Ransomware Gangs Don’t Need PR Help.
We've seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Such coverage is potentially quite harmful and plays deftly into...
COVID-19 ‘Breach Bubble’ Waiting to Pop?.
The COVID-19 pandemic has made it harder for banks to trace the source of payment card data stolen from smaller, hacked online merchants. On the plus side, months of quarantine have massively decreased demand for account information that thieves buy and use to create physical counterfeit credit c...
Russian Cybercrime Boss Burkov Gets 9 Years.
A well-connected Russian hacker once described as “an asset of supreme importance” to Moscow was sentenced on Friday to nine years in a U.S. prison after pleading guilty to running a site that sold stolen payment card data, and to administering a highly secretive crime forum that counted amon...
New Charges, Sentencing in Satori IoT Botnet Conspiracy.
The U.S. Justice Department today criminally charged a Canadian and a Northern Ireland man for allegedly conspiring to build multiple botnets that enslaved hundreds of thousands of routers and other Internet of Things (IoT) devices for use in large-scale distributed denial-of-service (DDoS) attac...
‘BlueLeaks’ Exposes Files from Hundreds of Police Departments.
Hundreds of thousands of potentially sensitive files from police departments across the United States were leaked online last week. The collection, dubbed "BlueLeaks" and made searchable via a new website by the same name, stems from a security breach at a Texas web design and hosting company tha...
Turn on MFA Before Crooks Do It For You.
Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. But people who don't take advantage of these added safeguards may find it far more difficult to regain access when th...
FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy.
An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling...
When Security Takes a Backseat to Productivity.
"We must care as much about securing our systems as we care about running them if we are to make the necessary revolutionary change." -CIA's Wikileaks Task Force.
So ends a key section of a report the U.S. Central Intelligence Agency produced in the wake of a mammoth data breach in 2016 that led...
Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com.
For the past year, a site called Privnotes.com has been impersonating Privnote.com, a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Until recently, I couldn't quite work out what Privnotes was up to, but today it became cry...
Microsoft Patch Tuesday, June 2020 Edition.
Microsoft today released software patches to plug at least 129 security holes in its Windows operating systems and supported software, by some accounts a record number of fixes in one go for the software giant. None of the bugs addressed this month are known to have been exploited or detailed pri...
Romanian Skimmer Gang in Mexico Outed by KrebsOnSecurity Stole $1.2 Billion.
An exhaustive inquiry published today by a consortium of investigative journalists says a three-part series KrebsOnSecurity published in 2015 on a Romanian ATM skimming gang operating in Mexico's top tourist destinations disrupted their highly profitable business, which raked in an estimated $20 million a month and enjoyed the protection of top Mexican authorities.
Owners of DDoS-for-Hire Service vDOS Get 6 Months Community Service.
The co-owners of vDOS, a now-defunct service that for four years helped paying customers launch more than two million distributed denial-of-service (DDoS) attacks that knocked countless Internet users and websites offline, each have been sentenced to six months of community service by an Israeli court.
Krebs on Security Feed.
This is a non-official / unaffiliated RSS->Social feed from Brian Krebs website https://krebsonsecurity.com/.
Since many of us are leaving twitter, this feed can be useful to stay on track of his site updates.
Open Source Social Network. Focused on technology, networking, linux, privacy and security, but open to anyone. Managed by the noc.org team.