Krebs – Page 34 – PossibleThreat Articles

Microsoft Patch Tuesday, February 2022 Edition

February 8, 2022 0 Comments allan liska, andrew cunningham, ars technica, cve-2022-21989, cve-2022-21996, cve-2022-22005, greg wiseman, immersive labs, kevin breen, print spooler, rapid7, recorded future, Time to Patch, win32k

Credit to Author: BrianKrebs| Date: Tue, 08 Feb 2022 22:38:16 +0000

Microsoft today released software updates to plug security holes in its Windows operating systems and related software. This month’s relatively light patch batch is refreshingly bereft of any zero-day threats, or even scary critical vulnerabilities. But it does fix four dozen flaws, including several that Microsoft says will likely soon be exploited by malware or malcontents.

Independent Krebs Security

IRS To Ditch Biometric Requirement for Online Access

February 7, 2022 0 Comments A Little Sunshine, id.me, internal revenue service, sen. ron wyden, the washington post, u.s. general services administration

Credit to Author: BrianKrebs| Date: Mon, 07 Feb 2022 20:56:52 +0000

The Internal Revenue Service (IRS) said today it will be transitioning away from requiring biometric data from taxpayers who wish to access their records at the agency’s website. The reversal comes as privacy experts and lawmakers have been pushing the IRS and other federal agencies to find less intrusive methods for validating one’s identity with the U.S. government online.

Independent Krebs Security

How Phishers Are Slinking Their Links Into LinkedIn

February 3, 2022 0 Comments A Little Sunshine, amazon, avanan, check point, fortinet, irs, jeremy fuchs, Latest Warnings, LinkedIn, Microsoft, Paypal, slinks, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Thu, 03 Feb 2022 18:49:38 +0000

If you received a link to LinkedIn.com via email, SMS or instant message, would you click it? Spammers, phishers and other ne’er-do-wells are hoping you will, because they’ve long taken advantage of a marketing feature on the business networking site which lets them create a LinkedIn.com link that bounces your browser to other websites, such as phishing pages that mimic top online brands (but chiefly Linkedin’s parent firm Microsoft).

Independent Krebs Security

Fake Investor John Bernard Sinks Norwegian Green Shipping Dreams

February 2, 2022 0 Comments A Little Sunshine, freidig shipping, guy devos, harald berglihn, harald vanvik, inside knowledge, john bernard, john clifton davies, Ne'er-Do-Well News, nils-odd tønnevold, the weeknd, uber, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Sat, 29 Jan 2022 18:05:52 +0000

Several articles here have delved into the history of John Bernard, the pseudonym used by a fake billionaire technology investor who’s tricked dozens of start-ups into giving him tens of millions of dollars. Bernard’s latest victim — a Norwegian startup hoping to build a fleet of environmentally friendly shipping vessels — is now embroiled in a lawsuit over a deal gone bad, in which Bernard falsely claimed to have secured $100 million from six other wealthy investors, including the founder of Uber and the artist Abel Makkonen Tesfaye, better known as The Weeknd.

Independent Krebs Security

Who Wrote the ALPHV/BlackCat Ransomware Strain?

February 2, 2022 0 Comments @cookiedays, A Little Sunshine, alphv ransomware, binrs, blackcat ransomware, blackmatter, Breadcrumbs, catalin cimpanu, darkside, duckerman, duckermanit, flashpoint, jason hill, Ne'er-Do-Well News, paul roberts, ramp, recorded future, reversinglabs, revil, sergey duck, sergey kryakov, sergey penchikov, smiseo, the record, tox, varonis, ybcat

Credit to Author: BrianKrebs| Date: Fri, 28 Jan 2022 13:18:36 +0000

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “BlackCat”), considered to be the first professional cybercrime group to create and use a ransomware strain in the Rust programming language. In this post, we’ll explore some of the clues left behind by the developer who was reputedly hired to code the ransomware variant.

Independent Krebs Security

Scary Fraud Ensues When ID Theft & Usury Collide

February 2, 2022 0 Comments A Little Sunshine, buckley llp, installment loan, leslie bailey, mountain summit financial, native american financial services association, payday loan, public justice, The Coming Storm, tribal lenders, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 25 Jan 2022 19:48:40 +0000

What’s worse than finding out that identity thieves took out a 546 percent interest payday loan in your name? How about a 900 percent interest loan? Or how about not learning of the fraudulent loan until it gets handed off to collection agents? One reader’s nightmare experience spotlights what can happen when ID thieves and hackers start targeting online payday lenders.

Independent Krebs Security

Crime Shop Sells Hacked Logins to Other Crime Shops

February 2, 2022 0 Comments A Little Sunshine, accountz club, genesis market, Ne'er-Do-Well News, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Fri, 21 Jan 2022 17:11:36 +0000

Up for the “Most Meta Cybercrime Offering” award this year is Accountz Club, a new cybercrime store that sells access to purloined accounts at services built for cybercriminals, including shops peddling stolen payment cards and identities, spamming tools, email and phone bombing services, and those selling authentication cookies for a slew of popular websites.

Independent Krebs Security

IRS Will Soon Require Selfies for Online Access

February 2, 2022 0 Comments A Little Sunshine, blake hall, Equifax, id.me, tax refund fraud, u.s. internal revenue service

Credit to Author: BrianKrebs| Date: Wed, 19 Jan 2022 17:15:06 +0000

If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year. The agency says that by the summer of 2022, the only way to log in to irs.gov will be through ID.me, an online identity verification service that requires applicants to submit copies of bills and identity documents, as well as a live video feed of their faces via a mobile device.

Independent Krebs Security

At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates

February 2, 2022 0 Comments andrey sergeevich bessonov, colonial pipeline, darkside, dmitri alperovitch, FSB, gandcrab, immersive labs, kevin breen, Ne'er-Do-Well News, notpetya, president biden, Ransomware, revil, roman gennadyevich muromsky, The Coming Storm, vladimir putin

Credit to Author: BrianKrebs| Date: Fri, 14 Jan 2022 22:41:34 +0000

The Russian government said today it arrested 14 people accused of working for “REvil,” a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The Russian Federal Security Service (FSB) said the actions were taken in response to a request from U.S. officials, but many experts believe the crackdown is part of an effort to reduce tensions over Russian President Vladimir Putin’s decision to station 100,000 troops along the nation’s border with Ukraine.

Independent Krebs Security

Who is the Network Access Broker ‘Wazawaka?’

February 2, 2022 0 Comments 902228, abakan, abaza, Breadcrumbs, constella intelligence, cs-arena.org, darkside, ddosis.ru, devdelphi@yandex.ru, domaintools, flashpoint, initial access broker, kopyovo-a, lockbit, mikhail matveev, mikhail mix matveev, mix@devilart.net, mixfb@yandex.ru, Ne'er-Do-Well News, Ransomware, uhodiransomware, wazawaka

Credit to Author: BrianKrebs| Date: Wed, 12 Jan 2022 05:17:31 +0000

In a great many ransomware attacks, the criminals who pillage the victim’s network are not the same crooks who gained the initial access to the victim organization. More commonly, the infected PC or stolen VPN credentials the gang used to break in were purchased from a cybercriminal middleman known as an initial access broker. This post examines some of the clues left behind by Wazawaka, the handle chosen by a major access broker in the Russian-speaking cybercrime scene.