Latest Warnings – PossibleThreat Articles

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

January 16, 2025 0 Comments @chenlun, A Little Sunshine, csis security group, ezdrivema, FBI, ford merrill, IC3, imessage, Latest Warnings, lighthouse, massdot, north texas toll authority, rcs, secalliance, smishing, sms phishing, sunpass, the toll roads, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Thu, 16 Jan 2025 21:18:48 +0000

Residents across the United States are being inundated with text messages purporting to come from toll road operators like E-ZPass, warning that recipients face fines if a delinquent toll fee remains unpaid. Researchers say the surge in SMS spam coincides with new features added to a popular commercial phishing kit sold in China that makes it simple to set up convincing lures spoofing toll road operators in multiple U.S. states.

Independent Krebs Security

Microsoft: Happy 2025. Here’s 161 Security Updates

January 14, 2025 0 Comments adam barnett, bitlocker, bob hopkins, cve-2024-49142, cve-2025-21186, cve-2025-21210, cve-2025-21298, cve-2025-21311, cve-2025-21333, cve-2025-21334, cve-2025-21335, cve-2025-21366, cve-2025-21395, kev breen, Latest Warnings, microsoft access, microsoft patch tuesday january 2025, rapid7, satnam narang, The Coming Storm, Time to Patch, unpatched.ai, windows 11, windows hyper-v, windows ntlmv1

Credit to Author: BrianKrebs| Date: Tue, 14 Jan 2025 22:50:00 +0000

Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017.

Independent Krebs Security

A Day in the Life of a Prolific Voice Phishing Crew

January 7, 2025 0 Comments 800-275-2273, A Little Sunshine, allison nixon, aristotle, autodoxers, Coinbase, crypto chameleon, discord, domaintools, Latest Warnings, lookout, mark cuban, okta, perm, shark tank, star fraud, stotle, telegram, The Coming Storm, trezor, unit 221b, voice phishing, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 07 Jan 2025 23:41:53 +0000

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. However, new details about the internal operations of a prolific voice phishing gang show the group routinely abuses legitimate services at Apple and Google to force a variety of outbound communications to their users, including emails, automated phone calls and system-level messages sent to all signed-in devices.

Independent Krebs Security

How to Lose a Fortune with Just One Bad Click

December 18, 2024 0 Comments (650) 203-0000, A Little Sunshine, Coinbase, daniel from google, gemini ai, Google Assistant, google docs, google forms, google photos, graham cluely, junseth, Latest Warnings, minecraft, Ne'er-Do-Well News, swancoin, trezor, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 18 Dec 2024 13:17:59 +0000

Adam Griffin is still in disbelief over how quickly he was robbed of nearly $500,000 in cryptocurrencies. A scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to click “yes” to a Google prompt on his mobile device.

Independent Krebs Security

Why Phishers Love New TLDs Like .shop, .top and .xyz

December 3, 2024 0 Comments @chenlun, A Little Sunshine, and mobile anti-abuse working group, Anti-Phishing Working Group, coalition against unsolicited commercial email, icann, interisle consulting, internet corporation for assigned names and numbers, john levine, Latest Warnings, malware, messaging, new gtlds, phishing, Spam, The Coming Storm, u.s. postal service

Credit to Author: BrianKrebs| Date: Tue, 03 Dec 2024 13:27:31 +0000

Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds. Meanwhile, the nonprofit entity that oversees the domain name industry is moving forward with plans to introduce a slew of new gTLDs.

Independent Krebs Security

Fintech Giant Finastra Investigating Data Breach

November 19, 2024 0 Comments abyss0, breachforums, Data Breaches, finastra, ke-la.com, Latest Warnings, Ne'er-Do-Well News, The Coming Storm

Credit to Author: BrianKrebs| Date: Wed, 20 Nov 2024 01:12:15 +0000

The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of a potential breach after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company.

Independent Krebs Security

FBI: Spike in Hacked Police Emails, Fake Subpoenas

November 9, 2024 0 Comments A Little Sunshine, emergency data request, fake edr, FBI, kodex, Latest Warnings, matt donahue, pwnstar, The Coming Storm, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Sat, 09 Nov 2024 19:20:26 +0000

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based technology companies.

Independent Krebs Security

Booking.com Phishers May Leave You With Reservations

November 1, 2024 0 Comments A Little Sunshine, booking.com, Latest Warnings, phishing, secureworks, spear phishing, The Coming Storm, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Fri, 01 Nov 2024 21:12:38 +0000

A number of cybercriminal innovations are making it easier for scammers to cash in on your upcoming travel plans. This story examines a recent spear-phishing campaign that ensued when a California hotel had its booking.com credentials stolen. We’ll also explore an array of cybercrime services aimed at phishers who target hotels that rely on the world’s most visited travel website.

Independent Krebs Security

Change Healthcare Breach Hits 100M Americans

October 30, 2024 0 Comments alphv, anthem inc., blackcat, Data Breaches, Equifax, experian, hipaa journal, idx, Latest Warnings, ransomhub, sen. mark warner, sen. ron wyden, The Coming Storm, transunion, u.s. department of health and human resources, united health group

Credit to Author: BrianKrebs| Date: Wed, 30 Oct 2024 13:34:08 +0000

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information.

Independent Krebs Security

The Global Surveillance Free-for-All in Mobile Ad Data

October 23, 2024 0 Comments A Little Sunshine, accuweather, adx, android advertising id, app tracking transparency, Apple, associated press, bid request, br24, daniel's law, Electronic Frontier Foundation, eva galperin, fog reveal, gasbuddy, Google, grindr, identifier for advertisers, judge andrew f. wilkinson judicial security act, justin sherman, justyna maloney, Latest Warnings, macy's, maid, mobile advertising id, myfitnesspal, netzpolitik.org, scott maloney, sen. ron wyden, silentpush, tangles, The Coming Storm, troutman pepper, U.S. Securities and Exchange Commission, webloc, zach edwards

Credit to Author: BrianKrebs| Date: Wed, 23 Oct 2024 11:30:18 +0000

Not long ago, the ability to remotely track someone’s daily movements just by knowing their home address, employer, or place of worship was considered a powerful surveillance tool that should only be in the purview of nation states. But a new lawsuit in a likely constitutional battle over a New Jersey privacy law shows that anyone can now access this capability, thanks to a proliferation of commercial services that hoover up the digital exhaust emitted by widely-used mobile apps and websites.

← Previous