Hold Security – PossibleThreat Articles

U.S. Internet Leaked Years of Internal, Customer Emails

February 14, 2024 0 Comments A Little Sunshine, alex holden, Data Breaches, Hold Security, Latest Warnings, securence, travis carter, u.s. internet corp.

Credit to Author: BrianKrebs| Date: Wed, 14 Feb 2024 16:45:46 +0000

The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence, which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. But until it was notified last week, U.S. Internet was publishing more than a decade’s worth of its internal email — and that of thousands of Securence clients — in plain text out on the Internet and just a click away for anyone with a Web browser.

Independent Krebs Security

New Ransom Payment Schemes Target Executives, Telemedicine

December 8, 2022 0 Comments alex holden, cl0p, clop ransomware, emsisoft, fabian wosar, Hold Security, Ransomware, ta505, The Coming Storm, tripwire, venus ransomware, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Thu, 08 Dec 2022 18:25:04 +0000

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. The first centers on targeting healthcare organizations that offer consultations over the Internet and sending them booby-trapped medical records for the “patient.” The other involves carefully editing email inboxes of public company executives to make it appear that some were involved in insider trading.

Independent Krebs Security

Disneyland Malware Team: It’s a Puny World After All

November 16, 2022 0 Comments A Little Sunshine, alex holden, disneyland team, gozi trojan, Hold Security, Ne'er-Do-Well News, Web Fraud 2.0, web injects

Credit to Author: BrianKrebs| Date: Wed, 16 Nov 2022 17:32:00 +0000

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode, an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic and Ukrainian.

Independent Krebs Security

It Might Be Our Data, But It’s Not Our Breach

August 11, 2022 0 Comments A Little Sunshine, alex holden, AT&T, at&t internet, bellsouth.net, bleeping computer, Data Breaches, databreaches.net, Hold Security, lawrence abrams, new jersey cybersecurity & communications integration cell, sbcglobal.net, shinyhunters, T-Mobile, The Coming Storm, u-verse, white house market

Credit to Author: BrianKrebs| Date: Thu, 11 Aug 2022 17:45:31 +0000

A cybersecurity firm says it has intercepted a large, unique stolen data set containing the names, addresses, email addresses, phone numbers, Social Security Numbers and dates of birth on nearly 23 million Americans. The firm’s analysis of the data suggests it corresponds to current and former customers of AT&T. The telecommunications giant stopped short of saying the data wasn’t theirs, but it maintains the records do not appear to have come from its systems and may be tied to a previous data incident at another company.

Independent Krebs Security

The Security Pros and Cons of Using Email Aliases

August 10, 2022 0 Comments A Little Sunshine, alex holden, allekabels, Data Breaches, email alias, haveibeenpwned.com, Hold Security, rtl nieuws, security tools, troy hunt

Credit to Author: BrianKrebs| Date: Wed, 10 Aug 2022 15:10:59 +0000

One way to tame your email inbox is to get in the habit of using unique email aliases when signing up for new accounts online. Adding a “+” character after the username portion of your email address — followed by a notation specific to the site you’re signing up at — lets you create an infinite number of unique email addresses tied to the same account. Aliases can help users detect breaches and fight spam. But not all websites allow aliases, and they can complicate account recovery. Here’s a look at the pros and cons of adopting a unique alias for each website.

Independent Krebs Security

Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

March 17, 2022 0 Comments alex holden, github, Hold Security, protestware, russia's war on ukraine, The Coming Storm

Credit to Author: BrianKrebs| Date: Thu, 17 Mar 2022 22:33:21 +0000

Researchers are tracking a number of open-source “protestware” projects on GitHub that have recently altered their code to display “Stand with Ukraine” messages for users, or basic facts about the carnage in Ukraine. The group also is tracking several code packages that were recently modified to erase files on computers that appear to be coming from Russian or Belarusian Internet addresses.

Independent Krebs Security

Conti Ransomware Group Diaries, Part I: Evasion

March 1, 2022 0 Comments alex holden, alla witte, conti, conti breach, conti ransomware, contileaks, emercoin, emerdns, hof, Hold Security, Ne'er-Do-Well News, Ransomware, revil ransomware, stern, The Coming Storm, trickbot, ukraine

Credit to Author: BrianKrebs| Date: Tue, 01 Mar 2022 20:50:30 +0000

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti, an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. The chat logs offer a fascinating glimpse into the challenges of running a sprawling criminal enterprise with more than 100 salaried employees. The records also provide insight into how Conti has dealt with its own internal breaches and attacks from private security firms and foreign governments.

Independent Krebs Security

Coronavirus Widens the Money Mule Pool

March 17, 2020 0 Comments A Little Sunshine, alex holden, bitcoin atm scam, coronavirus scam, globalgiving, Hold Security, holdsecurity.com, kevin conroy, Latest Warnings, vasty health care foundation, vastyhealthcarefoundation.com, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 17 Mar 2020 22:11:46 +0000

With many people being laid off or working from home thanks to the Coronavirus pandemic, cybercrooks are almost certain to have more than their usual share of recruitable “money mules” — people who get roped into money laundering schemes under the pretense of a work-at-home job offer. Here’s the story of one upstart mule factory that spoofs a major nonprofit and tells new employees they’ll be collecting and transmitting donations for an international “Coronavirus Relief Fund.”

Independent Krebs Security

Zyxel Fixes 0day in Network Storage Devices

February 24, 2020 0 Comments 0day, 500mhz, alex holden, cert coordination center, cert/cc, cve-2020-9054, dhs, emotet, Hold Security, Latest Warnings, Ransomware, The Coming Storm, Time to Patch, zero day, zyxel communications corp.

Credit to Author: BrianKrebs| Date: Mon, 24 Feb 2020 17:13:11 +0000

Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerability were being sold for $20,000 in the cybercrime underground. Based in Taiwan, Zyxel Communications Corp. (a.k.a “ZyXEL”) is a maker of networking devices, including Wi-Fi routers, NAS products and hardware firewalls. The company has roughly 1,500 employees and boasts some 100 million devices deployed worldwide. While in many respects the class of vulnerability addressed in this story is depressingly common among Internet of Things (IoT) devices, the flaw is notable because it has attracted the interest of groups specializing in deploying ransomware at scale.

Independent Krebs Security

The Hidden Cost of Ransomware: Wholesale Password Theft

January 6, 2020 0 Comments A Little Sunshine, alex holden, Hold Security, karen christianson, mark schafer, Ransomware, ryuk, sva consulting, The Coming Storm, vcpi

Credit to Author: BrianKrebs| Date: Mon, 06 Jan 2020 18:17:21 +0000

Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. But all too often, ransomware victims fail to grasp that the crooks behind these attacks can and frequently do siphon every single password stored on each infected endpoint. The result of this oversight may offer attackers a way back into the affected organization, access to financial and healthcare accounts, or — worse yet — key tools for attacking the victim’s various business partners and clients.

← Previous