Category Archives: Cybersecurity

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. An individual thought to be involved has earned accolades from the likes of Apple, Dell, and Microsoft for helping to findContinue reading “French Firms Rocked by Kasbah Hacker?”

The U.S. Federal Communications Commission (FCC) today proposed fines of more than $200 million against the nation’s four largest wireless carriers for selling access to their customers’ location information without taking adequate precautions to prevent unauthorized access to that data. While the fines would be among the largest the FCC has ever levied, critics sayContinue reading “FCC Proposes to Fine Wireless Carriers $200M for Selling Customer Location Data”

On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage (NAS) devices that is being actively exploited by crooks who specialize in deploying ransomware. Today, Zyxel acknowledged the same flaw is present in many of its firewall products. This week’s story on the Zyxel patchContinue reading “Zyxel 0day Affects its Firewall Products, Too”

Patch comes amid active exploitation by ransomware gangs Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerability wereContinue reading “Zyxel Fixes 0day in Network Storage Devices”

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. The disclosure comes almost a year after Citrix acknowledged that digital intruders had broken in by probing its employeeContinue reading “Hackers Were Inside Citrix for Five Months”

Crooks are constantly dreaming up new ways to use and conceal stolen credit card data. According to the U.S. Secret Service, the latest scheme involves stolen card information embedded in barcodes affixed to phony money network rewards cards. The scammers then pay for merchandise by instructing a cashier to scan the barcode and enter theContinue reading “Encoding Stolen Credit Card Data on Barcodes”

A new email-based extortion scheme apparently is making the rounds, targeting Web site owners serving banner ads through Google’s AdSense program. In this scam, the fraudsters demand bitcoin in exchange for a promise not to flood the publisher’s ads with so much bot and junk traffic that Google’s automated anti-fraud systems suspend the user’s AdSenseContinue reading “Pay Up, Or We’ll Make Google Ban Your Ads”

In May 2013, the U.S. Justice Department seized Liberty Reserve, alleging the virtual currency service acted as a $6 billion financial hub for the cybercrime world. Prompted by assurances that the government would one day afford Liberty Reserve users a chance to reclaim any funds seized as part of the takedown, KrebsOnSecurity filed a claimContinue reading “A Light at the End of Liberty Reserve’s Demise?”

Microsoft today released updates to plug nearly 100 security holes in various versions of its Windows operating system and related software, including a zero-day vulnerability in Internet Explorer (IE) that is actively being exploited. Also, Adobe has issued a bevy of security updates for its various products, including Flash Player and Adobe Reader/Acrobat. A dozen ofContinue reading “Microsoft Patch Tuesday, February 2020 Edition”

The following is most recent news from Namecheap: “What’s happening Last month, ICANN, the organization that oversees domain names, announced significant changes to the contract it has with Verisign, Inc. who operate the .COM top-level-domain (TLD). ICANN made these changes in secret, without consulting or incorporating feedback from the ICANN community or Internet users. AlthoughContinue reading “Significant cost increases likely for .COM domains”