The Coming Storm – PossibleThreat Articles

Microsoft Fix Targets Attacks on SharePoint Zero-Day

July 25, 2025 0 Comments cisa, cve-2025-49704, cve-2025-49706, cve-2025-53770, cve-2025-53771, cybersecurity & infrastructure security agency, eye security, Latest Warnings, microsoft corp., rapid7, sharepoint server, The Coming Storm, Time to Patch

Credit to Author: BrianKrebs| Date: Mon, 21 Jul 2025 14:45:46 +0000

On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the Sharepoint flaw to breach U.S. federal and state agencies, universities, and energy companies.

Independent Krebs

DOGE Denizen Marko Elez Leaked API Key for xAI

July 25, 2025 0 Comments A Little Sunshine, business insider, Data Breaches, doge, gitguardian, github, grok, marko elez, philippe caturegli, president trump, seralys, techcrunch, The Coming Storm, the new york times, the wall street journal, the washington post, twitter, vice president j.d. vance, x, xai

Credit to Author: BrianKrebs| Date: Tue, 15 Jul 2025 01:23:43 +0000

Marko Elez, a 25-year-old employee at Elon Musk’s Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury and Justice departments, and the Department of Homeland Security. So it should fill all Americans with a deep sense of confidence to learn that Mr. Elez over the weekend inadvertently published a private key that allowed anyone to interact directly with more than four dozen large language models (LLMs) developed by Musk’s artificial intelligence company xAI.

Independent Krebs

Senator Chides FBI for Weak Advice on Mobile Security

July 25, 2025 0 Comments A Little Sunshine, Apple, bill marczak, citizen lab, cve-2025-43200, emerita melissa hortman, federal bureau of investigation, Google, international computer science institute, john hoffman, kash patel, Latest Warnings, lockdown mode, lorenzo francheschi-bicchierai, nicholas weaver, security tools, sen. ron wyden, susie wiles, The Coming Storm, the wall street journal, Time to Patch

Credit to Author: BrianKrebs| Date: Mon, 30 Jun 2025 17:33:59 +0000

Agents with the Federal Bureau of Investigation (FBI) briefed Capitol Hill staff recently on hardening the security of their mobile devices, after a contacts list stolen from the personal phone of the White House Chief of Staff Susie Wiles was reportedly used to fuel a series of text messages and phone calls impersonating her to U.S. lawmakers. But in a letter this week to the FBI, one of the Senate’s most tech-savvy lawmakers says the feds aren’t doing enough to recommend more appropriate security protections that are already built into most consumer mobile devices.

Independent Krebs Security

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

February 28, 2025 0 Comments A Little Sunshine, alfa bank, bearhost, gootloader, interisle consulting group, intrinsec, kaspersky lab, kentik, Ne'er-Do-Well News, prospero ooo, Ransomware, securehost, silent push, SocGholish, spamhaus, The Coming Storm, zach edwards

Credit to Author: BrianKrebs| Date: Fri, 28 Feb 2025 20:14:58 +0000

One of the most notorious providers of abuse-friendly “bulletproof” web hosting for cybercriminals has started routing its operations through networks run by the Russian antivirus and security firm Kaspersky Lab, KrebsOnSecurity has learned.

Independent Krebs Security

Trump 2.0 Brings Cuts to Cyber, Consumer Protections

February 28, 2025 0 Comments A Little Sunshine, bruce schneier, bybit, christopher stanley, Coinbase, conservative political action conference, consumer financial protection bureau, cybersecurity and infrastructure security agency, davi ottenheimer, department of government efficiency, department of homeland security, Department of Justice, edward coristine, gavin kliger, global investigative journalism network, hunter labs, internal revenue service, jacob silverman, jacob williams, katie arrington, kleptocapture task force, kleptocracy asset recovery initiative, Latest Warnings, leland dudek, lizardstresser, michelle king, natalya martynova, national institute of standards and technology, national treasury employees union, office of management and budget, office of personnel management, organized crime and corruption reporting project, president donald trump, project 2025, rep. andy ogles, russia's war on ukraine, sean cairncross, social security administration, starlink, The Coming Storm, treasury department, u.s. agency for international development, u.s. foreign corrupt practices act, U.S. Securities and Exchange Commission, valery martynov, vladimir putin, volodymyr zelensky

Credit to Author: BrianKrebs| Date: Sun, 23 Feb 2025 23:02:14 +0000

One month into his second term, President Trump’s actions to shrink the government through mass layoffs, firings and withholding funds allocated by Congress have thrown federal cybersecurity and consumer protection programs into disarray. At the same time, agencies are battling an ongoing effort by the world’s richest man to wrest control over their networks and data.

