The Coming Storm – PossibleThreat Articles

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

February 28, 2025 0 Comments A Little Sunshine, alfa bank, bearhost, gootloader, interisle consulting group, intrinsec, kaspersky lab, kentik, Ne'er-Do-Well News, prospero ooo, Ransomware, securehost, silent push, SocGholish, spamhaus, The Coming Storm, zach edwards

Credit to Author: BrianKrebs| Date: Fri, 28 Feb 2025 20:14:58 +0000

One of the most notorious providers of abuse-friendly “bulletproof” web hosting for cybercriminals has started routing its operations through networks run by the Russian antivirus and security firm Kaspersky Lab, KrebsOnSecurity has learned.

Independent Krebs Security

Trump 2.0 Brings Cuts to Cyber, Consumer Protections

February 28, 2025 0 Comments A Little Sunshine, bruce schneier, bybit, christopher stanley, Coinbase, conservative political action conference, consumer financial protection bureau, cybersecurity and infrastructure security agency, davi ottenheimer, department of government efficiency, department of homeland security, Department of Justice, edward coristine, gavin kliger, global investigative journalism network, hunter labs, internal revenue service, jacob silverman, jacob williams, katie arrington, kleptocapture task force, kleptocracy asset recovery initiative, Latest Warnings, leland dudek, lizardstresser, michelle king, natalya martynova, national institute of standards and technology, national treasury employees union, office of management and budget, office of personnel management, organized crime and corruption reporting project, president donald trump, project 2025, rep. andy ogles, russia's war on ukraine, sean cairncross, social security administration, starlink, The Coming Storm, treasury department, u.s. agency for international development, u.s. foreign corrupt practices act, U.S. Securities and Exchange Commission, valery martynov, vladimir putin, volodymyr zelensky

Credit to Author: BrianKrebs| Date: Sun, 23 Feb 2025 23:02:14 +0000

One month into his second term, President Trump’s actions to shrink the government through mass layoffs, firings and withholding funds allocated by Congress have thrown federal cybersecurity and consumer protection programs into disarray. At the same time, agencies are battling an ongoing effort by the world’s richest man to wrest control over their networks and data.

Independent Krebs Security

How Phished Data Turns into Apple & Google Wallets

February 28, 2025 0 Comments A Little Sunshine, All About Skimmers, andy chandler, Apple, csis security group, ford merrill, ghost tap, Google, grant smith, imessage, m3aawg, rcs, resecurity, secalliance, smishing, The Coming Storm, threatfabric, Web Fraud 2.0, znfc

Credit to Author: BrianKrebs| Date: Tue, 18 Feb 2025 18:37:26 +0000

Carding — the underground business of stealing, selling and swiping stolen payment card data — has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores.

Independent Krebs Security

Teen on Musk’s DOGE Team Graduated from ‘The Com’

February 7, 2025 0 Comments A Little Sunshine, as400495, backconnect security llc, curtis gervais, diamondcdn, director of national intelligence, doge, dstat, edward coristine, elon musk, eric taylor, marshal webb, Ne'er-Do-Well News, neuralink, packetware, path networks, president trump, rivage, tesla sexy llc, the com, The Coming Storm, tucker preston, wired

Credit to Author: BrianKrebs| Date: Sat, 08 Feb 2025 00:32:53 +0000

Wired reported this week that a 19-year-old working for Elon Musk’s so-called Department of Government Efficiency (DOGE) was given access to sensitive US government systems even though his past association with cybercrime communities should have precluded him from gaining the necessary security clearances to do so. As today’s story explores, the DOGE teen is a former denizen of ‘The Com,’ an archipelago of Discord and Telegram chat channels that function as a kind of distributed cybercriminal social network for facilitating instant collaboration.

Independent Krebs Security

Experts Flag Security, Privacy Risks in DeepSeek AI App

February 6, 2025 0 Comments A Little Sunshine, andrew hoog, app transport security, Apple, Artificial intelligence, bytedance, china, deepseek, deepseek ai, iOS, Latest Warnings, nowsecure, The Coming Storm, volcengine

Credit to Author: BrianKrebs| Date: Thu, 06 Feb 2025 21:12:30 +0000

New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three “free” downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek’s design choices — such as using hard-coded encryption keys, and sending unencrypted user and device data to Chinese companies — introduce a number of glaring security and privacy risks.

