2024/03/ceo-of-data-privacy-company-onerep-com-founded-dozens-of-people-search-firms/ www.secnews.physaphae.fr/article.php?IdArticle=8464018 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain Apple and Microsoft recently released software updates to fix dozens of security holes in their operating systems. Microsoft today patched at least 60 vulnerabilities in its Windows OS. Meanwhile, Apple\'s new macOS Sonoma addresses at least 68 security weaknesses, and its latest updates for iOS fixes two zero-day flaws.]]> 2024-03-12T20:36:33+00:00 https://krebsonsecurity.com/2024/03/patch-tuesday-march-2024-edition/ www.secnews.physaphae.fr/article.php?IdArticle=8462824 False Vulnerability,Threat None 2.0000000000000000 Krebs on Security - Chercheur Américain Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. The bold mass extortion attempt comes just days after Incognito Market administrators reportedly pulled an "exit scam" that left users unable to withdraw millions of dollars worth of funds from the platform.]]> 2024-03-11T16:19:36+00:00 https://krebsonsecurity.com/2024/03/incognito-darknet-market-mass-extorts-buyers-sellers/ www.secnews.physaphae.fr/article.php?IdArticle=8462209 False Ransomware None 2.0000000000000000 Krebs on Security - Chercheur Américain If you live in the United States, the data broker Radaris likely knows a great deal about you, and they are happy to sell what they know to anyone. But how much do we know about Radaris? Publicly available data indicates that in addition to running a dizzying array of people-search websites, the co-founders of Radaris operate multiple Russian-language dating services and affiliate programs. It also appears many of their businesses have ties to a California marketing firm that works with a Russian state-run media conglomerate currently sanctioned by the U.S. government.]]> 2024-03-08T13:02:48+00:00 https://krebsonsecurity.com/2024/03/a-close-up-look-at-the-consumer-data-broker-radaris/ www.secnews.physaphae.fr/article.php?IdArticle=8460799 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain There are indications that U.S. healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. "ALPHV") as the company struggles to bring services back online amid a cyberattack that has disrupted prescription drug services nationwide for weeks. However, the cybercriminal who claims to have given BlackCat access to Change\'s network says the crime gang cheated them out of their share of the ransom, and that they still have the sensitive data that Change reportedly paid the group to destroy. Meanwhile, the affiliate\'s disclosure appears to have prompted BlackCat to cease operations entirely.]]> 2024-03-06T00:22:56+00:00 https://krebsonsecurity.com/2024/03/blackcat-ransomware-group-implodes-after-apparent-22m-ransom-payment-by-change-healthcare/ www.secnews.physaphae.fr/article.php?IdArticle=8459581 False Ransomware,Medical None 3.0000000000000000 Krebs on Security - Chercheur Américain The ransomware group LockBit told officials with Fulton County, Ga. they could expect to see their internal documents published online this morning unless the county paid a ransom demand. Instead, LockBit removed Fulton County\'s listing from its victim shaming website this morning, claiming county officials had paid. But county officials said they did not pay, nor did anyone make payment on their behalf. Security experts say LockBit was likely bluffing and probably lost most of the data when the gang\'s servers were seized this month by U.S. and U.K. law enforcement.]]> 2024-02-29T22:18:54+00:00 https://krebsonsecurity.com/2024/02/fulton-county-security-experts-call-lockbits-bluff/ www.secnews.physaphae.fr/article.php?IdArticle=8457205 False Ransomware None 3.0000000000000000 Krebs on Security - Chercheur Américain Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target\'s account at Calendly, a popular free calendar application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call. But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems.]]> 2024-02-28T16:56:43+00:00 https://krebsonsecurity.com/2024/02/calendar-meeting-links-used-to-spread-mac-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8456533 False Malware,Conference None 2.0000000000000000 Krebs on Security - Chercheur Américain The FBI\'s takedown of the LockBit ransomware group last week came as LockBit was preparing to release sensitive data stolen from government computer systems in Fulton County, Ga. But LockBit is now regrouping, and the gang says it will publish the stolen Fulton County data on March 2 unless paid a ransom. LockBit claims the cache includes documents tied to the county\'s ongoing criminal prosecution of former President Trump, but court watchers say teaser documents published by the crime gang suggest a total leak of the Fulton County data could put lives at risk and jeopardize a number of other criminal trials.]]> 2024-02-26T02:17:55+00:00 https://krebsonsecurity.com/2024/02/fbis-lockbit-takedown-postponed-a-ticking-time-bomb-in-fulton-county-ga/ www.secnews.physaphae.fr/article.php?IdArticle=8455189 False Ransomware None 2.0000000000000000 Krebs on Security - Chercheur Américain A new data leak that appears to have come from one of China\'s top private cybersecurity firms provides a rare glimpse into the commercial side of China\'s many state-sponsored hacking groups. Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign espionage campaigns to the nation\'s burgeoning and highly competitive cybersecurity industry.]]> 2024-02-22T13:27:47+00:00 https://krebsonsecurity.com/2024/02/new-leak-shows-business-side-of-chinas-apt-menace/ www.secnews.physaphae.fr/article.php?IdArticle=8453683 False Commercial None 2.0000000000000000 Krebs on Security - Chercheur Américain U.S. and U.K. authorities have seized the darknet websites run by LockBit, a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Instead of listing data stolen from ransomware victims who didn\'t pay, LockBit\'s victim shaming website now offers free recovery tools, as well as news about arrests and criminal charges involving LockBit affiliates.]]> 2024-02-20T17:09:00+00:00 https://krebsonsecurity.com/2024/02/feds-seize-lockbit-ransomware-websites-offer-decryption-tools-troll-affiliates/ www.secnews.physaphae.fr/article.php?IdArticle=8452815 False Ransomware,Tool None 3.0000000000000000 Krebs on Security - Chercheur Américain The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence, which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. But until it was notified last week, U.S. Internet was publishing more than a decade\'s worth of its internal email -- and that of thousands of Securence clients -- in plain text out on the Internet and just a click away for anyone with a Web browser.]]