Web Fraud 2.0 – Page 2 – PossibleThreat Articles

Owners of 1-Time Passcode Theft Service Plead Guilty

September 12, 2024 0 Comments A Little Sunshine, aza siddeeque, callum picari, national crime agency, Ne'er-Do-Well News, otp agency, RaidForums, smsranger, vijayasidhurshan vijayanathan, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Mon, 02 Sep 2024 16:46:35 +0000

Three men in the United Kingdom have pleaded guilty to operating otp[.]agency, a once popular online service that helped attackers intercept the one-time passcodes (OTPs) that many websites require as a second authentication factor in addition to passwords. Launched in November 2019, OTP Agency was a service for intercepting one-time passwords needed to log in to various websites. Scammers would enter the target’s phone number and name, and the service would initiate an automated phone call to the target that alerts them about unauthorized activity on their account.

Independent Krebs Security

Local Networks Go Global When Domain Names Collide

August 23, 2024 0 Comments A Little Sunshine, active directory, andorra, dns name devolution, Latest Warnings, memphis real-time crime center, memrtcc.ad, mike barlow, mike o'connor, namespace collision, philippe caturegli, seralys, The Coming Storm, Web Fraud 2.0, web proxy auto-discovery protocol, wpad.ad, wpad.dk

Credit to Author: BrianKrebs| Date: Fri, 23 Aug 2024 14:12:31 +0000

The proliferation of new top-level domains (TLDs) has exacerbated a well-known security weakness: Many organizations set up their internal Microsoft authentication systems years ago using domain names in TLDs that didn’t exist at the time. Meaning, they are continuously sending their Windows usernames and passwords to domain names they do not control and which are freely available for anyone to register. Here’s a look at one security researcher’s efforts to map and shrink the size of this insidious problem.

Independent Krebs Security

Don’t Let Your Domain Name Become a “Sitting Duck”

July 31, 2024 0 Comments A Little Sunshine, apwg, dave mitchell, digicert, digital ocean, dnsmadeeasy, eclypsium, Hostinger, infoblox, Latest Warnings, matthew bryant, sitting duck domains, steve job, Time to Patch, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 31 Jul 2024 12:06:45 +0000

More than a million domain names — including many registered by Fortune 100 firms and brand protection companies — are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at a number of large web hosting providers and domain registrars, new research finds.

Independent Krebs Security

Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services

July 26, 2024 0 Comments A Little Sunshine, anu yamunan, dropbox, Google, google workspace, Latest Warnings, sign in with google, Slack, squarespace, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Fri, 26 Jul 2024 21:31:54 +0000

Google says it recently fixed an authentication weakness that allowed crooks to circumvent email verification needed to create a Google Workspace account, and leverage that to impersonate a domain holder to third-party services that allow logins through Google’s “Sign in with Google” feature.

Independent Krebs Security

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks

July 15, 2024 0 Comments A Little Sunshine, Data Breaches, google domains, Latest Warnings, metamask, paradigm, squarespace, taylor monahan, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Mon, 15 Jul 2024 15:24:46 +0000

At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, merely by supplying an email address tied to an existing domain.

Independent Krebs Security

The Stark Truth Behind the Resurgence of Russia’s Fin7

July 10, 2024 0 Comments 7-zip, advanced ip scanner, aimp, anydesk, autodesk, bastion secure, bitwarden, blackberry, Combi Security, esentire, Fin7, malwarebytes, Microsoft, Ne'er-Do-Well News, node.js, notepad++, pgadmin, prodaft, protectedpdfviewer, putty, python, Ransomware, rest proxy, russia's war on ukraine, silent push, spearphishing, stark industries solutions, sublime text, typosquatting, Web Fraud 2.0, zach edwards

Credit to Author: BrianKrebs| Date: Wed, 10 Jul 2024 16:22:59 +0000

The Russia-based cybercrime group dubbed “Fin7,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 — setting up thousands of websites mimicking a range of media and technology companies — with the help of Stark Industries Solutions, a sprawling hosting provider is a persistent source of cyberattacks against enemies of Russia.

Independent Krebs Security

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

June 15, 2024 0 Comments 0ktapus, caesars, Data Breaches, doordash, FBI, group-ib, king bob, lastpass, mailchimp, mgm, murcia today, Ne'er-Do-Well News, noah michael urban, okta, scattered spider, signal, SIM swapping, sosa, the com, tyler buchanan, vx-underground, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Sat, 15 Jun 2024 23:40:20 +0000

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years.

Independent Krebs Security

Why Your VPN May Not Be As Secure As It Claims

May 6, 2024 0 Comments A Little Sunshine, bill woodcock, dani cronce, dhcp option 121, dhcp starvation attack, dynamic host control protocol, john kristoff, Latest Warnings, leviathan security, lizzie moratti, packet clearing house, The Coming Storm, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Mon, 06 May 2024 14:24:47 +0000

Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target’s traffic off of the protection provided by their VPN without triggering any alerts to the user.

Independent Krebs Security

Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme

April 22, 2024 0 Comments A Little Sunshine, alexander kovalev, artem zaitsev, federal security service (fsb), ferum shop, get-net llc, grigory tsaregorodtsev, Ne'er-Do-Well News, sky-fraud, trump's-dumps, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Mon, 22 Apr 2024 20:07:56 +0000

The head of counterintelligence for a division of the Russian Federal Security Service (FSB) was sentenced last week to nine years in a penal colony for accepting a USD $1.7 million bribe to ignore the activities of a prolific Russian cybercrime group that hacked thousands of e-commerce websites. The protection scheme was exposed in 2022 when Russian authorities arrested six members of the group, which sold millions of stolen payment cards at flashy online shops like Trump’s Dumps.

Independent Krebs Security

Fake Lawsuit Threat Exposes Privnote Phishing Sites

April 15, 2024 0 Comments A Little Sunshine, alexandr ermakov, andrey sokol, Breadcrumbs, fory66399, hkleaks, Latest Warnings, metamask, privnote, privnote.com, russia's war on ukraine, taylor monahan, tornote.io, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Thu, 04 Apr 2024 14:12:16 +0000

A cybercrook who has been setting up websites that mimic the self-destructing message service Privnote.com accidentally exposed the breadth of their operations recently when they threatened to sue a software company. The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers.