HackDig : Dig high-quality web security articles for hackers

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy, the world’s largest domain name registrar, KrebsOnSecurity has learned. The incident is the latest incursion at GoDaddy that relied on tricking employees into transf
Publish At:2020-11-21 15:30 | Read:91 | Comments:0 | Tags:A Little Sunshine Web Fraud 2.0 Bibox Celcius.network Dan Ra

Trump Fires Security Chief Christopher Krebs

President Trump on Tuesday fired his top election security official Christopher Krebs (no relation). The dismissal came via Twitter two weeks to the day after Trump lost an election he baselessly claims was stolen by widespread voting fraud. Chris Krebs. Image: CISA. Krebs, 43, is a former Microsoft executive appointed by Trump to head the Cybersecurity and
Publish At:2020-11-18 13:24 | Read:124 | Comments:0 | Tags:A Little Sunshine Christopher Krebs CISA Cybersecurity and I

Be Very Sparing in Allowing Site Notifications

An increasing number of websites are asking visitors to approve “notifications,” browser modifications that periodically display messages on the user’s mobile or desktop device. In many cases these notifications are benign, but several dodgy firms are paying site owners to install their notification scripts and then selling that communicati
Publish At:2020-11-17 14:00 | Read:153 | Comments:0 | Tags:A Little Sunshine Latest Warnings Web Fraud 2.0 Frank Angiol

Why Paying to Delete Stolen Data is Bonkers

Companies hit by ransomware often face a dual threat: Even if they avoid paying the ransom and can restore things from scratch, about half the time the attackers also threaten to release sensitive stolen data unless the victim pays for a promise to have the data deleted. Leaving aside the notion that victims might have any real expectation the attackers will
Publish At:2020-11-04 17:53 | Read:113 | Comments:0 | Tags:A Little Sunshine Ransomware Coveware Emsisoft Fabian Wosar

Google Mending Another Crack in Widevine

For the second time in as many years, Google is working to fix a weakness in its Widevine digital rights management (DRM) technology used by online streaming sites like Disney, Hulu and Netflix to prevent their content from being pirated. The latest cracks in Widevine concern the encryption technology’s protection for L3 streams, which is used for low
Publish At:2020-10-26 21:50 | Read:219 | Comments:0 | Tags:A Little Sunshine David Buchanan digital rights management D

The Now-Defunct Firms Behind 8chan, QAnon

Some of the world’s largest Internet firms have taken steps to crack down on disinformation spread by QAnon conspiracy theorists and the hate-filled anonymous message board 8chan. But according to a California-based security researcher, those seeking to de-platform these communities may have overlooked a simple legal solution to that end: Both the Neva
Publish At:2020-10-22 20:20 | Read:253 | Comments:0 | Tags:A Little Sunshine Ne'er-Do-Well News The Coming Storm 8chan

QAnon/8Chan Sites Briefly Knocked Offline

A phone call to an Internet provider in Oregon on Sunday evening was all it took to briefly sideline multiple websites related to 8chan/8kun — a controversial online image board linked to several mass shootings — and QAnon, the far-right conspiracy theory which holds that a cabal of Satanic pedophiles is running a global child sex-trafficking rin
Publish At:2020-10-19 04:05 | Read:237 | Comments:0 | Tags:A Little Sunshine Ne'er-Do-Well News The Coming Storm 8chan

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in. But judging from the proliferation
Publish At:2020-10-08 18:53 | Read:225 | Comments:0 | Tags:A Little Sunshine Ne'er-Do-Well News Web Fraud 2.0 domaintoo

Promising Infusions of Cash, Fake Investor John Bernard Walked Away With $30M

September featured two stories on a phony tech investor named John Bernard, a pseudonym used by a convicted thief named John Clifton Davies who’s fleeced dozens of technology companies out of an estimated $30 million with the promise of lucrative investments. Those stories prompted a flood of tips from Davies’ victims that paint a much clearer pi
Publish At:2020-10-07 11:41 | Read:268 | Comments:0 | Tags:A Little Sunshine Ne'er-Do-Well News Docklands Enterprise Lt

Who is Tech Investor John Bernard?

John Bernard, the subject of a story here last week about a self-proclaimed millionaire investor who has bilked countless tech startups, appears to be a pseudonym for John Clifton Davies, a U.K. man who absconded from justice before being convicted on multiple counts of fraud in 2015. Prior to his conviction, Davies served 16 months in jail before being clea
Publish At:2020-09-30 11:56 | Read:213 | Comments:0 | Tags:A Little Sunshine Ne'er-Do-Well News Colette Davies Igor Gub

Who’s Behind Monday’s 14-State 911 Outage?

Emergency 911 systems were down for more than an hour on Monday in towns and cities across 14 U.S. states. The outages led many news outlets to speculate the problem was related to Microsoft‘s Azure web services platform, which also was struggling with a widespread outage at the time. However, multiple sources tell KrebsOnSecurity the 911 issues stemme
Publish At:2020-09-30 11:56 | Read:273 | Comments:0 | Tags:A Little Sunshine 911 outage Azure CenturyLink FCC Federal C

Due Diligence That Money Can’t Buy

Most of us automatically put our guard up when someone we don’t know promises something too good to be true. But when the too-good-to-be-true thing starts as our idea, sometimes that instinct fails to kick in. Here’s the story of how companies searching for investors to believe in their ideas can run into trouble. Nick is an investment banker wh
Publish At:2020-09-14 16:39 | Read:405 | Comments:0 | Tags:A Little Sunshine David Bruno Jason Kane Jonathan Bibi Peiff

Sendgrid Under Siege from Hacked Accounts

Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks. Sendgrid’s parent company Twilio says it is working on a plan to require multi-factor authentication for all of its customers, but that solution
Publish At:2020-08-28 14:20 | Read:444 | Comments:0 | Tags:A Little Sunshine The Coming Storm CAUCE Invaluement.com Kro

Confessions of an ID Theft Kingpin, Part II

Yesterday’s piece told the tale of Hieu Minh Ngo, a hacker the U.S. Secret Service described as someone who caused more material financial harm to more Americans than any other convicted cybercriminal. Ngo was recently deported back to his home country after serving more than seven years in prison for running multiple identity theft services. He now sa
Publish At:2020-08-27 14:51 | Read:475 | Comments:0 | Tags:A Little Sunshine Ne'er-Do-Well News Hieu Minh Ngo identity

Confessions of an ID Theft Kingpin, Part I

At the height of his cybercriminal career, the hacker known as “Hieupc” was earning $125,000 a month running a bustling identity theft service that siphoned consumer dossiers from some of the world’s top data brokers. That is, until his greed and ambition played straight into an elaborate snare set by the U.S. Secret Service. Now, after mor
Publish At:2020-08-26 15:23 | Read:446 | Comments:0 | Tags:A Little Sunshine Ne'er-Do-Well News Court Ventures Experian