international computer science institute

Senator Chides FBI for Weak Advice on Mobile Security

July 25, 2025 0 Comments A Little Sunshine, Apple, bill marczak, citizen lab, cve-2025-43200, emerita melissa hortman, federal bureau of investigation, Google, international computer science institute, john hoffman, kash patel, Latest Warnings, lockdown mode, lorenzo francheschi-bicchierai, nicholas weaver, security tools, sen. ron wyden, susie wiles, The Coming Storm, the wall street journal, Time to Patch

Credit to Author: BrianKrebs| Date: Mon, 30 Jun 2025 17:33:59 +0000

Agents with the Federal Bureau of Investigation (FBI) briefed Capitol Hill staff recently on hardening the security of their mobile devices, after a contacts list stolen from the personal phone of the White House Chief of Staff Susie Wiles was reportedly used to fuel a series of text messages and phone calls impersonating her to U.S. lawmakers. But in a letter this week to the FBI, one of the Senate’s most tech-savvy lawmakers says the feds aren’t doing enough to recommend more appropriate security protections that are already built into most consumer mobile devices.

Independent Krebs Security

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

September 22, 2023 0 Comments A Little Sunshine, Data Breaches, international computer science institute, karim toubba, lastpass breach, nicholas weaver, The Coming Storm, Web Fraud 2.0, wladimir palant

Credit to Author: BrianKrebs| Date: Fri, 22 Sep 2023 23:41:09 +0000

The password manager service LastPass is now forcing some of its users to pick longer master passwords. LastPass says the changes are needed to ensure all customers are protected by their latest security improvements. But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass.

Independent Krebs Security

Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

June 8, 2023 0 Comments barracuda networks, caitlin condon, cve-2023-2868, email security gateway, international computer science institute, Latest Warnings, mandiant, nicholas weaver, rapid7, Time to Patch

Credit to Author: BrianKrebs| Date: Thu, 08 Jun 2023 20:17:06 +0000

It’s not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware — as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda Networks, as the company struggled to combat a sprawling malware threat which appears to have undermined its email security appliances in such a fundamental way that they can no longer be safely updated with software fixes.

Independent Krebs Security

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

February 28, 2023 0 Comments A Little Sunshine, allison nixon, Data Breaches, international computer science institute, minecraft, nicholas weaver, roblox, security keys, SIM swapping, T-Mobile, tmo up, unit 221b, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 28 Feb 2023 16:14:57 +0000

Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device.