Six 0-Days Lead Microsoft’s August 2024 Patch Push – Krebs on Security
Microsoft today released updates to fix at least 90 security vulnerabilities in Windows and related software, including a whopping six zero-day flaws that are already…
Category: Krebson
Cybercrime Rapper Sues Bank over Fraud Investigation – Krebs on Security
A partial selfie posted by Puchmade Dev to his Twitter account. Yes, that is a functioning handheld card skimming device, encrusted in diamonds. Underneath that…
Low-Drama ‘Dark Angels’ Reap Record Ransoms – Krebs on Security
A ransomware group called Dark Angels made headlines this past week when it was revealed the crime group recently received a record $75 million data…
U.S. Trades Cybercriminals to Russia in Prisoner Swap – Krebs on Security
Twenty-four prisoners were freed today in an international prisoner swap between Russia and Western countries. Among the eight Russians repatriated were several convicted cybercriminals. In…
U.S. Trades Cybercriminals to Russia in Prisoner Swap – Krebs on Security
Twenty-four prisoners were freed today in an international prisoner swap between Russia and Western countries. Among the eight Russians repatriated were several convicted cybercriminals. In…
Don’t Let Your Domain Name Become a “Sitting Duck” – Krebs on Security
More than a million domain names — including many registered by Fortune 100 firms and brand protection companies — are vulnerable to takeover by cybercriminals…
Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services – Krebs on Security
Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google Workspace account, and leverage that…
Phish-Friendly Domain Registry “.top” Put on Notice – Krebs on Security
The Chinese company in charge of handing out domain names ending in “.top” has been given until mid-August 2024 to show that it has put…
Global Microsoft Meltdown Tied to Bad Crowstrike Update – Krebs on Security
A faulty software update from cybersecurity vendor Crowdstrike crippled countless Microsoft Windows computers across the globe today, disrupting everything from airline travel and financial institutions…
Weak Security Defaults Enabled Squarespace Domains Hijacks – Krebs on Security
At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains…
Crooks Steal Phone, SMS Records for Nearly All AT&T Customers – Krebs on Security
AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all…
The Stark Truth Behind the Resurgence of Russia’s Fin7 – Krebs on Security
The Russia-based cybercrime group dubbed “Fin7,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013,…