A Little Sunshine – Page 4 – PossibleThreat Articles

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks

July 15, 2024 0 Comments A Little Sunshine, Data Breaches, google domains, Latest Warnings, metamask, paradigm, squarespace, taylor monahan, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Mon, 15 Jul 2024 15:24:46 +0000

At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, merely by supplying an email address tied to an existing domain.

Independent Krebs Security

Crooks Steal Phone, SMS Records for Nearly All AT&T Customers

July 12, 2024 0 Comments A Little Sunshine, advance auto parts, allstate, anheuser-busch, at&t breach, Data Breaches, FBI, Latest Warnings, los angeles unified, mitsubishi, neiman marcus, progressive, pure storage, santander bank, snowflake hack, state farm, techcrunch, Ticketmaster, U.S. Securities and Exchange Commission, wired

Credit to Author: BrianKrebs| Date: Fri, 12 Jul 2024 18:12:20 +0000

AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T said it delayed disclosing the incident in response to “national security and public safety concerns,” noting that some of the records included data that could be used to determine where a call was made or text message sent. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).

Independent Krebs Security

KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO

June 20, 2024 0 Comments 617-794-0001, A Little Sunshine, aleksej gubarev, andtop company, atlas data privacy corp., barsky.com, better business bureau, bitseller expert limited, boston law group, Breadcrumbs, buzzfeed, constella intelligence, difive.com, dmitry lubarsky, domaintools.com, gary norden, gn@difive.com, humanbook, igor lubarsky, pavel kaydash, radaris, radaris.com, steele dossier, trustoria.com, val gurvits, webzilla, xbt holding

Credit to Author: BrianKrebs| Date: Thu, 20 Jun 2024 19:16:01 +0000

On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The subjects of that piece are threatening to sue KrebsOnSecurity for defamation unless the story is retracted. Meanwhile, their attorney has admitted that the person Radaris named as the CEO from its inception is a fabricated identity.

Independent Krebs Security

Stark Industries Solutions: An Iron Hammer in the Cloud

May 23, 2024 0 Comments A Little Sunshine, andrey nesterenko, arbor, as44477, blue charlie, Breadcrumbs, callisto group, coldriver, comcast cable communications, computer technologies institute ltd, constella intelligence, correctiv.org, DDoS-for-hire, ddosia, dfyz, dfyz_bk@bk.ru, don chicho, egihosting, eset, federal state autonomous educational establishment of additional professional education center of realization of state educational policy and informational technologies, green floid llc, information technology laboratories group, innovation it solutions corp, integrated technologies laboratory, intel 471, internet research agency, itl llc, jeffrey carr, lockbit, max tulyev, mercenaries team, mirhosting, netassist, netscout, noname057(16), perfect quality hosting, pq hosting plus s.r.l., prolocation, proxyline, raymond dijkxhoorn, recorded future, richard hummel, russia's war on ukraine, seaborgium, serverius-as, spamhaus, stark industries solutions, surbl, team cymru, ukrinform

Credit to Author: BrianKrebs| Date: Thu, 23 May 2024 23:32:43 +0000

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. An investigation into Stark Industries reveals it is being used as a global proxy network that conceals the true source of cyberattacks and disinformation campaigns against enemies of Russia.

Independent Krebs Security

Why Your Wi-Fi Router Doubles as an Apple AirTag

May 21, 2024 0 Comments A Little Sunshine, Apple, bssid, david levin, erik rye, ieee, Latest Warnings, security tools, starlink, The Coming Storm, university of maryland, wi-fi location

Credit to Author: BrianKrebs| Date: Tue, 21 May 2024 16:21:20 +0000

Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly available data from Apple to track the location of billions of devices globally — including non-Apple devices like Starlink systems — and found they could use this data to monitor the destruction of Gaza, as well as the movements and in many cases identities of Russian and Ukrainian troops.

Independent Krebs Security

How Did Authorities Identify the Alleged Lockbit Boss?

May 13, 2024 0 Comments 3k@xakep.ru, 7.9521020220, A Little Sunshine, antichat, Breadcrumbs, cerber, constella intelligence, d.horoshev@gmail.com, dmitrij ju horoshev, dmitry yuriyevich khoroshev, Exploit, icq number 669316, intel 471, khoroshev1@icloud.com, lockbit, lockbitsupp, Ne'er-Do-Well News, nerowolfe, pin@darktower.su, putinkrab, Ransomware, Ransomware as a Service, sitedev5@yandex.ru, stairwell.ru, tkaner.com, u.s. department of the treasury, verified

Credit to Author: BrianKrebs| Date: Mon, 13 May 2024 11:26:27 +0000

Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit’s leader “LockBitSupp” claims the feds named the wrong guy, saying the charges don’t explain how they connected him to Khoroshev. This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years.

Independent Krebs Security

U.S. Charges Russian Man as Boss of LockBit Ransomware Group

May 7, 2024 0 Comments A Little Sunshine, dmitry yuryevich khoroshev, lockbitsupp, Ne'er-Do-Well News, russia's war on ukraine, u.s. attorney philip r. sellinger, u.s. department of justice, Дмитрий Юрьевич Хорошев

Credit to Author: BrianKrebs| Date: Tue, 07 May 2024 17:36:14 +0000

The United States joined the United Kingdom and Australia today in sanctioning 31-year-old Russian national Dmitry Yuryevich Khoroshev as the alleged leader of the infamous ransomware group LockBit. The U.S. Department of Justice also indicted Khoroshev as the gang’s leader “LockbitSupp,” and charged him with using Lockbit to attack more than 2,000 victims and extort at least $100 million in ransomware payments.

Independent Krebs Security

Why Your VPN May Not Be As Secure As It Claims

May 6, 2024 0 Comments A Little Sunshine, bill woodcock, dani cronce, dhcp option 121, dhcp starvation attack, dynamic host control protocol, john kristoff, Latest Warnings, leviathan security, lizzie moratti, packet clearing house, The Coming Storm, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Mon, 06 May 2024 14:24:47 +0000

Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target’s traffic off of the protection provided by their VPN without triggering any alerts to the user.

Independent Krebs Security

Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme

April 22, 2024 0 Comments A Little Sunshine, alexander kovalev, artem zaitsev, federal security service (fsb), ferum shop, get-net llc, grigory tsaregorodtsev, Ne'er-Do-Well News, sky-fraud, trump's-dumps, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Mon, 22 Apr 2024 20:07:56 +0000

The head of counterintelligence for a division of the Russian Federal Security Service (FSB) was sentenced last week to nine years in a penal colony for accepting a USD $1.7 million bribe to ignore the activities of a prolific Russian cybercrime group that hacked thousands of e-commerce websites. The protection scheme was exposed in 2022 when Russian authorities arrested six members of the group, which sold millions of stolen payment cards at flashy online shops like Trump’s Dumps.

Independent Krebs Security

Crickets from Chirp Systems in Smart Lock Key Leak

April 15, 2024 0 Comments A Little Sunshine, august.com, chirp systems, Latest Warnings, matt brown, ProPublica, realpage inc., security tools, u.s. cybersecurity & infrastructure security agency

Credit to Author: BrianKrebs| Date: Mon, 15 Apr 2024 14:51:17 +0000

The U.S. government is warning that smart locks securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. The lock’s maker Chirp Systems remains unresponsive, even though it was first notified about the critical weakness in March 2021. Meanwhile, Chirp’s parent company, RealPage, Inc., is being sued by multiple U.S. states for allegedly colluding with landlords to illegally raise rents.