A Little Sunshine – Page 22 – PossibleThreat Articles

The Great $50M African IP Address Heist

December 11, 2019 0 Comments A Little Sunshine, Adconion Direct, afrinic, afriq*access, bill woodcock, eddy kayihura, infoplan, ipv4leasing, itc, jan vermeulen, mybroadband.co.za, packet clearing house, ron guilmette, the african network information centre, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 11 Dec 2019 22:31:12 +0000

A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions of dollars worth of the increasingly scarce resource to online marketers. The allegations stemmed from a three-year investigation by a U.S.-based researcher whose findings shed light on a murky area of Internet governance that is all too often exploited by spammers and scammers alike.

Independent Krebs Security

Apple Explains Mysterious iPhone 11 Location Requests

December 5, 2019 0 Comments A Little Sunshine, Apple, iphone 11, techcrunch, ultra wideband, zack whittaker

Credit to Author: BrianKrebs| Date: Thu, 05 Dec 2019 19:46:02 +0000

KrebsOnSecurity ran a story this week that puzzled over Apple’s response to inquiries about a potential privacy leak in its new iPhone 11 line, in which the devices appear to intermittently seek the user’s location even when all applications and system services are individually set never to request this data. Today, Apple disclosed that this behavior is tied to the inclusion of a new short-range technology that lets iPhone 11 users share files locally with other nearby phones that support this feature, and that a future version of its mobile operating system will allow users to disable it.

Independent Krebs Security

The iPhone 11 Pro’s Location Data Puzzler

December 3, 2019 0 Comments A Little Sunshine, apple iphone 11 pro, location privacy, location services

Credit to Author: BrianKrebs| Date: Wed, 04 Dec 2019 03:51:15 +0000

One of the more curious behaviors of Apple’s new iPhone 11 Pro is that it intermittently seeks the user’s location information even when all applications and system services on the phone are individually set to never request this data. Apple says this is by design, but that response seems at odds with the company’s own privacy policy.

Independent Krebs Security

Why Were the Russians So Set Against This Hacker Being Extradited?

November 18, 2019 0 Comments A Little Sunshine, alexei burkov, cybereason, directconnection, evgeniy mikhailovich bogachev, fox it, fraudcrew, k0pa, mazafaka, Ne'er-Do-Well News, slavik, spamdot

Credit to Author: BrianKrebs| Date: Mon, 18 Nov 2019 21:19:10 +0000

The Russian government has for the past four years been fighting to keep 29-year-old alleged cybercriminal Alexei Burkov from being extradited by Israel to the United States. When Israeli authorities turned down requests to send him back to Russia — supposedly to face separate hacking charges there — the Russians then imprisoned an Israeli woman for seven years on trumped-up drug charges in a bid to trade prisoners. That effort failed as well, and Burkov had his first appearance in a U.S. court last week. What follows are some clues that might explain why the Russians are so eager to reclaim this young man.

Independent Krebs Security

Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin

November 11, 2019 0 Comments A Little Sunshine, alex holden, github, Hold Security, orvis password exposure, orvis.com, pastebin, tucker kimball

Credit to Author: BrianKrebs| Date: Mon, 11 Nov 2019 17:33:27 +0000

Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator accounts and database servers, KrebsOnSecurity has learned. Orvis says the exposure was inadvertent, and that many of the credentials were already expired.

Independent Krebs Security

Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks

November 7, 2019 0 Comments A Little Sunshine, department of health and human services, hhs, leo scanlon, owen graduate school of management, pbs, The Coming Storm, the new england journal of medicine, vanderbilt university, WannaCry

Credit to Author: BrianKrebs| Date: Thu, 07 Nov 2019 19:48:03 +0000

Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, a new study posits. Health industry experts say the findings should prompt a larger review of how security — or the lack thereof — may be impacting patient outcomes.

Independent Krebs Security

NCR Barred Mint, QuickBooks from Banking Platform During Account Takeover Storm

November 3, 2019 0 Comments A Little Sunshine, credential replay attacks, digital insight, intuit, Mint, ncr corp, quickbooks online, The Coming Storm, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Sun, 03 Nov 2019 21:41:48 +0000

Banking industry giant NCR Corp. [NYSE: NCR] late last month took the unusual step of temporarily blocking third-party financial data aggregators Mint and QuicBooks Online from accessing Digital Insight, an online banking platform used by hundreds of financial institutions. That ban, which came in response to a series of bank account takeovers in which cybercriminals used aggregation sites to surveil and drain consumer accounts, has since been rescinded. But the incident raises fresh questions about the proper role of digital banking platforms in fighting password abuse.

Independent Krebs Security

Takeaways from the $566M BriansClub Breach

October 29, 2019 0 Comments A Little Sunshine, andrei barysevich, briansclub breach, Data Breaches, gemini advisory, mastercard, Ne'er-Do-Well News, visa

Credit to Author: BrianKrebs| Date: Tue, 29 Oct 2019 21:47:58 +0000

Reporting on the exposure of some 26 million stolen credit cards leaked from a top underground cybercrime store highlighted some persistent and hard truths. Most notably, that the world’s largest financial institutions tend to have a much better idea of which merchants and bank cards have been breached than do the thousands of smaller banks and credit unions across the United States. Also, a great deal of cybercrime seems to be perpetrated by a relatively small number of people.

Independent Krebs Security

MyPayrollHR CEO Arrested, Admits to $70M Fraud

September 27, 2019 0 Comments A Little Sunshine, Michael T. Mann, mypayrollHR, Ne'er-Do-Well News

Credit to Author: BrianKrebs| Date: Fri, 27 Sep 2019 16:17:07 +0000

Earlier this month, employees at more than 1,000 companies saw one or two paycheck’s worth of funds deducted from their bank accounts after the CEO of their cloud payroll provider absconded with $35 million in payroll deposits from customers. On Monday, the CEO was arrested and allegedly confessed that the diversion was the last desperate gasp of a financial shell game that earned him $70 million over several years.

Independent Krebs Security

Before He Spammed You, this Sly Prince Stalked Your Mailbox

September 18, 2019 0 Comments A Little Sunshine, Latest Warnings, Ne'er-Do-Well News

Credit to Author: BrianKrebs| Date: Wed, 18 Sep 2019 18:53:16 +0000

A reader forwarded what he briefly imagined might be a bold, if potentially costly, innovation on the old Nigerian prince scam that asks for help squirreling away millions in unclaimed fortune: it was sent via the U.S. Postal Service, with a postmarked stamp and everything. In truth these “advance fee” or “419” scams- – so-called because they violate section 419 of the criminal code of Nigeria where many such lures originate — predate email and have circulated via postal mail in various forms and countries over the years.