> 2024-02-14T16:45:46+00:00 https://krebsonsecurity.com/2024/02/u-s-internet-leaked-years-of-internal-customer-emails/ www.secnews.physaphae.fr/article.php?IdArticle=8450064 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain Microsoft Corp. today pushed software updates to plug more than 70 security holes in its Windows operating systems and related products, including two zero-day vulnerabilities that are already being exploited in active attacks.]]> 2024-02-13T22:28:48+00:00 https://krebsonsecurity.com/2024/02/fat-patch-tuesday-february-2024-edition/ www.secnews.physaphae.fr/article.php?IdArticle=8449754 False Vulnerability,Threat None 2.0000000000000000 Krebs on Security - Chercheur Américain Until earlier this week, the support website for networking equipment vendor Juniper Networks was exposing potentially sensitive information tied to customer products, including the exact devices each customer bought, as well as each device\'s warranty status, service contracts and serial numbers. Juniper said it has since fixed the problem, and that the inadvertent data exposure stemmed from a recent upgrade to its support portal.]]> 2024-02-09T15:34:21+00:00 https://krebsonsecurity.com/2024/02/juniper-support-portal-exposed-customer-device-info/ www.secnews.physaphae.fr/article.php?IdArticle=8448411 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. The leaked user database shows one of the forum\'s founders was an attorney who advised Russia\'s top hackers on the legal risks of their work, and what to do if they got caught. A review of this user\'s hacker identities shows that during his time on the forums he served as an officer in the special forces of the GRU, the foreign military intelligence agency of the Russian Federation.]]> 2024-02-07T17:10:18+00:00 https://krebsonsecurity.com/2024/02/from-cybercrime-saul-goodman-to-the-russian-gru/ www.secnews.physaphae.fr/article.php?IdArticle=8447735 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain Three Americans were charged this week with stealing more than $400 million in a November 2022 SIM-swapping attack. The U.S. government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct cryptocurrency exchange FTX, which had just filed for bankruptcy on that same day.]]> 2024-02-01T18:41:37+00:00 https://krebsonsecurity.com/2024/02/arrests-in-400m-sim-swap-tied-to-heist-at-ftx/ www.secnews.physaphae.fr/article.php?IdArticle=8445667 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022.]]> 2024-01-30T19:07:18+00:00 https://krebsonsecurity.com/2024/01/fla-man-charged-in-sim-swapping-spree-is-key-suspect-in-hacker-groups-oktapus-scattered-spider/ www.secnews.physaphae.fr/article.php?IdArticle=8444908 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain Authorities in Australia, the United Kingdom and the United States this week levied financial sanctions against a Russian man accused of stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. 33-year-old Aleksandr Ermakov allegedly stole and leaked the Medibank data while working with one of Russia\'s most destructive ransomware groups, but little more is shared about the accused. Here\'s a closer look at the activities of Mr. Ermakov\'s alleged hacker handles.]]> 2024-01-26T18:12:09+00:00 https://krebsonsecurity.com/2024/01/who-is-alleged-medibank-hacker-aleksandr-ermakov/ www.secnews.physaphae.fr/article.php?IdArticle=8443498 False Ransomware None 2.0000000000000000 Krebs on Security - Chercheur Américain Google continues to struggle with cybercriminals running malicious ads on its search platform to trick people into downloading booby-trapped copies of popular free software applications. The malicious ads, which appear above organic search results and often precede links to legitimate sources of the same software, can make searching for software on Google a dicey affair.]]> 2024-01-25T18:38:43+00:00 https://krebsonsecurity.com/2024/01/using-google-search-to-find-software-can-be-risky/ www.secnews.physaphae.fr/article.php?IdArticle=8443085 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain A Canadian man who says he\'s been falsely charged with orchestrating a complex e-commerce scam is seeking to clear his name. His case appears to involve "triangulation fraud," which occurs when a consumer purchases something online -- from a seller on Amazon or eBay, for example -- but the seller doesn\'t actually own the item for sale. Instead, the seller purchases the item from an online retailer using stolen payment card data. In this scam, the unwitting buyer pays the scammer and receives what they ordered, and very often the only party left to dispute the transaction is the owner of the stolen payment card.]]> 2024-01-19T15:34:53+00:00 https://krebsonsecurity.com/2024/01/canadian-man-stuck-in-triangle-of-e-commerce-fraud/ www.secnews.physaphae.fr/article.php?IdArticle=8440687 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain The rapper and social media personality Punchmade Dev is perhaps best known for his flashy videos singing the praises of a cybercrime lifestyle. With memorable hits such as "Internet Swiping" and "Million Dollar Criminal" earning millions of views, Punchmade has leveraged his considerable following to peddle tutorials on how to commit financial crimes online. But until recently, there wasn\'t much to support a conclusion that Punchmade was actually doing the cybercrime things he promotes in his songs.]]> 2024-01-17T17:00:40+00:00 https://krebsonsecurity.com/2024/01/e-crime-rapper-punchmade-dev-debuts-card-shop/ www.secnews.physaphae.fr/article.php?IdArticle=8439951 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain en savoir plus & # 187;

---

