Ransomware Hits B2B Payments Firm Billtrust

7 hours 7 minutes ago
Business-to-business payments provider Billtrust is still recovering from a ransomware attack that began last week.  The company said it is in the final stages of bringing all of its systems back online from backups.
BrianKrebs

Avast, NordVPN Breaches Tied to Phantom User Accounts

1 day 1 hour ago
Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that -- while otherwise unrelated -- shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.
BrianKrebs

When Card Shops Play Dirty, Consumers Win

5 days 22 hours ago
Cybercrime forums have been abuzz this week over news that BriansClub -- one of the underground's largest shops for stolen credit and debit cards -- had been hacked, and its inventory of 26 million cards leaked to security contacts in the banking industry. Now it appears this brazen heist may have been the result of one of BriansClub's longtime competitors trying to knock out a rival.
BrianKrebs

“BriansClub” Hack Rescues 26M Stolen Cards

1 week ago
"BriansClub," a popular underground store for buying stolen credit card data that uses Yours Truly's likeness in its advertising, has itself been hacked. The data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past four years, including almost eight million records uploaded to the shop in 2019 alone.
BrianKrebs

Patch Tuesday Lowdown, October 2019 Edition

1 week 6 days ago
On Tuesday Microsoft issued software updates to fix almost five dozen security problems in Windows and software designed to run on top of it. By most accounts, it's a relatively light patch batch this month. Here's a look at the highlights.
BrianKrebs

German Cops Raid “Cyberbunker 2.0,” Arrest 7 in Child Porn, Dark Web Market Sting

3 weeks 3 days ago
German authorities said Friday they'd arrested seven people and were investigating six more in connection with the raid of a Dark Web hosting operation that allegedly supported multiple child porn, cybercrime and drug markets with hundreds of servers buried inside a heavily fortified military bunker. Incredibly, for at least two of the men accused in the scheme, this was their second bunker-based hosting business that was raided by cops and shut down for courting and supporting illegal activity online.
BrianKrebs

MyPayrollHR CEO Arrested, Admits to $70M Fraud

3 weeks 4 days ago
Earlier this month, employees at more than 1,000 companies saw one or two paycheck's worth of funds deducted from their bank accounts after the CEO of their cloud payroll provider absconded with $35 million in payroll deposits from customers. On Monday, the CEO was arrested and allegedly confessed that the diversion was the last desperate gasp of a financial shell game that earned him $70 million over several years.
BrianKrebs

Interview With the Guy Who Tried to Frame Me for Heroin Possession

3 weeks 6 days ago
In April 2013, I received via U.S. mail more than a gram of pure heroin as part of a scheme to get me arrested for drug possession. But the plan failed and the Ukrainian mastermind behind it soon after was imprisoned for unrelated cybercrime offenses. That individual recently gave his first interview since finishing his jail time here in the states, and he's shared some select (if often abrasive and coarse) details on how he got into cybercrime and why. Below are a few translated excerpts.
BrianKrebs

Before He Spammed You, this Sly Prince Stalked Your Mailbox

1 month ago
A reader forwarded what he briefly imagined might be a bold, if potentially costly, innovation on the old Nigerian prince scam that asks for help squirreling away millions in unclaimed fortune: it was sent via the U.S. Postal Service, with a postmarked stamp and everything. In truth these "advance fee" or "419" scams- - so-called because they violate section 419 of the criminal code of Nigeria where many such lures originate -- predate email and have circulated via postal mail in various forms and countries over the years.
BrianKrebs

NY Payroll Company Vanishes With $35 Million

1 month 1 week ago
MyPayrollHR, a now defunct cloud-based payroll processing firm based in upstate New York, abruptly ceased operations this past week after stiffing employees at thousands of companies. The ongoing debacle, which allegedly involves malfeasance on the part of the payroll company's CEO, resulted in countless people having money drained from their bank accounts and has left nearly $35 million worth of payroll and tax payments in legal limbo.
BrianKrebs

Patch Tuesday, September 2019 Edition

1 month 1 week ago
Microsoft today issued security updates to plug some 80 security holes in various flavors of its Windows operating systems and related software. The software giant assigned a "critical" rating to almost a quarter of those vulnerabilities, meaning they could be used by malware or miscreants to hijack vulnerable systems with little or no interaction on the part of the user.
BrianKrebs

Secret Service Investigates Breach at U.S. Govt IT Contractor

1 month 1 week ago
The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. The contractor claims the access being auctioned off was to old test systems that do not have direct connections to its government partner networks. In mid-August, a member of a popular Russian-language cybercrime forum offered to sell access to the internal network of a U.S. government IT contractor that does business with more than 20 federal agencies, including several branches of the military. The seller bragged that he had access to email correspondence and credentials needed to view databases of the client agencies, and set the opening price at six bitcoins (~USD $60,000).
BrianKrebs

‘Satori’ IoT Botnet Operator Pleads Guilty

1 month 2 weeks ago
A 21-year-old man from Vancouver, Wash. has pleaded guilty to federal hacking charges tied to his role in operating the "Satori" botnet, a crime machine powered by hacked Internet of Things (IoT) devices that was built to conduct massive denial-of-service attacks targeting Internet service providers, online gaming platforms and Web hosting companies.
BrianKrebs

Spam In your Calendar? Here’s What to Do.

1 month 2 weeks ago
Many spam trends are cyclical: Spammers tend to switch tactics when one method of hijacking your time and attention stops working. But periodically they circle back to old tricks, and few spam trends are as perennial as calendar spam, in which invitations to click on dodgy links show up unbidden in your digital calendar application from Apple, Google and Microsoft. Here's a brief primer on what you can do about it.
BrianKrebs

Feds Allege Adconion Employees Hijacked IP Addresses for Spamming

1 month 2 weeks ago
Federal prosecutors in California have filed criminal charges against four employees of Adconion Direct, an email advertising firm, alleging they unlawfully hijacked vast swaths of Internet addresses and used them in large-scale spam campaigns. KrebsOnSecurity has learned that the charges are likely just the opening salvo in a much larger, ongoing federal investigation into the company's commercial email practices.
BrianKrebs

Phishers are Angling for Your Cloud Providers

1 month 3 weeks ago
Many companies are now outsourcing their marketing efforts to cloud-based Customer Relationship Management (CRM) providers. But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the client's brand and their customers. Here's a look at a recent CRM-based phishing campaign that targeted customers of Fortune 500 construction equipment vendor United Rentals.
BrianKrebs

Ransomware Bites Dental Data Backup Firm

1 month 3 weeks ago
PerCSoft, a Wisconsin-based company that manages a remote data backup service relied upon by hundreds of dental offices across the country, is struggling to restore access to client systems after falling victim to a ransomware attack.
BrianKrebs

Cybersecurity Firm Imperva Discloses Breach

1 month 3 weeks ago
Imperva, a leading provider of Internet firewall services that help Web sites block malicious cyberattacks, alerted customers on Tuesday that a recent data breach exposed email addresses, scrambled passwords, API keys and SSL certificates for a subset of its firewall users. Redwood Shores, Calif.-based Imperva sells firewall technology designed to detect and block various types of malicious Web traffic, from denial-of-service attacks to digital probes aimed at undermining the security of Web-based software applications.
BrianKrebs
Checked
1 hour 43 minutes ago
In-depth security news and investigation
Subscribe to Krebs on Security feed