Independent – Page 55 – PossibleThreat Articles

Massive Losses Define Epidemic of ‘Pig Butchering’

July 21, 2022 0 Comments A Little Sunshine, chainalysis, courtney nolan, employment fraud, erin west, FBI, ic3.gov, justin maile, Latest Warnings, pig butchering, react task force, The Coming Storm, vice news, Web Fraud 2.0, whatsapp, xtb-market

Credit to Author: BrianKrebs| Date: Thu, 21 Jul 2022 16:35:28 +0000

U.S. state and federal investigators are being inundated with reports from people who’ve lost hundreds of thousands or millions of dollars in connection with a complex investment scam known as “pig butchering,” wherein people are lured by flirtatious strangers online into investing in cryptocurrency trading platforms that eventually seize any funds when victims try to cash out.

ComputerWorld Independent

Will new EU crypto rules change how ransomware is played?

July 20, 2022 0 Comments Financial Services Industry, mobile payment, Security, Technology Industry

Credit to Author: Evan Schuman| Date: Wed, 20 Jul 2022 05:55:00 -0700

Cryptocurrency has always been the payment method of choice for bad guys. Get hit with an enterprise ransomware attack and plan to pay? You’ll need crypto. The key reason cyberthieves love cryptocurrency so much is that it is far harder to trace payments.

That is why a move being attempted by the European Union has so much potential. The EU — in a move that will likely be mimicked by many other regional regulatory forces, including in the United States — is putting in place tracking requirements for all cryptocurrency.

If it is successful, and the EU has an excellent track record on precisely these kinds of changes, cryptocurrency may quickly fade as the thief’s payment of choice.

To read this article in full, please click here

ComputerWorld Independent

How to stay smart about Android app permissions

July 20, 2022 0 Comments Android, Data privacy, Google, mobile apps, Privacy, Security

Credit to Author: JR Raphael| Date: Wed, 20 Jul 2022 03:00:00 -0700

When it comes to Android and privacy, we’re accustomed to seeing things move in a certain direction.

It’s simple, really: With each new Android version, it usually gets easier to manage your privacy and understand how your information is being used. And we typically get more front-facing tools and under-the-hood improvements that allow us to handle that stuff intelligently. Obviously, right?

To read this article in full, please click here

Independent Krebs Security

A Deep Dive Into the Residential Proxy Service ‘911’

July 18, 2022 0 Comments 911, A Little Sunshine, international media ltd., Ne'er-Do-Well News, nicolae aurelian mazgarean, ppc leads srl, proxygate, residential proxy, riley kilmer, spur.us, university of sherbrooke, ustraffic@qq.com, vip72, Web Fraud 2.0, wugaa enterprises llc, yunhe wang

Credit to Author: BrianKrebs| Date: Mon, 18 Jul 2022 16:11:12 +0000

For the past seven years, an online service known as 911 has sold access to hundreds of thousands of Microsoft Windows computers daily, allowing customers to route malicious traffic through PCs in virtually any country or city around the globe — but predominantly in the United States. The proxy service says its network is made up entirely of users who voluntarily install the proxy software. But new research shows 911 has a long history of purchasing installations via shady “pay-per-install” affiliate marketing schemes, some of which 911 operated on its own.

Independent Krebs Security

Why 8kun Went Offline During the January 6 Hearings

July 15, 2022 0 Comments 8kun, A Little Sunshine, january 6 hearings, psychz networks, The Coming Storm, vanwatech

Credit to Author: BrianKrebs| Date: Fri, 15 Jul 2022 19:43:05 +0000

The latest Jan. 6 committee hearing on Tuesday examined the role of conspiracy theory communities like 8kun[.]top and TheDonald[.]win in helping to organize and galvanize supporters who responded to former President Trump’s invitation to “be wild” in Washington, D.C. on that chaotic day. At the same time the committee was hearing video testimony from 8kun founder Jim Watkins, 8kun and a slew of similar websites were suddenly yanked offline. Watkins suggested the outage was somehow related to the work of the committee, but the truth is KrebsOnSecurity was responsible and the timing was pure coincidence.

ComputerWorld Independent

With a light July Patch Tuesday, it's time to invest in your IT processes

July 15, 2022 0 Comments Microsoft, Security, small and medium business, Windows

Credit to Author: Greg Lambert| Date: Fri, 15 Jul 2022 12:04:00 -0700

Though we get a reprieve from Exchange updates in this month’s Patch Tuesday update, more printer updates are on the way. Even with no updates for Microsoft Exchange or Visual Studio, Adobe is back with 15 critical updates for Adobe Reader. And Microsoft’s new patch deployment tool Auto-Patch is now live. (I always thought application testing was the main problem here, but actually getting patches deployed is still tough.)

Though the numbers are still quite high (with 86+ reported vulnerabilities), the testing and deployment profile for July should be fairly moderate. We suggest taking the time to harden your Exchange Server defenses and mitigation processes, and invest in your testing processes.

To read this article in full, please click here

ComputerWorld Independent

Drop, crack, d'oh! My broken Android phone epiphany

July 13, 2022 0 Comments Android, Data privacy, Privacy, Security, smartphones

Credit to Author: JR Raphael| Date: Wed, 13 Jul 2022 03:00:00 -0700

Man, I had one hell of a streak.

All these years — approximately 7,967 since I first started using and writing about Android — and somehow, rather miraculously, I’d never outright broken a phone.

Impressive, I know. But don’t let yourself get wrapped in awe yet, my fellow drop-dreading denizen: My streak of impeccable Android phone protection has officially come to a crashing halt.

Now, I didn’t technically drop my phone, mind you. And I didn’t technically break it myself, either. But it was definitely broken. And it happened on my watch.

To read this article in full, please click here

Independent Krebs Security

Microsoft Patch Tuesday, July 2022 Edition

July 12, 2022 0 Comments cve-2022-22022, cve-2022-22029, cve-2022-22038, cve-2022-22039, cve-2022-22041, cve-2022-22047, cve-2022-30206, cve-2022-30221, cve-2022-30226, dan goodin, greg wiseman, immersive labs, kevin breen, microsoft patch tuesday july 2022, rapid7, security tools, sergiu gatlan, tenable, Time to Patch

Credit to Author: BrianKrebs| Date: Wed, 13 Jul 2022 01:02:49 +0000

Microsoft today released updates to fix at least 86 security vulnerabilities in its Windows operating systems and other software, including a weakness in all supported versions of Windows that Microsoft warns is actively being exploited. The software giant also has made a controversial decision to put the brakes on a plan to block macros in Office documents downloaded from the Internet.

ComputerWorld Independent

Now’s the time to prep for Microsoft’s Excel macro crackdown

July 11, 2022 0 Comments Microsoft, Security, small and medium business, Windows

Credit to Author: Susan Bradley| Date: Mon, 11 Jul 2022 08:56:00 -0700

On July 8, Microsoft pulled back from its decision in February to block macros in Excel documents by default. Microsoft had said it would block Excel files that contained macros if they were downloaded from the internet. (Malicious actors use these lures as a way to launch attacks on networks; specifically, ransomware and other types of malicious activity can launched from a plain, old malicious spreadsheet.)

Microsoft still plans to put this blocking in place, but only after “a better experience.” In the meantime, there are actions you can take now so you won’t need to worry about the change in the future.

If you work for a firm that’s developed spreadsheets for your own internal office use, chances are the spreadsheet does not have a digital signature. Signing machos is similar to how websites use SSL certificates to validate the site is legit. The hardest part of the self-signing process is deciding whether you want to purchase a code-signing certificate or use the self-signed certificate process. (I can tell you from personal experience that trying to purchase a code-signing certificate is an expensive and cumbersome process. I don’t recommend that option, except for large enterprises where the code-signing process is routine.)

To read this article in full, please click here

Independent Krebs Security

Experian, You Have Some Explaining to Do

July 10, 2022 0 Comments A Little Sunshine, arthur rishi, emory roan, Equifax, experian, john turner, Latest Warnings, nicholas weaver, privacyrights.org, transunion, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Mon, 11 Jul 2022 04:07:15 +0000

Twice in the past month KrebsOnSecurity has heard from readers who’ve had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn’t theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts. Research suggests identity thieves were able to hijack the accounts simply by signing up for new accounts at Experian using the victim’s personal information and a different email address.