A Little Sunshine – Page 5 – PossibleThreat Articles

Why Your Wi-Fi Router Doubles as an Apple AirTag

May 21, 2024 0 Comments A Little Sunshine, Apple, bssid, david levin, erik rye, ieee, Latest Warnings, security tools, starlink, The Coming Storm, university of maryland, wi-fi location

Credit to Author: BrianKrebs| Date: Tue, 21 May 2024 16:21:20 +0000

Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly available data from Apple to track the location of billions of devices globally — including non-Apple devices like Starlink systems — and found they could use this data to monitor the destruction of Gaza, as well as the movements and in many cases identities of Russian and Ukrainian troops.

Independent Krebs Security

How Did Authorities Identify the Alleged Lockbit Boss?

May 13, 2024 0 Comments 3k@xakep.ru, 7.9521020220, A Little Sunshine, antichat, Breadcrumbs, cerber, constella intelligence, d.horoshev@gmail.com, dmitrij ju horoshev, dmitry yuriyevich khoroshev, Exploit, icq number 669316, intel 471, khoroshev1@icloud.com, lockbit, lockbitsupp, Ne'er-Do-Well News, nerowolfe, pin@darktower.su, putinkrab, Ransomware, Ransomware as a Service, sitedev5@yandex.ru, stairwell.ru, tkaner.com, u.s. department of the treasury, verified

Credit to Author: BrianKrebs| Date: Mon, 13 May 2024 11:26:27 +0000

Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit’s leader “LockBitSupp” claims the feds named the wrong guy, saying the charges don’t explain how they connected him to Khoroshev. This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years.

Independent Krebs Security

U.S. Charges Russian Man as Boss of LockBit Ransomware Group

May 7, 2024 0 Comments A Little Sunshine, dmitry yuryevich khoroshev, lockbitsupp, Ne'er-Do-Well News, russia's war on ukraine, u.s. attorney philip r. sellinger, u.s. department of justice, Дмитрий Юрьевич Хорошев

Credit to Author: BrianKrebs| Date: Tue, 07 May 2024 17:36:14 +0000

The United States joined the United Kingdom and Australia today in sanctioning 31-year-old Russian national Dmitry Yuryevich Khoroshev as the alleged leader of the infamous ransomware group LockBit. The U.S. Department of Justice also indicted Khoroshev as the gang’s leader “LockbitSupp,” and charged him with using Lockbit to attack more than 2,000 victims and extort at least $100 million in ransomware payments.

Independent Krebs Security

Why Your VPN May Not Be As Secure As It Claims

May 6, 2024 0 Comments A Little Sunshine, bill woodcock, dani cronce, dhcp option 121, dhcp starvation attack, dynamic host control protocol, john kristoff, Latest Warnings, leviathan security, lizzie moratti, packet clearing house, The Coming Storm, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Mon, 06 May 2024 14:24:47 +0000

Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target’s traffic off of the protection provided by their VPN without triggering any alerts to the user.

Independent Krebs Security

Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme

April 22, 2024 0 Comments A Little Sunshine, alexander kovalev, artem zaitsev, federal security service (fsb), ferum shop, get-net llc, grigory tsaregorodtsev, Ne'er-Do-Well News, sky-fraud, trump's-dumps, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Mon, 22 Apr 2024 20:07:56 +0000

The head of counterintelligence for a division of the Russian Federal Security Service (FSB) was sentenced last week to nine years in a penal colony for accepting a USD $1.7 million bribe to ignore the activities of a prolific Russian cybercrime group that hacked thousands of e-commerce websites. The protection scheme was exposed in 2022 when Russian authorities arrested six members of the group, which sold millions of stolen payment cards at flashy online shops like Trump’s Dumps.

Independent Krebs Security

Crickets from Chirp Systems in Smart Lock Key Leak

April 15, 2024 0 Comments A Little Sunshine, august.com, chirp systems, Latest Warnings, matt brown, ProPublica, realpage inc., security tools, u.s. cybersecurity & infrastructure security agency

Credit to Author: BrianKrebs| Date: Mon, 15 Apr 2024 14:51:17 +0000

The U.S. government is warning that smart locks securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. The lock’s maker Chirp Systems remains unresponsive, even though it was first notified about the critical weakness in March 2021. Meanwhile, Chirp’s parent company, RealPage, Inc., is being sued by multiple U.S. states for allegedly colluding with landlords to illegally raise rents.

Independent Krebs Security

Why CISA is Warning CISOs About a Breach at Sisense

April 15, 2024 0 Comments A Little Sunshine, Data Breaches, nicholas weaver, sangram dash, sisense breach, The Coming Storm, u.s. cybersecurity and infrastructure security agency

Credit to Author: BrianKrebs| Date: Thu, 11 Apr 2024 20:48:06 +0000

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense customers to reset any credentials and secrets that may have been shared with the company, which is the same advice Sisense gave to its customers Wednesday evening.

Independent Krebs Security

Fake Lawsuit Threat Exposes Privnote Phishing Sites

April 15, 2024 0 Comments A Little Sunshine, alexandr ermakov, andrey sokol, Breadcrumbs, fory66399, hkleaks, Latest Warnings, metamask, privnote, privnote.com, russia's war on ukraine, taylor monahan, tornote.io, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Thu, 04 Apr 2024 14:12:16 +0000

A cybercrook who has been setting up websites that mimic the self-destructing message service Privnote.com accidentally exposed the breadth of their operations recently when they threatened to sue a software company. The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers.

Independent Krebs Security

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

April 15, 2024 0 Comments A Little Sunshine, bluebtcus@gmail.com, Breadcrumbs, domaintools.com, fudco, fudpage, fudsender, fudtools, heartsender, Ne'er-Do-Well News, saim raza, the manipulaters, we code solutions, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 03 Apr 2024 13:16:25 +0000

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “The Manipulaters,” a sprawling web hosting network of phishing and spam delivery platforms. In January 2024, The Manipulaters pleaded with this author to unpublish previous stories about their work, claiming the group had turned over a new leaf and gone legitimate. But new research suggests that while they have improved the quality of their products and services, these nitwits still fail spectacularly at hiding their illegal activities.

Independent Krebs Security

Thread Hijacking: Phishes That Prey on Your Curiosity

April 15, 2024 0 Comments A Little Sunshine, adam kidan, brett sholtis, empire workforce solutions, lancasteronline.com, Latest Warnings, multi-persona phishing, Ne'er-Do-Well News, phishing, proofpoint, ryan kalember, thread hijacking, tom murse, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Thu, 28 Mar 2024 23:56:13 +0000

Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else. These missives draw on the recipient’s natural curiosity about being copied on a private discussion, which is modified to include a malicious link or attachment. Here’s the story of a recent thread hijacking attack in which a journalist was copied on a phishing email from the unwilling subject of a recent scoop.