Krebs – Page 2 – PossibleThreat Articles

Lamborghini Carjackers Lured by $243M Cyberheist

October 9, 2024 0 Comments A Little Sunshine, angel "chi chi" borrero, anydesk, Breadcrumbs, gemini, jeandiel "box" serrano, malone "greavys" lam, Ne'er-Do-Well News, pantic, reynaldo "rey" diaz, SIM swapping, swag, the com, veer chetal, Web Fraud 2.0, wiz, zachxbt

Credit to Author: BrianKrebs| Date: Wed, 09 Oct 2024 17:36:27 +0000

The parents of a 19-year-old Connecticut honors student accused of taking part in a $243 million cryptocurrency heist in August were carjacked a week later, while out house-hunting in a brand new Lamborghini. Prosecutors say the couple was beaten and briefly kidnapped by six young men who traveled from Florida as part of a botched plan to hold the parents for ransom.

Independent Krebs Security

Patch Tuesday, October 2024 Edition

October 8, 2024 0 Comments .net, Adobe, adobe framemaker, adobe substance 3d painter, animate, Apple, Azure, commerce, cve-2024-43572, cve-2024-43573, dimension, elastic security labs, grimresource, immersive labs, incopy, indesign, Latest Warnings, lightroom, macos 15, mshtml, nikolas cemerikic, office, openssh for windows; power bi; windows hyper-v; windows mobile broadband, satnam narang, security tools, sequoia, substance 3d stager, tenable, Time to Patch, visual studio

Credit to Author: BrianKrebs| Date: Tue, 08 Oct 2024 22:21:19 +0000

Microsoft today released security updates to fix at least 117 security holes in Windows computers and other software, including two vulnerabilities that are already seeing active attacks. Also, Adobe plugged 52 security holes across a range of products, and Apple has addressed a bug in its new macOS 15 “Sequoia” update that broke many cybersecurity tools.

Independent Krebs Security

A Single Cloud Compromise Can Feed an Army of AI Sex Bots

October 3, 2024 0 Comments A Little Sunshine, anthropic, AWS, bedrock, chub ai, github, ian ahl, lore, nsfl, permiso security, sysdig, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Thu, 03 Oct 2024 13:05:52 +0000

Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researchers say these illicit chat bots, which use custom jailbreaks to bypass content filtering, often veer into darker role-playing scenarios, including child sexual exploitation and rape.

Independent Krebs Security

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

September 30, 2024 0 Comments A Little Sunshine, assad faiq, cosmothegod, dream agency, enzo zellocchi, eric taylor, facebook, FBI, iris au, kenneth childs, ledger breach, mir islam, Ne'er-Do-Well News, rise agency, shopify, SIM swapping, tassilo heinrich, the godfather, tomi masters, troy woody jr., vurg, Web Fraud 2.0, zort

Credit to Author: BrianKrebs| Date: Mon, 30 Sep 2024 21:33:10 +0000

A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, a new indictment charges. KrebsOnSecurity has learned that many of the man’s alleged targets were members of UGNazi, a hacker group behind multiple high-profile breaches and cyberattacks back in 2012.

Independent Krebs Security

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

September 26, 2024 0 Comments A Little Sunshine, alex holden, arpa plus, briansclub, chainanlysis, cryptex, cs proxy solutions cy, dark angels, financial crimes enforcement network, Hold Security, home depot breach, Joker's stash, liberty reserve, mazafaka, Ne'er-Do-Well News, novaya gazeta, orbest investments lp, organized crime and corruption project, perfect money, pinpays, pm2btc, progate solutions, rich sanders, rm everton ltd, sergey sergeevich ivanov, sergey sergeevich omelnitskii, taleon, target breach, The Coming Storm, the laundromat, timur kamilevich shakhmametov, u.s. department of justice, uaps, universal anonymous payment system, unlimited cashouts, v1pee, vega, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Thu, 26 Sep 2024 14:54:07 +0000

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash, a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The government also indicted a top Russian cybercriminal known as Taleon, whose cryptocurrency exchange Cryptex has evolved into one of Russia’s most active money laundering networks.

