Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017. Rapid7‘s Adam Barnett says January marks the fourth consecutive month…
Category: The Coming Storm
800-275-2273, A Little Sunshine, Allison Nixon, Aristotle, autodoxers, Coinbase, Crypto Chameleon, discord, domaintools, Emerging Tech, Global Security News, Latest Warnings, Lookout, Mark Cuban, Okta, Perm, Shark Tank, Star Fraud, Stotle, Telegram, The Coming Storm, Trezor, Unit 221B, voice phishing, Web Fraud 2.0
A Day in the Life of a Prolific Voice Phishing Crew
Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. However, new details about the internal operations of a prolific voice phishing gang show the group routinely abuses legitimate services at Apple and Google to force a variety…
A Little Sunshine, Acunetix, Altug Sara, [email protected], Araneida Scanner, Asia Pacific, Bilitro Yazilim, Breadcrumbs, domaintools, Fin7, Global Security News, Invicti Security, Matt Sciberras, Ne'er-Do-Well News, Neil Roseman, [email protected], Silent Push, The Coming Storm, U.S. Department of Health and Human Services, Zach Edwards
Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm
Cybercriminals are selling hundreds of thousands of credential sets stolen with the help of a cracked version of Acunetix, a powerful commercial web app vulnerability scanner, new research finds. The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology…
@chenlun, A Little Sunshine, and Mobile Anti-Abuse Working Group, Anti-Phishing Working Group, Coalition Against Unsolicited Commercial Email, Global Security News, ICANN, Interisle Consulting, Internet Corporation for Assigned Names and Numbers, John Levine, Latest Warnings, malware, Messaging, new gTLDs, North America, phishing, spam, The Coming Storm, U.S. Postal Service
Why Phishers Love New TLDs Like .shop, .top and .xyz
Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds. Meanwhile, the nonprofit entity that oversees…
A Little Sunshine, AT&T, Boxfan, buttholio, Connor Riley Moucka, cyb3rph4nt0m, DDoS-for-Hire, Global Security News, John Erin Binns, Judische, Kiberphant0m, Naver, Ne'er-Do-Well News, North America, Proman557, Ransomware, Reverseshell, Shi-Bot, Snowflake, South Korea, telekomterrorist, The Coming Storm, Vars_Secc, Verizon, Waifu
Hacker in Snowflake Extortions May Be a U.S. Soldier
Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect — a prolific hacker known as Kiberphant0m — remains at large and continues to publicly extort victims. However, this person’s identity may not remain a secret for long:…
abyss0, BreachForums, Data Breaches, Finastra, Global Security News, ke-la.com, Latest Warnings, Ne'er-Do-Well News, The Coming Storm
Fintech Giant Finastra Investigating Data Breach
The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen…
A Little Sunshine, emergency data request, fake EDR, fbi, Global Security News, Kodex, Latest Warnings, Matt Donahue, North America, pwnstar, The Coming Storm, Web Fraud 2.0
FBI: Spike in Hacked Police Emails, Fake Subpoenas
The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based technology companies. In an alert (PDF) published this week, the FBI…