Cybercriminals are selling hundreds of thousands of credential sets stolen with the help of a cracked version of Acunetix, a powerful commercial web app vulnerability scanner, new research finds. The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology…
Category: A Little Sunshine
(650) 203-0000, A Little Sunshine, Coinbase, Daniel from Google, Gemini AI, Global Security News, Google Assistant, Google Docs, Google Forms, Google Photos, Graham Cluely, Junseth, Latest Warnings, Minecraft, Ne'er-Do-Well News, SwanCoin, Trezor, Web Fraud 2.0
How to Lose a Fortune with Just One Bad Click
Image: Shutterstock, iHaMoo. Adam Griffin is still in disbelief over how quickly he was robbed of nearly $500,000 in cryptocurrencies. A scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to…
A Little Sunshine, Binance, Blaven Technologies, Breadcrumbs, Chainalysis, CloudFlare, Cryptomus, CTV News, FINTRAC, Global Security News, Icon Tech SRO, Investigative Journalism Foundation, Mezhundarondnaya IBU SRO, Peter German, PQ Hosting, RCMP, Richard Sanders, Russia's War on Ukraine, Vira Krychka, Web Fraud 2.0, WS Management and Advisory Corporation Ltd, Xeltox Enterprises
How Cryptocurrency Turns to Cash in Russian Banks
A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. Meanwhile, an investigation into the Vancouver street address used by this company shows it is home to dozens of foreign currency dealers, money transfer businesses,…
@chenlun, A Little Sunshine, and Mobile Anti-Abuse Working Group, Anti-Phishing Working Group, Coalition Against Unsolicited Commercial Email, Global Security News, ICANN, Interisle Consulting, Internet Corporation for Assigned Names and Numbers, John Levine, Latest Warnings, malware, Messaging, new gTLDs, North America, phishing, spam, The Coming Storm, U.S. Postal Service
Why Phishers Love New TLDs Like .shop, .top and .xyz
Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds. Meanwhile, the nonprofit entity that oversees…
A Little Sunshine, AT&T, Boxfan, buttholio, Connor Riley Moucka, cyb3rph4nt0m, DDoS-for-Hire, Global Security News, John Erin Binns, Judische, Kiberphant0m, Naver, Ne'er-Do-Well News, North America, Proman557, Ransomware, Reverseshell, Shi-Bot, Snowflake, South Korea, telekomterrorist, The Coming Storm, Vars_Secc, Verizon, Waifu
Hacker in Snowflake Extortions May Be a U.S. Soldier
Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect — a prolific hacker known as Kiberphant0m — remains at large and continues to publicly extort victims. However, this person’s identity may not remain a secret for long:…
A Little Sunshine, Ahmed Hossam Eldin Elbadawy, Evans Onyeaka Osiebo, Global Security News, Joel Martin Evans, Joeleoli, Kingbob, lastpass, Mailchimp, Namecheap, Ne'er-Do-Well News, Noah Michael Urban, ogusers, Okta, Oktapus, Scattered Spider, SIM Swapping, Sosa, T-Mobile, Twilio, Tylerb
Feds Charge Five Men in ‘Scattered Spider’ Roundup
Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass, MailChimp, Okta, T-Mobile and Twilio. A visual depiction of the attacks by the SMS phishing group known…
A Little Sunshine, Aleksandr Ermakov, chronopay, Data Breaches, Dmitri Golubov, Global Security News, Helkern, Home Depot breach, Hydra Market, MikeMike, Mikhail Lenin, Mikhail Shefel, Ne'er-Do-Well News, North America, pavel vrublevsky, Peter Vrublevsky, Pharma Wars, Sprut, Sugar ransomware, target breach
An Interview With the Target & Home Depot Hacker
In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Moscow resident Mikhail Shefel, who confirmed using the Rescator identity in a recent interview, also admitted reaching out because he…
A Little Sunshine, emergency data request, fake EDR, fbi, Global Security News, Kodex, Latest Warnings, Matt Donahue, North America, pwnstar, The Coming Storm, Web Fraud 2.0
FBI: Spike in Hacked Police Emails, Fake Subpoenas
The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based technology companies. In an alert (PDF) published this week, the FBI…