A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. The case is thought to be first in which a federal court has recognized the… Read More »]]> 2024-01-10T13:39:37+00:00 https://krebsonsecurity.com/2024/01/heres-some-bitcoin-oh-and-youve-been-served/ www.secnews.physaphae.fr/article.php?IdArticle=8437520 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. All four pleaded guilty to conspiracy and racketeering charges. But there is a fascinating and untold backstory behind the two Russian men involved, who co-ran Russia\'s most popular spam forum for years.]]> 2024-01-08T17:57:55+00:00 https://krebsonsecurity.com/2024/01/meet-ika-sal-the-bulletproof-hosting-duo-from-hell/ www.secnews.physaphae.fr/article.php?IdArticle=8436731 False Spam None 4.0000000000000000 Krebs on Security - Chercheur Américain KrebsOnSecurity celebrates its 14th year of existence today! I promised myself this post wouldn\'t devolve into yet another Cybersecurity Year in Review. Nor do I wish to hold forth about whatever cyber horrors may await us in 2024. But I do want to thank you all for your continued readership, encouragement and support, without which I could not do what I do.]]> 2023-12-29T22:16:27+00:00 https://krebsonsecurity.com/2023/12/happy-14th-birthday-krebsonsecurity/ www.secnews.physaphae.fr/article.php?IdArticle=8430986 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain The U.S. Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world\'s second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang\'s darknet website, and released a decryption tool that hundreds of victim companies can use to recover systems. Meanwhile, BlackCat responded by briefly "unseizing" its darknet site with a message promising 90 percent commissions for affiliates who continue to work with the crime group, and open season on everything from hospitals to nuclear power plants.]]> 2023-12-19T22:49:43+00:00 https://krebsonsecurity.com/2023/12/blackcat-ransomware-raises-ante-after-fbi-disruption/ www.secnews.physaphae.fr/article.php?IdArticle=8425714 False Ransomware,Tool None 2.0000000000000000 Krebs on Security - Chercheur Américain On Dec. 18, 2013, KrebsOnSecurity broke the news that U.S. retail giant Target was battling a wide-ranging computer intrusion that compromised more than 40 million customer payment cards over the previous month. The malware used in the Target breach included the text string "Rescator," which also was the handle chosen by the cybercriminal who was selling all of the cards stolen from Target customers. Ten years later, KrebsOnSecurity has uncovered new clues about the real-life identity of Rescator.]]> 2023-12-14T17:51:39+00:00 https://krebsonsecurity.com/2023/12/ten-years-later-new-clues-in-the-target-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8422760 False Malware None 4.0000000000000000 Krebs on Security - Chercheur Américain The final Patch Tuesday of 2023 is upon us, with Microsoft Corp. today releasing fixes for a relatively small number of security holes in its Windows operating systems and other software. Even more unusual, there are no known "zero-day" threats targeting any of the vulnerabilities in December\'s patch batch. Still, four of the updates pushed out today address "critical" vulnerabilities that Microsoft says can be exploited by malware or malcontents to seize complete control over a vulnerable Windows device with little or no help from users.]]> 2023-12-12T22:21:00+00:00 https://krebsonsecurity.com/2023/12/microsoft-patch-tuesday-december-2023-edition/ www.secnews.physaphae.fr/article.php?IdArticle=8421739 False Malware,Vulnerability None 2.0000000000000000 Krebs on Security - Chercheur Américain More than five years after domain name registrars started redacting personal data from all public domain registration records, the non-profit organization overseeing the domain industry has introduced a centralized online service designed to make it easier for researchers, law enforcement and others to request the information directly from registrars.]]> 2023-12-06T15:51:58+00:00 https://krebsonsecurity.com/2023/12/icann-launches-service-to-help-with-whois-lookups/ www.secnews.physaphae.fr/article.php?IdArticle=8419595 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain When KrebsOnSecurity broke the news on Oct. 20, 2023 that identity and authentication giant Okta had suffered a breach in its customer support department, Okta said the intrusion allowed hackers to steal sensitive data from fewer than one percent of its 18,000+ customers. But today, Okta revised that impact statement, saying the attackers also stole the name and email address for nearly all of its customer support users.]]> 2023-11-29T19:41:14+00:00 https://krebsonsecurity.com/2023/11/okta-breach-affected-all-customer-support-users/ www.secnews.physaphae.fr/article.php?IdArticle=8417880 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain One of the cybercrime underground\'s more active sellers of Social Security numbers, background and credit reports has been pulling data from hacked accounts at the U.S. consumer data broker USinfoSearch, KrebsOnSecurity has learned.]]> 2023-11-28T15:57:38+00:00 https://krebsonsecurity.com/2023/11/id-theft-service-resold-access-to-usinfosearch-data/ www.secnews.physaphae.fr/article.php?IdArticle=8417542 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain Prosecutors in Finland this week commenced their criminal trial against Julius Kivimäki, a 26-year-old Finnish man charged with extorting a once popular and now-bankrupt online psychotherapy practice and thousands of its patients. In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.]]> 2023-11-16T19:59:14+00:00 https://krebsonsecurity.com/2023/11/alleged-extortioner-of-psychotherapy-patients-faces-trial/ www.secnews.physaphae.fr/article.php?IdArticle=8413037 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain Microsoft today released updates to fix more than five dozen security holes in its Windows operating systems and related software, including three "zero day" vulnerabilities that Microsoft warns are already being exploited in active attacks.]]> 2023-11-14T23:00:59+00:00 https://krebsonsecurity.com/2023/11/microsoft-patch-tuesday-november-2023-edition/ www.secnews.physaphae.fr/article.php?IdArticle=8412108 False Vulnerability None 2.0000000000000000 Krebs on Security - Chercheur Américain In the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a different email address. Sixteen months later, Experian clearly has not addressed this gaping lack of security. I know that because my account at Experian was recently hijacked, and the only way I could recover access was by recreating the account.]]> 2023-11-11T17:59:07+00:00 https://krebsonsecurity.com/2023/11/its-still-easy-for-anyone-to-become-you-at-experian/ www.secnews.physaphae.fr/article.php?IdArticle=8409788 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. In today\'s Part II, we\'ll examine clues about the real-life identity left behind by "Fearless," the nickname chosen by the proprietor of the SWAT USA Drops service.]]> 2023-11-06T13:51:31+00:00 https://krebsonsecurity.com/2023/11/whos-behind-the-swat-usa-reshipping-service/ www.secnews.physaphae.fr/article.php?IdArticle=8406631 False None None 4.0000000000000000 Krebs on Security - Chercheur Américain One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Here\'s a closer look at the Russia-based SWAT USA Drop Service, which currently employs more than 1,200 people across the United States who are knowingly or unwittingly involved in reshipping expensive consumer goods purchased with stolen credit cards.]]