Krebs – Page 40 – PossibleThreat Articles

It’s Way Too Easy to Get a .gov Domain Name

November 26, 2019 0 Comments cisa, cybersecurity and infrastructure security agency, dotgov bill, dotgov.gov, exeterri.gov, john levine, The Coming Storm, town.exeter.ri.us, U.S. Department of Homeland Security, u.s. general services administration, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 27 Nov 2019 02:08:55 +0000

Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a .gov domain versus a commercial one ending in .com or .org. But a recent experience suggests this trust may be severely misplaced, and that it is relatively straightforward for anyone to obtain their very own .gov domain.

Independent Krebs Security

Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

November 26, 2019 0 Comments Data Breaches, focus brands, gemini advisory, Joker's stash, krystal breach, mcalister's deli breach, moe's breach, payment card industry security standards, pci, schlotsky's breach, The Coming Storm, verizon

Credit to Author: BrianKrebs| Date: Tue, 26 Nov 2019 13:32:21 +0000

On Nov. 23, one of the cybercrime underground’s largest bazaars for buying and selling stolen payment card data announced the immediate availability of some four million freshly-hacked debit and credit cards. KrebsOnSecurity has learned this latest batch of cards was siphoned from four different compromised restaurant chains that are most prevalent across the midwest and eastern United States.

Independent Krebs Security

Hidden Cam Above Bluetooth Pump Skimmer

November 25, 2019 0 Comments All About Skimmers, bluetooth pump skimmer, detective matt jogodka

Credit to Author: BrianKrebs| Date: Mon, 25 Nov 2019 16:40:24 +0000

Tiny hidden spy cameras are a common sight at ATMs that have been tampered with by crooks who specialize in retrofitting the machines with card skimmers. But until this past week I’d never heard of hidden cameras being used at gas pumps in tandem with Bluetooth-based card skimming devices. Apparently, I’m not alone. “I believe this is the first time I’ve seen a camera on a gas pump with a Bluetooth card skimmer,” said Detective Matt Jogodka of the Las Vegas Police Department, referring to the compromised fuel pump pictured below. Apparently, I’m not alone. “I believe this is the first time I’ve seen a camera on a gas pump with a Bluetooth card skimmer,” said Detective Matt Jogodka of the Las Vegas Police Department, referring to the compromised fuel pump pictured below.

Independent Krebs Security

110 Nursing Homes Cut Off from Health Records in Ransomware Attack

November 22, 2019 0 Comments alex holden, Hold Security, karen christianson, Ransomware, The Coming Storm, vcpi

Credit to Author: BrianKrebs| Date: Sat, 23 Nov 2019 05:02:32 +0000

A ransomware outbreak has besieged a Wisconsin based IT company that provides cloud data hosting, security and access management to more than 100 nursing homes across the United States. The ongoing attack is preventing these care centers from accessing crucial patient medical records, and the IT company’s owner says she fears this incident could soon lead not only to the closure of her business, but also to the untimely demise of some patients.

Independent Krebs Security

DDoS-for-Hire Boss Gets 13 Months Jail Time

November 20, 2019 0 Comments andrew quez, brian martinez, DDoS-for-hire, Hackforums, Ne'er-Do-Well News, rasbora, sergiy p. usatyuk

Credit to Author: BrianKrebs| Date: Wed, 20 Nov 2019 13:05:15 +0000

A 21-year-old Illinois man was sentenced last week to 13 months in prison for running multiple DDoS-for-hire services that launched millions of attacks over several years. This individual’s sentencing comes more than five years after KrebsOnSecurity interviewed both the defendant and his father and urged the latter to take a more active interest in his son’s online activities.

Independent Krebs Security

Ransomware Bites 400 Veterinary Hospitals

November 19, 2019 0 Comments Data Breaches, greg hartmann, laura koester, national veterinary associates, nva ransomware, Ransomware, robert hill, ryuk

Credit to Author: BrianKrebs| Date: Tue, 19 Nov 2019 14:43:18 +0000

National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilities around the globe, is still working to recover from a ransomware attack late last month that affected more than half of those properties, separating many veterinary practices from their patient records, payment systems and practice management software. NVA says it expects to have all facilities fully back up and running normally within the next week.

Independent Krebs Security

Why Were the Russians So Set Against This Hacker Being Extradited?

November 18, 2019 0 Comments A Little Sunshine, alexei burkov, cybereason, directconnection, evgeniy mikhailovich bogachev, fox it, fraudcrew, k0pa, mazafaka, Ne'er-Do-Well News, slavik, spamdot

Credit to Author: BrianKrebs| Date: Mon, 18 Nov 2019 21:19:10 +0000

The Russian government has for the past four years been fighting to keep 29-year-old alleged cybercriminal Alexei Burkov from being extradited by Israel to the United States. When Israeli authorities turned down requests to send him back to Russia — supposedly to face separate hacking charges there — the Russians then imprisoned an Israeli woman for seven years on trumped-up drug charges in a bid to trade prisoners. That effort failed as well, and Burkov had his first appearance in a U.S. court last week. What follows are some clues that might explain why the Russians are so eager to reclaim this young man.

Independent Krebs Security

Orcus RAT Author Charged in Malware Scheme

November 13, 2019 0 Comments australian federal police, blackshades rat, john revesz, luminositylink, nanocore rat, Ne'er-Do-Well News, orcus rat, orcus technologies, rcmp, royal canadian mounted police, taylor huddleston

Credit to Author: BrianKrebs| Date: Wed, 13 Nov 2019 15:41:17 +0000

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT, a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme.

Independent Krebs Security

Patch Tuesday, November 2019 Edition

November 12, 2019 0 Comments Adobe, cve-2019-1429, cve-2019-1457, internet explorer zero-day, macros, Microsoft, office for mac, Time to Patch, windows 7 end-of-life

Credit to Author: BrianKrebs| Date: Tue, 12 Nov 2019 22:04:32 +0000

Microsoft today released updates to plug security holes in its software, including patches to fix at least 74 weaknesses in various flavors of Windows and in software that runs on top of it. The November updates include patches for a zero-day flaw in Internet Explorer that is currently being exploited in the wild, as well as a sneaky bug in certain versions of Office for Mac that bypasses security protections and was detailed publicly prior to today’s patches.

Independent Krebs Security

Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin

November 11, 2019 0 Comments A Little Sunshine, alex holden, github, Hold Security, orvis password exposure, orvis.com, pastebin, tucker kimball

Credit to Author: BrianKrebs| Date: Mon, 11 Nov 2019 17:33:27 +0000

Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator accounts and database servers, KrebsOnSecurity has learned. Orvis says the exposure was inadvertent, and that many of the credentials were already expired.