Independent Krebs Security

How Phished Data Turns into Apple & Google Wallets

February 28, 2025 0 Comments A Little Sunshine, All About Skimmers, andy chandler, Apple, csis security group, ford merrill, ghost tap, Google, grant smith, imessage, m3aawg, rcs, resecurity, secalliance, smishing, The Coming Storm, threatfabric, Web Fraud 2.0, znfc

Credit to Author: BrianKrebs| Date: Tue, 18 Feb 2025 18:37:26 +0000

Carding — the underground business of stealing, selling and swiping stolen payment card data — has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores.

Independent Krebs Security

Teen on Musk’s DOGE Team Graduated from ‘The Com’

February 7, 2025 0 Comments A Little Sunshine, as400495, backconnect security llc, curtis gervais, diamondcdn, director of national intelligence, doge, dstat, edward coristine, elon musk, eric taylor, marshal webb, Ne'er-Do-Well News, neuralink, packetware, path networks, president trump, rivage, tesla sexy llc, the com, The Coming Storm, tucker preston, wired

Credit to Author: BrianKrebs| Date: Sat, 08 Feb 2025 00:32:53 +0000

Wired reported this week that a 19-year-old working for Elon Musk’s so-called Department of Government Efficiency (DOGE) was given access to sensitive US government systems even though his past association with cybercrime communities should have precluded him from gaining the necessary security clearances to do so. As today’s story explores, the DOGE teen is a former denizen of ‘The Com,’ an archipelago of Discord and Telegram chat channels that function as a kind of distributed cybercriminal social network for facilitating instant collaboration.

Independent Krebs Security

Experts Flag Security, Privacy Risks in DeepSeek AI App

February 6, 2025 0 Comments A Little Sunshine, andrew hoog, app transport security, Apple, Artificial intelligence, bytedance, china, deepseek, deepseek ai, iOS, Latest Warnings, nowsecure, The Coming Storm, volcengine

Credit to Author: BrianKrebs| Date: Thu, 06 Feb 2025 21:12:30 +0000

New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three “free” downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek’s design choices — such as using hard-coded encryption keys, and sending unencrypted user and device data to Chinese companies — introduce a number of glaring security and privacy risks.

Independent Krebs Security

A Tumultuous Week for Federal Cybersecurity Efforts

January 27, 2025 0 Comments A Little Sunshine, alfa bank, david sacks, house judiciary committee's select subcommittee on the weaponization of the federal government, jack goldsmith, joe hall, john durham, lawfare, melania trump, michael sussman, president trump, quinta jurecic, rep. jim jordan, The Coming Storm, united states council on transnational organized crime, world liberty financial

Credit to Author: BrianKrebs| Date: Tue, 28 Jan 2025 02:50:10 +0000

President Trump last week issued a flurry of executive orders that upended a number of government initiatives focused on improving the nation’s cybersecurity posture. The president fired all advisors from the Department of Homeland Security’s Cyber Safety Review Board, called for the creation of a strategic cryptocurrency reserve, and voided a Biden administration action that sought to reduce the risks that artificial intelligence poses to consumers, workers and national security.

Independent Krebs Security

Microsoft: Happy 2025. Here’s 161 Security Updates

January 14, 2025 0 Comments adam barnett, bitlocker, bob hopkins, cve-2024-49142, cve-2025-21186, cve-2025-21210, cve-2025-21298, cve-2025-21311, cve-2025-21333, cve-2025-21334, cve-2025-21335, cve-2025-21366, cve-2025-21395, kev breen, Latest Warnings, microsoft access, microsoft patch tuesday january 2025, rapid7, satnam narang, The Coming Storm, Time to Patch, unpatched.ai, windows 11, windows hyper-v, windows ntlmv1

Credit to Author: BrianKrebs| Date: Tue, 14 Jan 2025 22:50:00 +0000

Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017.

← Previous