> 2023-11-02T19:55:34+00:00 https://krebsonsecurity.com/2023/11/russian-reshipping-service-swat-usa-drop-exposed/ www.secnews.physaphae.fr/article.php?IdArticle=8404886 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain The top-level domain for the United States -- .US -- is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. The findings come close on the heels of a report that identified .US domains as among the most prevalent in phishing attacks over the past year.]]> 2023-10-31T13:26:55+00:00 https://krebsonsecurity.com/2023/10/us-harbors-prolific-malicious-link-shortening-service/ www.secnews.physaphae.fr/article.php?IdArticle=8403504 False Malware None 3.0000000000000000 Krebs on Security - Chercheur Américain A 22-year-old New Jersey man has been sentenced to more than 13 years in prison for participating in a firebombing and a shooting at homes in Pennsylvania last year. Patrick McGovern-Allen was the subject of a Sept. 4, 2022 story here about the emergence of "violence-as-a-service" offerings, where random people from the Internet hire themselves out to perform a variety of local, physical attacks, including firebombing a home, "bricking" windows, slashing tires, or performing a drive-by shooting at someone\'s residence.]]> 2023-10-23T13:08:27+00:00 https://krebsonsecurity.com/2023/10/nj-man-hired-online-to-firebomb-shoot-at-homes-gets-13-years-in-prison/ www.secnews.physaphae.fr/article.php?IdArticle=8399300 False Legislation None 3.0000000000000000 Krebs on Security - Chercheur Américain Okta, a company that provides identity tools like multi-factor authentication and single sign-on to thousands of businesses, has suffered a security breach involving a compromise of its customer support unit, KrebsOnSecurity has learned. Okta says the incident affected a "very small number" of customers, however it appears the hackers responsible had access to Okta\'s support platform for at least two weeks before the company fully contained the intrusion.]]> 2023-10-20T18:39:23+00:00 https://krebsonsecurity.com/2023/10/hackers-stole-access-tokens-from-oktas-support-unit/ www.secnews.physaphae.fr/article.php?IdArticle=8398349 False Tool None 3.0000000000000000 Krebs on Security - Chercheur Américain One of the oldest malware tricks in the book -- hacked websites claiming visitors need to update their Web browser before they can view any content -- has roared back to life in the past few months. New research shows the attackers behind one such scheme have developed an ingenious way of keeping their malware from being taken down by security experts or law enforcement: By hosting the malicious files on a decentralized, anonymous cryptocurrency blockchain.]]> 2023-10-18T14:03:28+00:00 https://krebsonsecurity.com/2023/10/the-fake-browser-update-scam-gets-a-makeover/ www.secnews.physaphae.fr/article.php?IdArticle=8397261 False Malware None 2.0000000000000000 Krebs on Security - Chercheur Américain Amir Golestan, the 40-year-old CEO of the Charleston, S.C. based technology company Micfo LLC, has been sentenced to five years in prison for wire fraud. Golestan\'s sentencing comes nearly two years after he pleaded guilty to using an elaborate network of phony companies to secure more than 735,000 Internet Protocol (IP) addresses from the American Registry for Internet Numbers (ARIN), the nonprofit which oversees IP addresses assigned to entities in the U.S., Canada, and parts of the Caribbean.]]> 2023-10-17T16:23:25+00:00 https://krebsonsecurity.com/2023/10/tech-ceo-sentenced-to-5-years-in-ip-address-scheme/ www.secnews.physaphae.fr/article.php?IdArticle=8396796 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain Microsoft today issued security updates for more than 100 newly-discovered vulnerabilities in its Windows operating system and related software, including four flaws that are already being exploited. In addition, Apple recently released emergency updates to quash a pair of zero-day bugs in iOS.]]> 2023-10-10T22:51:31+00:00 https://krebsonsecurity.com/2023/10/patch-tuesday-october-2023-edition/ www.secnews.physaphae.fr/article.php?IdArticle=8394127 False Vulnerability None 3.0000000000000000 Krebs on Security - Chercheur Américain Recent weeks have seen a sizable uptick in the number of phishing scams targeting U.S. Postal Service (USPS) customers. Here\'s a look at an extensive SMS phishing operation that tries to steal personal and financial data by spoofing the USPS, as well as postal services in at least a dozen other countries worldwide.]]> 2023-10-09T20:39:43+00:00 https://krebsonsecurity.com/2023/10/phishers-spoof-usps-12-other-natl-postal-services/ www.secnews.physaphae.fr/article.php?IdArticle=8393379 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain Many organizations - including quite a few Fortune 500 firms - have exposed web links that allow anyone to initiate a Zoom video conference meeting as a valid employee. These company-specific Zoom links, which include a permanent user ID number and an embedded passcode, can work indefinitely and expose an organization\'s employees, customers or partners to phishing and other social engineering attacks.]]> 2023-10-02T15:43:34+00:00 https://krebsonsecurity.com/2023/10/dont-let-zombie-zoom-links-drag-you-down/ www.secnews.physaphae.fr/article.php?IdArticle=8390545 False Conference None 2.0000000000000000 Krebs on Security - Chercheur Américain Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang\'s internal operations. Today, we\'ll take a closer look at the history of Snatch, its alleged founder, and their claims that everyone has confused them with a different, older ransomware group by the same name.]]> 2023-09-30T19:47:57+00:00 https://krebsonsecurity.com/2023/09/a-closer-look-at-the-snatch-data-ransom-group/ www.secnews.physaphae.fr/article.php?IdArticle=8389935 False Ransomware None 3.0000000000000000 Krebs on Security - Chercheur Américain The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams, Adobe Reader, Mozilla Thunderbird, and Discord.]]> 2023-09-27T11:48:37+00:00 https://krebsonsecurity.com/2023/09/snatch-ransom-group-exposes-visitor-ip-addresses/ www.secnews.physaphae.fr/article.php?IdArticle=8388293 False Ransomware,Malware None 3.0000000000000000 Krebs on Security - Chercheur Américain The password manager service LastPass is now forcing some of its users to pick longer master passwords. LastPass says the changes are needed to ensure all customers are protected by their latest security improvements. But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass.]]