HackDig : Dig high-quality web security articles for hackers

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S. consumer data broker, KrebsOnSecurity has le
Publish At:2020-08-06 19:42 | Read:75 | Comments:0 | Tags:Data Breaches The Coming Storm COVID-19 Derek Dubner Economi

Is Your Chip Card Secure? Much Depends on Where You Bank

Chip-based credit and debit cards are designed to make it infeasible for skimming devices or malware to clone your card when you pay for something by dipping the chip instead of swiping the stripe. But a recent series of malware attacks on U.S.-based merchants suggest thieves are exploiting weaknesses in how certain financial institutions have implemented th
Publish At:2020-07-30 15:20 | Read:139 | Comments:0 | Tags:All About Skimmers Latest Warnings The Coming Storm chip car

Business ID Theft Soars Amid COVID Closures

Identity thieves who specialize in running up unauthorized lines of credit in the names of small businesses are having a field day with all of the closures and economic uncertainty wrought by the COVID-19 pandemic, KrebsOnSecurity has learned. This story is about the victims of a particularly aggressive business ID theft ring that’s spent years targeti
Publish At:2020-07-27 19:55 | Read:64 | Comments:0 | Tags:Target: Small Businesses The Coming Storm alex holden busine

NY Charges First American Financial for Massive Data Leak

In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. had exposed approximately 885 million records related to mortgage deals going back to 2003. On Wednesday, regulators in New York announced that First American was the target of their first ever cybersecurity enforcement action in conn
Publish At:2020-07-23 15:57 | Read:76 | Comments:0 | Tags:Data Breaches The Coming Storm First American Financial Corp

Breached Data Indexer ‘Data Viper’ Hacked

Data Viper, a security startup that provides access to some 15 billion usernames, passwords and other information exposed in more than 8,000 website breaches, has itself been hacked and its user database posted online. The hackers also claim they are selling on the dark web roughly 2 billion records Data Viper collated from numerous breaches and data leaks,
Publish At:2020-07-13 20:27 | Read:185 | Comments:0 | Tags:A Little Sunshine Ne'er-Do-Well News The Coming Storm Apollo

COVID-19 ‘Breach Bubble’ Waiting to Pop?

The COVID-19 pandemic has made it harder for banks to trace the source of payment card data stolen from smaller, hacked online merchants. On the plus side, months of quarantine have massively decreased demand for account information that thieves buy and use to create physical counterfeit credit cards. But fraud experts say recent developments suggest both tr
Publish At:2020-06-30 12:01 | Read:184 | Comments:0 | Tags:Data Breaches The Coming Storm Andrew Barratt Chicken Expres

‘BlueLeaks’ Exposes Files from Hundreds of Police Departments

Hundreds of thousands of potentially sensitive files from police departments across the United States were leaked online last week. The collection, dubbed “BlueLeaks” and made searchable online, stems from a security breach at a Texas web design and hosting company that maintains a number of state law enforcement data-sharing portals. The collect
Publish At:2020-06-22 03:10 | Read:211 | Comments:0 | Tags:Data Breaches The Coming Storm BlueLeaks Distributed Denial

U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs

A well-organized Nigerian crime ring is exploiting the COVID-19 crisis by committing large-scale fraud against multiple state unemployment insurance programs, with potential losses in the hundreds of millions of dollars, according to a new alert issued by the U.S. Secret Service. A memo seen by KrebsOnSecurity that the Secret Service circulated to field off
Publish At:2020-05-18 13:12 | Read:204 | Comments:0 | Tags:Latest Warnings The Coming Storm Web Fraud 2.0 Coronavirus C

When in Doubt: Hang Up, Look Up, & Call Back

Many security-conscious people probably think they’d never fall for a phone-based phishing scam. But if your response to such a scam involves anything other than hanging up and calling back the entity that claims to be calling, you may be in for a rude awakening. Here’s how one security and tech-savvy reader got taken for more than $10,000 in an
Publish At:2020-05-03 09:35 | Read:581 | Comments:0 | Tags:A Little Sunshine Latest Warnings The Coming Storm

Sipping from the Coronavirus Domain Firehose

Security experts are poring over thousands of new Coronavirus-themed domain names registered each day, but this often manual effort struggles to keep pace with the flood of domains invoking the virus to promote malware and phishing sites, as well as non-existent healthcare products and charities. As a result, domain name registrars are under increasing press
Publish At:2020-04-16 13:00 | Read:499 | Comments:0 | Tags:Latest Warnings The Coming Storm Web Fraud 2.0 CAUCE Centers

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. Whether it’s helping hospitals avoid becoming the next ransomware victim or kneecapping new COVID-19-themed scam websites, t
Publish At:2020-04-15 13:50 | Read:564 | Comments:0 | Tags:The Coming Storm COVID-19 Cyber Threat Coalition Cyber Threa

New IRS Site Could Make it Easy for Thieves to Intercept Some Stimulus Payments

The U.S. federal government is now in the process of sending Economic Impact Payments by direct deposit to millions of Americans. Most who are eligible for payments can expect to have funds direct-deposited into the same bank accounts listed on previous years’ tax filings sometime next week. Today, the Internal Revenue Service (IRS) stood up a site to
Publish At:2020-04-10 19:13 | Read:784 | Comments:0 | Tags:Latest Warnings The Coming Storm Economic Impact Payment Int

‘War Dialing’ Tool Exposes Zoom’s Password Problems

As the Coronavirus pandemic continues to force people to work from home, countless companies are now holding daily meetings using videoconferencing services from Zoom. But without the protection of a password, there’s a decent chance your next Zoom meeting could be “Zoom bombed” — attended or disrupted by someone who doesn’t bel
Publish At:2020-04-02 11:45 | Read:530 | Comments:0 | Tags:A Little Sunshine The Coming Storm Time to Patch Dave Kenned

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

A spear-phishing attack this week hooked a customer service employee at GoDaddy.com, the world’s largest domain name registrar, KrebsOnSecurity has learned. The incident gave the phisher the ability to view and modify key customer records, access that was used to change domain settings for a half-dozen GoDaddy customers, including transaction brokering
Publish At:2020-04-01 00:40 | Read:500 | Comments:0 | Tags:A Little Sunshine Latest Warnings The Coming Storm Chris Uel

The Web’s Bot Containment Unit Needs Your Help

Anyone who’s seen the 1984 hit movie Ghostbusters likely recalls the pivotal scene where a government bureaucrat orders the shutdown of the ghost containment unit, effectively unleashing a pent-up phantom menace on New York City. Now, something similar is in danger of happening in cyberspace: Shadowserver.org, an all-volunteer nonprofit organization th
Publish At:2020-03-16 10:04 | Read:521 | Comments:0 | Tags:The Coming Storm Cisco Systems Richard Perlotto Shadowserver

Tools

Tag Cloud