The Coming Storm – Page 2 – PossibleThreat Articles

Phish-Friendly Domain Registry “.top” Put on Notice

July 23, 2024 0 Comments .top, A Little Sunshine, Anti-Phishing Working Group, dave piscitello, interisle consulting group, internet corporation for assigned names and numbers, jiangsu bangning science & technology co. ltd, Latest Warnings, The Coming Storm

Credit to Author: BrianKrebs| Date: Tue, 23 Jul 2024 19:41:51 +0000

The Chinese company in charge of handing out domain names ending in “.top” has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. The warning comes amid the release of new findings that .top was the most common suffix in phishing websites over the past year, second only to domains ending in “.com.”

Independent Krebs Security

‘Operation Endgame’ Hits Malware Delivery Platforms

May 30, 2024 0 Comments 911 s5, europol, icedid, lockbit, matt burgess, Ne'er-Do-Well News, operation endgame, Ransomware, smokeloader, The Coming Storm, trickbot

Credit to Author: BrianKrebs| Date: Thu, 30 May 2024 15:19:44 +0000

Law enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware. Dubbed “the largest ever operation against botnets,” the international effort is being billed as the opening salvo in an ongoing campaign targeting advanced malware “droppers” or “loaders” like IcedID, Smokeloader and Trickbot.

Independent Krebs Security

Why Your Wi-Fi Router Doubles as an Apple AirTag

May 21, 2024 0 Comments A Little Sunshine, Apple, bssid, david levin, erik rye, ieee, Latest Warnings, security tools, starlink, The Coming Storm, university of maryland, wi-fi location

Credit to Author: BrianKrebs| Date: Tue, 21 May 2024 16:21:20 +0000

Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly available data from Apple to track the location of billions of devices globally — including non-Apple devices like Starlink systems — and found they could use this data to monitor the destruction of Gaza, as well as the movements and in many cases identities of Russian and Ukrainian troops.

Independent Krebs Security

Why Your VPN May Not Be As Secure As It Claims

May 6, 2024 0 Comments A Little Sunshine, bill woodcock, dani cronce, dhcp option 121, dhcp starvation attack, dynamic host control protocol, john kristoff, Latest Warnings, leviathan security, lizzie moratti, packet clearing house, The Coming Storm, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Mon, 06 May 2024 14:24:47 +0000

Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target’s traffic off of the protection provided by their VPN without triggering any alerts to the user.

Independent Krebs Security

Why CISA is Warning CISOs About a Breach at Sisense

April 15, 2024 0 Comments A Little Sunshine, Data Breaches, nicholas weaver, sangram dash, sisense breach, The Coming Storm, u.s. cybersecurity and infrastructure security agency

Credit to Author: BrianKrebs| Date: Thu, 11 Apr 2024 20:48:06 +0000

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense customers to reset any credentials and secrets that may have been shared with the company, which is the same advice Sisense gave to its customers Wednesday evening.

Independent Krebs Security

Recent ‘MFA Bombing’ Attacks Targeting Apple Users

April 15, 2024 0 Comments A Little Sunshine, Apple, apple recovery key, kishan bagaria, Latest Warnings, mfa bombing, mfa fatigue, parth patel, peopledatalabs, The Coming Storm

Credit to Author: BrianKrebs| Date: Tue, 26 Mar 2024 15:37:54 +0000

Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple’s password reset feature. In this scenario, a target’s Apple devices are forced to display dozens of system-level prompts that prevent the devices from being used until the recipient responds “Allow” or “Don’t Allow” to each prompt. Assuming the user manages not to fat-finger the wrong button on the umpteenth password reset request, the scammers will then call the victim while spoofing Apple support in the caller ID, saying the user’s account is under attack and that Apple support needs to “verify” a one-time code.

Independent Krebs Security

Incognito Darknet Market Mass-Extorts Buyers, Sellers

March 11, 2024 0 Comments A Little Sunshine, brett johnson, double extortion, exit scam, incognito market, Ne'er-Do-Well News, shadowcrew, The Coming Storm

Credit to Author: BrianKrebs| Date: Mon, 11 Mar 2024 16:19:36 +0000

Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. The bold mass extortion attempt comes just days after Incognito Market administrators reportedly pulled an “exit scam” that left users unable to withdraw millions of dollars worth of funds from the platform.

Independent Krebs Security

Canadian Man Stuck in Triangle of E-Commerce Fraud

January 19, 2024 0 Comments A Little Sunshine, adavio, amazon.ca, duncan's first nation, rcmp, royal canadian mounted police, The Coming Storm, timothy barker, triangulation fraud, walmart, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Fri, 19 Jan 2024 15:34:53 +0000

A Canadian man who says he’s been falsely charged with orchestrating a complex e-commerce scam is seeking to clear his name. His case appears to involve “triangulation fraud,” which occurs when a consumer purchases something online — from a seller on Amazon or eBay, for example — but the seller doesn’t actually own the item for sale. Instead, the seller purchases the item from an online retailer using stolen payment card data. In this scam, the unwitting buyer pays the scammer and receives what they ordered, and very often the only party left to dispute the transaction is the owner of the stolen payment card.

Independent Krebs Security

Here’s Some Bitcoin: Oh, and You’ve Been Served!

January 13, 2024 0 Comments A Little Sunshine, Coinbase, ethan mora, judge helena m. march-kuchta, mark rasch, nick bax, ryan dellone, SIM swapping, The Coming Storm

Credit to Author: BrianKrebs| Date: Wed, 10 Jan 2024 13:39:37 +0000

A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. The case is thought to be the first in which a federal court has recognized… Read More »

Independent Krebs Security

Microsoft Patch Tuesday, December 2023 Edition

December 12, 2023 0 Comments cve-2023-35628, cve-2023-35636, cve-2023-35641, immersive labs, kevin breen, Latest Warnings, microsoft patch tuesday december 2023, satnam narang, tenable, The Coming Storm, Time to Patch

Credit to Author: BrianKrebs| Date: Tue, 12 Dec 2023 22:21:00 +0000

The final Patch Tuesday of 2023 is upon us, with Microsoft Corp. today releasing fixes for a relatively small number of security holes in its Windows operating systems and other software. Even more unusual, there are no known “zero-day” threats targeting any of the vulnerabilities in December’s patch batch. Still, four of the updates pushed out today address “critical” vulnerabilities that Microsoft says can be exploited by malware or malcontents to seize complete control over a vulnerable Windows device with little or no help from users.