> 2023-09-22T23:41:09+00:00 https://krebsonsecurity.com/2023/09/lastpass-horse-gone-barn-bolted-is-strong-password/ www.secnews.physaphae.fr/article.php?IdArticle=8386913 False None LastPass,LastPass 2.0000000000000000 Krebs on Security - Chercheur Américain The victim shaming website operated by the cybercriminals behind 8Base -- currently one of the more active ransomware groups -- was until earlier today leaking quite a bit of information that the crime group probably did not intend to be made public. The leaked data suggests that at least some of website\'s code was written by a 36-year-old programmer residing in the capital city of Moldova.]]> 2023-09-19T02:12:53+00:00 https://krebsonsecurity.com/2023/09/whos-behind-the-8base-ransomware-website/ www.secnews.physaphae.fr/article.php?IdArticle=8385126 False Ransomware None 3.0000000000000000 Krebs on Security - Chercheur Américain In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle "USDoD" had infiltrated the FBI\'s vetted information sharing network InfraGard, and was selling the contact information for all 80,000 members. The FBI responded by reverifying all InfraGard members and by seizing the cybercrime forum where the data was being sold. But on Sept. 11, 2023, USDoD resurfaced after a lengthy absence to leak sensitive employee data stolen from the aerospace giant Airbus, while promising to visit the same treatment on top U.S. defense contractors.]]> 2023-09-14T00:22:05+00:00 https://krebsonsecurity.com/2023/09/fbi-hacker-dropped-stolen-airbus-data-on-9-11/ www.secnews.physaphae.fr/article.php?IdArticle=8382482 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe, Google Chrome and Apple iOS users may have their own zero-day patching to do.]]> 2023-09-12T22:36:01+00:00 https://krebsonsecurity.com/2023/09/adobe-apple-google-microsoft-patch-0-day-bugs/ www.secnews.physaphae.fr/article.php?IdArticle=8382042 False Vulnerability None 4.0000000000000000 Krebs on Security - Chercheur Américain In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults.]]> 2023-09-06T00:21:07+00:00 https://krebsonsecurity.com/2023/09/experts-fear-crooks-are-cracking-keys-stolen-in-lastpass-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8379378 False None LastPass,LastPass 3.0000000000000000 Krebs on Security - Chercheur Américain Domain names ending in “.US” - the top-level domain for the United States - are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government, which is frequently the target of phishing domains ending in .US. Also, .US domains are only supposed to be available to U.S. citizens and to those who can demonstrate that they have a physical presence in the United States.]]> 2023-09-01T15:38:11+00:00 https://krebsonsecurity.com/2023/09/why-is-us-being-used-to-phish-so-many-of-us/ www.secnews.physaphae.fr/article.php?IdArticle=8377841 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain The U.S. government today announced a coordinated crackdown against QakBot, a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. The international law enforcement operation involved seizing control over the botnet\'s online infrastructure, and quietly removing the Qakbot malware from tens of thousands of infected Microsoft Windows computer systems.]]> 2023-08-29T18:35:25+00:00 https://krebsonsecurity.com/2023/08/u-s-hacks-qakbot-quietly-removes-botnet-infections/ www.secnews.physaphae.fr/article.php?IdArticle=8376360 False Ransomware,Malware None 3.0000000000000000 Krebs on Security - Chercheur Américain Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. And there are indications that fraudsters may already be exploiting the stolen data in phishing attacks. Cryptocurrency lender BlockFi and the now-collapsed crypto trading platform FTX each disclosed data breaches this week thanks to a recent SIM-swapping attack targeting an employee of Kroll -- the company handling both firms\' bankruptcy restructuring.]]> 2023-08-25T18:05:10+00:00 https://krebsonsecurity.com/2023/08/kroll-employee-sim-swapped-for-crypto-investor-data/ www.secnews.physaphae.fr/article.php?IdArticle=8374606 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain In large metropolitan areas, tourists are often easy to spot because they\'re far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is a dead giveaway in virtually all computer intrusions that lead to devastating attacks like ransomware, and that more organizations should set simple virtual tripwires that sound the alarm when authorized users and devices are spotted exhibiting this behavior.]]> 2023-08-22T17:45:28+00:00 https://krebsonsecurity.com/2023/08/tourists-give-themselves-away-by-looking-up-so-do-most-network-intruders/ www.secnews.physaphae.fr/article.php?IdArticle=8373182 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain You\'ve probably never heard of "16Shop," but there\'s a good chance someone using it has tried to phish you. Last week, the international police organization INTERPOL said it had shuttered the notorious 16Shop, a popular phishing-as-a-service platform launched in 2017 that made it simple for even complete novices to conduct complex and convincing phishing scams. INTERPOL said authorities in Indonesia arrested the 21-year-old proprietor and one of his alleged facilitators, and that a third suspect was apprehended in Japan.]]> 2023-08-17T19:58:56+00:00 https://krebsonsecurity.com/2023/08/karma-catches-up-to-global-phishing-service-16shop/ www.secnews.physaphae.fr/article.php?IdArticle=8371401 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain John Clifton Davies, a convicted fraudster estimated to have bilked dozens of technology startups out of more than $30 million through phony investment schemes, has a brand new pair of scam companies that are busy dashing startup dreams: A fake investment firm called Equity-Invest[.]ch, and Diligere[.]co.uk, a scam due diligence company that Equity-Invest insists all investment partners use. A native of the United Kingdom, Mr. Davies absconded from justice before being convicted on multiple counts of fraud in 2015. Prior to his conviction, Davies served 16 months in jail before being cleared on suspicion of murdering his third wife on their honeymoon in India.]]> 2023-08-14T20:13:22+00:00 https://krebsonsecurity.com/2023/08/diligere-equity-invest-are-new-firms-of-u-k-con-man/ www.secnews.physaphae.fr/article.php?IdArticle=8370047 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain Microsoft Corp. today issued software updates to plug more than 70 security holes in its Windows operating systems and related products, including a patch that addresses multiple zero-day vulnerabilities currently being exploited in the wild.]]