The Great $50M African IP Address Heist
A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions...
Patch Tuesday, December 2019 Edition
Microsoft today released updates to plug three dozen security holes in its Windows operating system and other software. The patches include fixes for seven critical bugs — those that can be exploited by malware or miscreants to take control...
CISO Magazine Honors KrebsOnSecurity
CISO Magazine, a publication dedicated to covering issues near and dear to corporate chief information security officers everywhere, has graciously awarded this author the designation of “Cybersecurity Person of the Year” in its December 2019 issue.
KrebsOnSecurity is grateful for...
Ransomware at Colorado IT Provider Affects 100+ Dental Offices
A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack this week that is disrupting operations for more than 100 dentistry practices, KrebsOnSecurity has learned.
Multiple sources affected say their IT provider, Englewood, Colo....
Apple Explains Mysterious iPhone 11 Location Requests
KrebsOnSecurity ran a story this week that puzzled over Apple‘s response to inquiries about a potential privacy leak in its new iPhone 11 line, in which the devices appear to intermittently seek the user’s location even when all applications...
The iPhone 11 Pro’s Location Data Puzzler
One of the more curious behaviors of Apple’s new iPhone 11 Pro is that it intermittently seeks the user’s location information even when all applications and system services on the phone are individually set to never request this data....
It’s Way Too Easy to Get a .gov Domain Name
Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a .gov domain versus a commercial one ending...
Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains
On Nov. 23, one of the cybercrime underground’s largest bazaars for buying and selling stolen payment card data announced the immediate availability of some four million freshly-hacked debit and credit cards. KrebsOnSecurity has learned this latest batch of cards...
Hidden Cam Above Bluetooth Pump Skimmer
Tiny hidden spy cameras are a common sight at ATMs that have been tampered with by crooks who specialize in retrofitting the machines with card skimmers. But until this past week I’d never heard of hidden cameras being used...
110 Nursing Homes Cut Off from Health Records in Ransomware Attack
A ransomware outbreak has besieged a Wisconsin based IT company that provides cloud data hosting, security and access management to more than 100 nursing homes across the United States. The ongoing attack is preventing these care centers from accessing...
DDoS-for-Hire Boss Gets 13 Months Jail Time
A 21-year-old Illinois man was sentenced last week to 13 months in prison for running multiple DDoS-for-hire services that launched millions of attacks over several years. This individual’s sentencing comes more than five years after KrebsOnSecurity interviewed both the...
Ransomware Bites 400 Veterinary Hospitals
National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilities around the globe, is still working to recover from a ransomware attack late last month that affected more than half of those properties, separating...
Why Were the Russians So Set Against This Hacker Being Extradited?
The Russian government has for the past four years been fighting to keep 29-year-old alleged cybercriminal Alexei Burkov from being extradited by Israel to the United States. When Israeli authorities turned down requests to send him back to Russia —...
Orcus RAT Author Charged in Malware Scheme
In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT, a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This...
Patch Tuesday, November 2019 Edition
Microsoft today released updates to plug security holes in its software, including patches to fix at least 74 weaknesses in various flavors of Windows and programs that run on top of it. The November updates include patches for a...
Pensacola confirms ransomware attack
Pensacola
officials confirmed that an ongoing
cyberattack that began early Saturday morning is a ransomware attack.
While the city did not release any additional details, the Pensacola News Journal said city spokeswoman Kaycee Lagarde confirmed the attack included a ransom, something that...
Trickbot Operators Now Selling Attack Tools to APT Actors
North Korea's Lazarus Group - of Sony breach and WannaCry fame - is among the first customers.
The Great $50M African IP Address Heist
A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions...
Intel Issues Fix for ‘Plundervolt’ SGX Flaw
Researchers were able to extract AES encryption key using SGX's voltage-tuning function.
How to stop spam calls right now
Spam calls drive us all crazy. Here are four ways to stop robocalls and other unsolicited phone calls.
