• Search for:
    12 Jan, 2022
    Who is the Network Access Broker ‘Wazawaka?’
    Cybersecurity , , , , , , , , , , , , , , , , , , , , ,

    In a great many ransomware attacks, the criminals who pillage the victim’s network are not the same crooks who gained the initial access to the victim organization. More commonly, the infected PC or stolen VPN credentials the gang used to break in were purchased from a cybercriminal middleman known as an initial access broker. This post examines some of the clues left behind by Wazawaka, the handle chosen by a major access broker in the Russian-speaking cybercrime scene. …

    Read MoreWho is the Network Access Broker ‘Wazawaka?’

    11 Jan, 2022
    ‘Wormable’ Flaw Leads January 2022 Patch Tuesday
    Cybersecurity , , , , , , , , , , , , , , , ,

    Microsoft today released updates to plug nearly 120 security holes in Windows and supported software. Six of the vulnerabilities were publicly detailed already, potentially giving attackers a head start in figuring out how to exploit them in unpatched systems. More concerning, Microsoft warns that one of the flaws fixed this month is “wormable,” meaning no human interaction would be required for an attack to spread from one vulnerable Windows box to another. …

    Read More‘Wormable’ Flaw Leads January 2022 Patch Tuesday

    8 Jan, 2022
    500M Avira Antivirus Users Introduced to Cryptomining
    Cybersecurity , , , , , ,

    Many readers were surprised to learn recently that the popular Norton 360 antivirus suite now ships with a program which lets customers make money mining virtual currency. But Norton 360 isn’t alone in this dubious endeavor: Avira antivirus — which has built a base of 500 million users worldwide largely by making the product free — was recently bought by the same company that owns Norton 360 and is introducing its customers to a service called Avira Crypto. …

    Read More500M Avira Antivirus Users Introduced to Cryptomining

    6 Jan, 2022
    Norton 360 Now Comes With a Cryptominer
    Cybersecurity , , , , , , , , , ,

    Norton 360, one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers. Norton’s parent firm says the cloud-based service that activates the program and enables customers to profit from the scheme — in which the company keeps 15 percent of any currencies mined — is “opt-in,” meaning users have to agree to enable it. But many Norton users complain the mining program is difficult to remove, and reactions from longtime customers have ranged from unease and disbelief to, “Dude, where’s my crypto?” …

    Read MoreNorton 360 Now Comes With a Cryptominer

    29 Dec, 2021
    Happy 12th Birthday, KrebsOnSecurity.com!
    Cybersecurity

    KrebsOnSecurity.com celebrates its 12th anniversary today! Maybe “celebrate” is too indelicate a word for a year wracked by the global pandemics of COVID-19 and ransomware. Especially since stories about both have helped to grow the audience here tremendously in 2021. But this site’s birthday also is a welcome opportunity to thank you all for your continued readership and support, which helps keep the content here free to everyone. …

    Read MoreHappy 12th Birthday, KrebsOnSecurity.com!

    16 Dec, 2021
    NY Man Pleads Guilty in $20 Million SIM Swap Theft
    Cybersecurity , , , , , , , ,

    A 24-year-old New York man who bragged about helping to steal more than $20 million worth of cryptocurrency from a technology executive has pleaded guilty to conspiracy to commit wire fraud. Nicholas Truglia was part of a group alleged to have stolen more than $100 million from cryptocurrency investors using fraudulent “SIM swaps,” scams in which identity thieves hijack a target’s mobile phone number and use that to wrest control over the victim’s online identities. …

    Read MoreNY Man Pleads Guilty in $20 Million SIM Swap Theft

    14 Dec, 2021
    Microsoft Patch Tuesday, December 2021 Edition
    Cybersecurity , , , , , , , , , , , , , , , , , ,

    Microsoft, Adobe, and Google all issued security updates to their products today. The Microsoft patches include six previously disclosed security flaws, and one that that is already being actively exploited. But this month’s Patch Tuesday is being overshadowed by the “Log4Shell” 0-day exploit in a popular Java library that web server administrators are now racing to find and patch amid widespread exploitation of the flaw. …

    Read MoreMicrosoft Patch Tuesday, December 2021 Edition

    14 Dec, 2021
    Inside Ireland’s Public Healthcare Ransomware Scare
    Cybersecurity , , , , , , , , ,

    The accounting firm PricewatersCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. The unusually candid post-mortem found that nearly two months elapsed between the initial intrusion and the launching of the ransomware. It also found affected hospitals had tens of thousand of outdated Windows 7 systems, and that the health system’s IT administrators failed to respond to multiple warning signs that a massive attack was imminent. …

    Read MoreInside Ireland’s Public Healthcare Ransomware Scare

    8 Dec, 2021
    Canada Charges Its “Most Prolific Cybercriminal”
    Cybersecurity , , , , , , , , , , , ,

    A 31-year-old Canadian man has been arrested and charged with fraud in connection with numerous ransomware attacks against businesses, government agencies and private citizens throughout Canada and the United States. Canadian authorities describe him as “the most prolific cybercriminal we’ve identified in Canada,” but so far they’ve released few other details about the investigation or the defendant. Helpfully, an email address and nickname apparently connected to the accused offer some additional clues. …

    Read MoreCanada Charges Its “Most Prolific Cybercriminal”