> 2023-08-09T02:22:57+00:00 https://krebsonsecurity.com/2023/08/microsoft-patch-tuesday-august-2023-edition/ www.secnews.physaphae.fr/article.php?IdArticle=8367681 False Vulnerability None 2.0000000000000000 Krebs on Security - Chercheur Américain WormGPT, a private new chatbot service advertised as a way to use Artificial Intelligence (AI) to help write malicious software without all the pesky prohibitions on such activity enforced by ChatGPT and Google Bard, has started adding restrictions on how the service can be used. Faced with customers trying to use WormGPT to create ransomware and phishing scams, the 23-year-old Portuguese programmer who created the project now says his service is slowly morphing into “a more controlled environment.” The large language models (LLMs) made by ChatGPT parent OpenAI or Google or Microsoft all have various safety measures designed to prevent people from abusing them for nefarious purposes - such as creating malware or hate speech. In contrast, WormGPT has promoted itself as a new LLM that was created specifically for cybercrime activities.]]> 2023-08-08T17:37:23+00:00 https://krebsonsecurity.com/2023/08/meet-the-brains-behind-the-malware-friendly-ai-chat-service-wormgpt/ www.secnews.physaphae.fr/article.php?IdArticle=8367397 False Ransomware,Malware ChatGPT,ChatGPT 3.0000000000000000 Krebs on Security - Chercheur Américain One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. Like attaching a phishing email to a traditional, clean email message, or leveraging link redirects on LinkedIn, or abusing an encoding method that makes it easy to disguise booby-trapped Microsoft Windows files as relatively harmless documents.]]> 2023-08-04T13:49:15+00:00 https://krebsonsecurity.com/2023/08/teach-a-man-to-phish-and-hes-set-for-life/ www.secnews.physaphae.fr/article.php?IdArticle=8365690 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain Researchers say mobile malware purveyors have been abusing a bug in the Google Android platform that lets them sneak malicious code into benign mobile apps and evade security scanning tools. Google says it has updated its app malware detection mechanisms in response to the new research.]]> 2023-08-03T11:22:55+00:00 https://krebsonsecurity.com/2023/08/how-malicious-android-apps-slip-into-disguise/ www.secnews.physaphae.fr/article.php?IdArticle=8365194 False Malware None 2.0000000000000000 Krebs on Security - Chercheur Américain The Russian government today handed down a treason conviction and 14-year prison sentence on Iyla Sachkov, the former founder and CEO of one of Russia\'s largest cybersecurity firms. Sachkov, 37, has been detained for nearly two years under charges that the Kremlin has kept classified and hidden from public view, and he joins a growing roster of former Russian cybercrime fighters who are now serving hard time for farcical treason convictions.]]> 2023-07-26T17:29:40+00:00 https://krebsonsecurity.com/2023/07/russia-sends-cybersecurity-ceo-to-jail-for-14-years/ www.secnews.physaphae.fr/article.php?IdArticle=8361832 False None None 1.00000000000000000000 Krebs on Security - Chercheur Américain Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort, which rents hacked residential and small business devices to cybercriminals looking to hide their true location online.]]> 2023-07-25T21:20:55+00:00 https://krebsonsecurity.com/2023/07/who-and-what-is-behind-the-malware-proxy-service-socksescort/ www.secnews.physaphae.fr/article.php?IdArticle=8361436 False Malware None 3.0000000000000000 Krebs on Security - Chercheur Américain Many things have changed since 2018, such as the names of the companies in the Fortune 100 list. But one aspect of that vaunted list that hasn\'t shifted much since is that very few of these companies list any security professionals within their top executive ranks. The next time you receive a breach notification letter that invariably says a company you trusted places a top priority on customer security and privacy, consider this: Only four of the Fortune 100 companies currently list a security professional in the executive leadership pages of their websites. This is actually down from five of the Fortune 100 in 2018, the last time KrebsOnSecurity performed this analysis.]]> 2023-07-21T19:11:16+00:00 https://krebsonsecurity.com/2023/07/few-fortune-100-firms-list-security-pros-in-their-executive-ranks/ www.secnews.physaphae.fr/article.php?IdArticle=8359834 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain [This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] In 2019, a Canadian company called Defiant Tech Inc. pleaded guilty to running LeakedSource[.]com, a service that sold access to billions of passwords and other data exposed in countless data breaches. KrebsOnSecurity has learned that the owner of Defiant Tech, a 32-year-old Ontario man named Jordan Evan Bloom, was hired in late 2014 as a developer for the marital infidelity site AshleyMadison.com. Bloom resigned from AshleyMadison citing health reasons in June 2015 -- less than one month before unidentified hackers stole data on 37 million users -- and launched LeakedSource three months later.]]> 2023-07-18T14:57:04+00:00 https://krebsonsecurity.com/2023/07/leakedsource-owner-quit-ashley-madison-a-month-before-2015-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8358284 False Hack None 3.0000000000000000 Krebs on Security - Chercheur Américain [This is Part II of a story published here last week on reporting that went into a new Hulu documentary series on the 2015 Ashley Madison hack.] It was around 9 p.m. on Sunday, July 19, when I received a message through the contact form on KrebsOnSecurity.com that the marital infidelity website AshleyMadison.com had been hacked. The message contained links to confidential Ashley Madison documents, and included a manifesto that said a hacker group calling itself the Impact Team was prepared to leak data on all 37 million users unless Ashley Madison and a sister property voluntarily closed down within 30 days.]]> 2023-07-13T21:45:02+00:00 https://krebsonsecurity.com/2023/07/seo-expert-hired-and-fired-by-ashley-madison-turned-on-company-promising-revenge/ www.secnews.physaphae.fr/article.php?IdArticle=8356218 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain Microsoft Corp. today released software updates to quash 130 security bugs in its Windows operating systems and related software, including at least five flaws that are already seeing active exploitation. Meanwhile, Apple customers have their own zero-day woes again this month: On Monday, Apple issued (and then quickly pulled) an emergency update to fix a zero-day vulnerability that is being exploited on MacOS and iOS devices.]]