Independent Krebs Security

A Tumultuous Week for Federal Cybersecurity Efforts

January 27, 2025 0 Comments A Little Sunshine, alfa bank, david sacks, house judiciary committee's select subcommittee on the weaponization of the federal government, jack goldsmith, joe hall, john durham, lawfare, melania trump, michael sussman, president trump, quinta jurecic, rep. jim jordan, The Coming Storm, united states council on transnational organized crime, world liberty financial

Credit to Author: BrianKrebs| Date: Tue, 28 Jan 2025 02:50:10 +0000

President Trump last week issued a flurry of executive orders that upended a number of government initiatives focused on improving the nation’s cybersecurity posture. The president fired all advisors from the Department of Homeland Security’s Cyber Safety Review Board, called for the creation of a strategic cryptocurrency reserve, and voided a Biden administration action that sought to reduce the risks that artificial intelligence poses to consumers, workers and national security.

Independent Krebs Security

Microsoft: Happy 2025. Here’s 161 Security Updates

January 14, 2025 0 Comments adam barnett, bitlocker, bob hopkins, cve-2024-49142, cve-2025-21186, cve-2025-21210, cve-2025-21298, cve-2025-21311, cve-2025-21333, cve-2025-21334, cve-2025-21335, cve-2025-21366, cve-2025-21395, kev breen, Latest Warnings, microsoft access, microsoft patch tuesday january 2025, rapid7, satnam narang, The Coming Storm, Time to Patch, unpatched.ai, windows 11, windows hyper-v, windows ntlmv1

Credit to Author: BrianKrebs| Date: Tue, 14 Jan 2025 22:50:00 +0000

Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017.

Independent Krebs Security

A Day in the Life of a Prolific Voice Phishing Crew

January 7, 2025 0 Comments 800-275-2273, A Little Sunshine, allison nixon, aristotle, autodoxers, Coinbase, crypto chameleon, discord, domaintools, Latest Warnings, lookout, mark cuban, okta, perm, shark tank, star fraud, stotle, telegram, The Coming Storm, trezor, unit 221b, voice phishing, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 07 Jan 2025 23:41:53 +0000

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. However, new details about the internal operations of a prolific voice phishing gang show the group routinely abuses legitimate services at Apple and Google to force a variety of outbound communications to their users, including emails, automated phone calls and system-level messages sent to all signed-in devices.

Independent Krebs Security

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

December 19, 2024 0 Comments A Little Sunshine, acunetix, altug sara, altugsara321@gmail.com, araneida scanner, bilitro yazilim, Breadcrumbs, domaintools, Fin7, invicti security, matt sciberras, Ne'er-Do-Well News, neil roseman, ori0nbusiness@protonmail.com, silent push, The Coming Storm, u.s. department of health and human services, zach edwards

Credit to Author: BrianKrebs| Date: Thu, 19 Dec 2024 17:07:30 +0000

Cybercriminals are selling hundreds of thousands of credential sets stolen with the help of a cracked version of Acunetix, a powerful commercial web app vulnerability scanner, new research finds. The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey.

Independent Krebs Security

Why Phishers Love New TLDs Like .shop, .top and .xyz

December 3, 2024 0 Comments @chenlun, A Little Sunshine, and mobile anti-abuse working group, Anti-Phishing Working Group, coalition against unsolicited commercial email, icann, interisle consulting, internet corporation for assigned names and numbers, john levine, Latest Warnings, malware, messaging, new gtlds, phishing, Spam, The Coming Storm, u.s. postal service

Credit to Author: BrianKrebs| Date: Tue, 03 Dec 2024 13:27:31 +0000

Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds. Meanwhile, the nonprofit entity that oversees the domain name industry is moving forward with plans to introduce a slew of new gTLDs.

← Previous