Independent Krebs Security

Timeshare Owner? The Mexican Drug Cartels Want You

September 25, 2024 0 Comments A Little Sunshine, Breadcrumbs, constella intelligence, datasur host, escshieldsecurity network, jalisco drug cartel, Latest Warnings, Ne'er-Do-Well News, telemarketing scams, timeshare scams

Credit to Author: BrianKrebs| Date: Wed, 25 Sep 2024 16:26:12 +0000

The FBI is warning timeshare owners to be wary of a prevalent telemarketing scam involving a violent Mexican drug cartel that tries to trick elderly people into believing someone wants to buy their property. This is the story of a couple who recently lost more than $50,000 to an ongoing timeshare scam that spans at least two dozen phony escrow, title and realty firms.

Independent Krebs Security

This Windows PowerShell Phish Has Scary Potential

September 19, 2024 0 Comments A Little Sunshine, captcha, github, Latest Warnings, lumma stealer, microsoft powershell, virustotal.com, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Thu, 19 Sep 2024 19:39:09 +0000

Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. While it’s unlikely that many programmers fell for this scam, it’s notable because less targeted versions of it are likely to be far more successful against the average Windows user.

Independent Krebs Security

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

September 18, 2024 0 Comments 148.251.54.196, A Little Sunshine, apkdownloadweb, Breadcrumbs, constella intelligence, domaintools, facebook funeral scams, Latest Warnings, mohammod abdullah khondokar, mohammod mehedi hasan, Web Fraud 2.0, webhostbd

Credit to Author: BrianKrebs| Date: Wed, 18 Sep 2024 13:43:51 +0000

Scammers are flooding Facebook with groups that purport to offer video streaming of funeral services for the recently deceased. Friends and family who follow the links for the streaming services are then asked to cough up their credit card information. Recently, these scammers have branched out into offering fake streaming services for nearly any kind of event advertised on Facebook. Here’s a closer look at the size of this scheme, and some findings about who may be responsible.

Independent Krebs Security

The Dark Nexus Between Harm Groups and ‘The Com’

September 13, 2024 0 Comments 2992, 303, 404, 545, 555, 6996, 7997, 8884, advance auto parts, ali winston, alphv, aspertaine, AT&T, beige group, black cat, bloomberg, breachforums, Breadcrumbs, chumlul, court, CrowdStrike, cultist, cvlt, der spiegel, discord, doxbin, ea games, h3ll, harm nation, james thomas andrew mccarty, judische, kalana limkin, kaskar, kayte, kingbob, kt, kya christian nelson, leak society, lending tree, mandiant, mark rasch, mgm resorts, Microsoft, minecraft, Ne'er-Do-Well News, neiman marcus, nicholas "convict" ceraolo, nmk, noah michael urban, NVIDIA, okta, owen david flowers, pompompurin, rcmp, recorder, roblox, royal canadian mounted police, sagar "weep" singh, Samsung, santander bank, scattered spider, SIM swapping, slit town, snowflake, sosa, star chat, steam, SWATting, T-Mobile, telegram, the com, the washington post, Ticketmaster, twitch, u.s. department of justice, u.s. drug enforcement agency, unc5537, unit 221b, vile, violence-as-a-service, vsphere, waifu, Web Fraud 2.0, wired

Credit to Author: BrianKrebs| Date: Fri, 13 Sep 2024 12:16:45 +0000

A cyberattack that shut down some of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023: It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia. But that made-for-Hollywood narrative has eclipsed a far more hideous trend: Many of these young, Western cybercriminals are also members of fast-growing online groups that exist solely to bully, stalk, harass and extort vulnerable teens into physically harming themselves and others.

Independent Krebs Security

Bug Left Some Windows PCs Dangerously Unpatched

September 12, 2024 0 Comments cve-2024-38217, cve-2024-38226, cve-2024-43491, immersive labs, kev breen, mark of the web, Microsoft, Microsoft Office, patch tuesday september 2024, rapid7, satnam narang, Time to Patch

Credit to Author: BrianKrebs| Date: Tue, 10 Sep 2024 21:46:21 +0000

Microsoft Corp. today released updates to fix at least 79 security vulnerabilities in its Windows operating systems and related software, including multiple flaws that are already showing up in active attacks. Microsoft also corrected a critical bug that has caused some Windows 10 PCs to remain dangerously unpatched against actively exploited vulnerabilities for several months this year.