> 2023-07-11T22:55:07+00:00 https://krebsonsecurity.com/2023/07/apple-microsoft-patch-tuesday-july-2023-edition/ www.secnews.physaphae.fr/article.php?IdArticle=8354824 False Vulnerability None 3.0000000000000000 Krebs on Security - Chercheur Américain When the marital infidelity website AshleyMadison.com learned in July 2015 that hackers were threatening to publish data stolen from 37 million users, the company\'s then-CEO Noel Biderman was quick to point the finger at an unnamed former contractor. But as a new documentary series on Hulu reveals [SPOILER ALERT!], there was just one problem with that theory: Their top suspect had killed himself more than a year before the hackers began publishing stolen user data.]]> 2023-07-07T19:55:45+00:00 https://krebsonsecurity.com/2023/07/top-suspect-in-2015-ashley-madison-hack-committed-suicide-in-2014/ www.secnews.physaphae.fr/article.php?IdArticle=8353474 False Hack None 3.0000000000000000 Krebs on Security - Chercheur Américain If you\'ve ever owned a domain name, the chances are good that at some point you\'ve received a snail mail letter which appears to be a bill for a domain or website-related services. In reality, these misleading missives try to trick people into paying for useless services they never ordered, don\'t need, and probably will never receive. Here\'s a look at the most recent incarnation of this scam -- DomainNetworks -- and some clues about who may be behind it.]]> 2023-07-03T14:56:35+00:00 https://krebsonsecurity.com/2023/07/whos-behind-the-domainnetworks-snail-mail-scam/ www.secnews.physaphae.fr/article.php?IdArticle=8351833 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain Nikita Kislitsin, formerly the head of network security for one of Russia\'s top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. Department of Justice. Experts say Kislitsin\'s prosecution could soon put the Kazakhstan government in a sticky diplomatic position, as the Kremlin is already signaling that it intends to block his extradition to the United States.]]> 2023-06-29T18:30:08+00:00 https://krebsonsecurity.com/2023/06/russian-cybersecurity-executive-arrested-for-alleged-role-in-2012-megahacks/ www.secnews.physaphae.fr/article.php?IdArticle=8350721 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain Joseph James "PlugwalkJoe" O\'Connor, a 24-year-old from the United Kingdom who earned his 15 minutes of fame by participating in the July 2020 hack of Twitter, has been sentenced to five years in a U.S. prison. That may seem like harsh punishment for a brief and very public cyber joy ride. But O\'Connor also pleaded guilty in a separate investigation involving a years-long spree of cyberstalking and cryptocurrency theft enabled by "SIM swapping," a crime wherein fraudsters trick a mobile provider into diverting a customer\'s phone calls and text messages to a device they control.]]> 2023-06-27T19:44:03+00:00 https://krebsonsecurity.com/2023/06/u-k-cyber-thug-plugwalkjoe-gets-5-years-in-prison/ www.secnews.physaphae.fr/article.php?IdArticle=8349868 False Hack None 2.0000000000000000 Krebs on Security - Chercheur Américain The United Parcel Service (UPS) says fraudsters have been harvesting phone numbers and other information from its online shipment tracking tool in Canada to send highly targeted SMS phishing (a.k.a. "smishing") messages that spoofed UPS and other top brands. The missives addressed recipients by name, included details about recent orders, and warned that those orders wouldn\'t be shipped unless the customer paid an added delivery fee.]]> 2023-06-22T19:11:33+00:00 https://krebsonsecurity.com/2023/06/sms-phishers-harvested-phone-numbers-shipment-data-from-ups-tracking-tool/ www.secnews.physaphae.fr/article.php?IdArticle=8348225 False Tool None 2.0000000000000000 Krebs on Security - Chercheur Américain If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or "crypt" your malware so that it appears benign to antivirus and security products. In fact, the process of "crypting" malware is sufficiently complex and time-consuming that most serious cybercrooks will outsource this critical function to a handful of trusted third parties. This story explores the history and identity behind Cryptor[.]biz, a long-running crypting service that is trusted by some of the biggest names in cybercrime.]]> 2023-06-21T18:39:36+00:00 https://krebsonsecurity.com/2023/06/why-malware-crypting-services-deserve-more-scrutiny/ www.secnews.physaphae.fr/article.php?IdArticle=8347796 False Malware None 4.0000000000000000 Krebs on Security - Chercheur Américain The U.S. government agency in charge of improving the nation\'s cybersecurity posture is ordering all federal civilian agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances.]]> 2023-06-15T15:40:09+00:00 https://krebsonsecurity.com/2023/06/cisa-order-highlights-persistent-risk-at-network-edge/ www.secnews.physaphae.fr/article.php?IdArticle=8345785 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain Microsoft Corp. today released software updates to fix dozens of security vulnerabilities in its Windows operating systems and other software. This month\'s relatively light patch load has another added bonus for system administrators everywhere: It appears to be the first Patch Tuesday since March 2022 that isn\'t marred by the active exploitation of a zero-day vulnerability in Microsoft\'s products.]]> 2023-06-13T20:44:28+00:00 https://krebsonsecurity.com/2023/06/microsoft-patch-tuesday-june-2023-edition/ www.secnews.physaphae.fr/article.php?IdArticle=8344961 False Vulnerability None 2.0000000000000000 Krebs on Security - Chercheur Américain It\'s not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware -- as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda Networks, as the company struggled to combat a sprawling malware threat which appears to have undermined its email security appliances in such a fundamental way that they can no longer be safely updated with software fixes.]]> 2023-06-08T20:17:06+00:00 https://krebsonsecurity.com/2023/06/barracuda-urges-replacing-not-patching-its-email-security-gateways/ www.secnews.physaphae.fr/article.php?IdArticle=8343399 False Malware,Vulnerability,Threat,Patching None 4.0000000000000000 Krebs on Security - Chercheur Américain One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to create large numbers of new throwaway email accounts. Now a new service offers to help dramatically cut costs associated with large-scale spam and account creation campaigns, by paying people to sell their email account credentials and letting customers temporarily rent access to a vast pool of established accounts at major providers.]]> 2023-06-06T20:09:13+00:00 https://krebsonsecurity.com/2023/06/service-rents-email-addresses-for-account-signups/ www.secnews.physaphae.fr/article.php?IdArticle=8342709 False Spam None 2.0000000000000000 Krebs on Security - Chercheur Américain Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software. This post is a deep dive on "Megatraffer," a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015.]]> 2023-06-01T16:15:34+00:00 https://krebsonsecurity.com/2023/06/ask-fitis-the-bear-real-crooks-sign-their-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8341259 False Malware None 2.0000000000000000 Krebs on Security - Chercheur Américain A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark.]]> 2023-05-31T00:19:17+00:00 https://krebsonsecurity.com/2023/05/discord-admins-hacked-by-malicious-bookmarks/ www.secnews.physaphae.fr/article.php?IdArticle=8340685 False None None 4.0000000000000000 Krebs on Security - Chercheur Américain The number of phishing websites tied to domain name registrar Freenom dropped precipitously in the months surrounding a recent lawsuit from social networking giant Meta, which alleged the free domain name provider has a long history of ignoring abuse complaints about phishing websites while monetizing traffic to those abusive domains.]]> 2023-05-26T16:37:15+00:00 https://krebsonsecurity.com/2023/05/phishing-domains-tanked-after-meta-sued-freenom/ www.secnews.physaphae.fr/article.php?IdArticle=8339637 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. What follows is an interview with a Russian hacker responsible for a series of aggressive crypto spam campaigns that recently prompted several large Mastodon communities to temporarily halt new registrations. According to the hacker, their spam software has been in private use until the last few weeks, when it was released as open source code.]]> 2023-05-23T00:15:30+00:00 https://krebsonsecurity.com/2023/05/interview-with-a-crypto-scam-investment-spammer/ www.secnews.physaphae.fr/article.php?IdArticle=8338566 False Spam None 3.0000000000000000 Krebs on Security - Chercheur Américain A Russian man identified by KrebsOnSecurity in January 2022 as a prolific and vocal member of several top ransomware groups was the subject of two indictments unsealed by the Justice Department today. U.S. prosecutors say Mikhail Pavolovich Matveev, a.k.a. "Wazawaka" and "Boriselcin" worked with three different ransomware gangs that extorted hundreds of millions of dollars from companies, schools, hospitals and government agencies.]]> 2023-05-16T21:33:43+00:00 https://krebsonsecurity.com/2023/05/russian-hacker-wazawaka-indicted-for-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8337122 False Ransomware None 3.0000000000000000 Krebs on Security - Chercheur Américain Countless smartphones seized in arrests and searches by police forces across the United States are being auctioned online without first having the data on them erased, a practice that can lead to crime victims being re-victimized, a new study found. In response, the largest online marketplace for items seized in U.S. law enforcement investigations says it now ensures that all phones sold through its platform will be data-wiped prior to auction.]]> 2023-05-16T12:20:58+00:00 https://krebsonsecurity.com/2023/05/re-victimization-from-police-auctioned-cell-phones/ www.secnews.physaphae.fr/article.php?IdArticle=8336950 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain Microsoft today released software updates to fix at least four dozen security holes in its Windows operating systems and other software, including patches for two zero-day vulnerabilities that are already being exploited in active attacks.]]> 2023-05-10T01:19:58+00:00 https://krebsonsecurity.com/2023/05/microsoft-patch-tuesday-may-2023-edition/ www.secnews.physaphae.fr/article.php?IdArticle=8335052 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain The U.S. Federal Bureau of Investigation (FBI) this week seized 13 domain names connected to “booter” services that let paying customers launch crippling distributed denial-of-service (DDoS) attacks. Ten of the domains are reincarnations of DDoS-for-hire services the FBI seized in December 2022, when it charged six U.S. men with computer crimes for allegedly operating booters.]]> 2023-05-09T14:05:44+00:00 https://krebsonsecurity.com/2023/05/feds-take-down-13-more-ddos-for-hire-services/ www.secnews.physaphae.fr/article.php?IdArticle=8334807 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain The U.S. government this week put a $10 million bounty on the head of a Russian man who for the past 18 years operated Try2Check, one of the cybercrime underground\'s most trusted services for checking the validity of stolen credit card data. U.S. authorities say 43-year-old Denis Kulkov\'s card-checking service made him at least $18 million, which he used to buy a Ferrari, Land Rover, and other luxury items.]]> 2023-05-05T01:50:08+00:00 https://krebsonsecurity.com/2023/05/10m-is-yours-if-you-can-get-this-guy-to-leave-russia/ www.secnews.physaphae.fr/article.php?IdArticle=8333664 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain A sprawling online company based in Georgia that has made tens of millions of dollars purporting to sell access to jobs at the United States Postal Service (USPS) has exposed its internal IT operations and database of nearly 900,000 customers. The leaked records indicate the network\'s chief technology officer in Pakistan has been hacked for the past year, and that the entire operation was created by the principals of a Tennessee-based telemarketing firm that has promoted USPS employment websites since 2016.]]> 2023-05-02T22:08:35+00:00 https://krebsonsecurity.com/2023/05/promising-jobs-at-the-u-s-postal-service-us-job-services-leaks-customer-data/ www.secnews.physaphae.fr/article.php?IdArticle=8332948 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain A shocking number of organizations -- including banks and healthcare providers -- are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures all stem from a misconfiguration in Salesforce Community that allows an unauthenticated user to access records that should only be available after logging in.]]> 2023-04-28T02:09:56+00:00 https://krebsonsecurity.com/2023/04/many-public-salesforce-sites-are-leaking-private-data/ www.secnews.physaphae.fr/article.php?IdArticle=8331768 False None None 2.0000000000000000