Recent Comments

    Blogroll

    Search

    Archive for Identity Theft

    Network Solutions Hacked Again

    November 2nd, 2019 by

    Network Solutions: Important Security Information

    “What Happened?

    On October 16, 2019, Network Solutions determined that a third-party gained unauthorized access to a limited number of our computer systems in late August 2019, and as a result, account information may have been accessed. No credit card data was compromised as a result of this incident.

    Upon discovery of this unauthorized access, the company immediately began working with an independent cybersecurity firm to conduct a comprehensive investigation to determine the scope of the incident, including the specific data impacted. We have also reported the intrusion to federal authorities and are notifying affected customers.

    Safeguarding our customer’s information is core to our mission. We are committed to protecting our customers against misuse of their information and have invested heavily in cybersecurity. We will continue to do so as we incorporate the key learnings of this incident to further strengthen our cyber defenses.”

    Posted in Identity Theft, Security Breeches | No Comments »

    Malware Analysis Report (AR19-304A)

    November 1st, 2019 by

    MAR-10135536-8 – North Korean Trojan: HOPLIGHT

    “This artifact is a malicious 32-bit Windows executable. When executed the malware will collect system information about the victim machine including OS Version, Volume Information, and System Time, as well as enumerate the system drives and partitions.

    The malware is capable of the following functions:

    —Begin Malware Capability—

    Read, Write, and Move Files
    Enumerate System Drives
    Create and Terminate Processes
    Inject into Running Processes
    Create, Start and Stop Services
    Modify Registry Settings
    Connect to a Remote Host
    Upload and Download Files”

    Posted in Identity Theft, Malware | No Comments »

    Adobe Creative Cloud hacked

    October 28th, 2019 by

    7M Adobe Creative Cloud Users Exposed to Hackers

    “An open cloud database sets the stage for phishing attacks for users of the subscription service.”

    Posted in Identity Theft, Phishing, Security Breeches | No Comments »

    Instant Karma: Stolen credit card sale site hacked!!

    October 17th, 2019 by

    Data for a whopping 26 million stolen payment cards leaked in hack of fraud bazaar

    A thriving online bazaar selling stolen payment card data has been hacked in a heist that leaked the records for more than 26 million cards, KrebsOnSecurity reported on Tuesday.

    Posted in Identity Theft, Security Breeches | No Comments »

    Breach at Hy-Vee Supermarket Chain

    August 23rd, 2019 by

    Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards

    “On Tuesday of this week, one of the more popular underground stores peddling credit and debit card data stolen from hacked merchants announced a blockbuster new sale: More than 5.3 million new accounts belonging to cardholders from 35 U.S. states. Multiple sources now tell KrebsOnSecurity that the card data came from compromised gas pumps, coffee shops and restaurants operated by Hy-Vee, an Iowa-based company that operates a chain of more than 245 supermarkets throughout the Midwestern United States.”

    Posted in Identity Theft, Newsletters, Security Breeches | No Comments »

    Data Leak at First American Financial Corp – 885 Million records exposed!

    August 13th, 2019 by

    SEC Investigating Data Leak at First American Financial Corp.

    “The U.S. Securities and Exchange Commission (SEC) is investigating a security failure on the Web site of real estate title insurance giant First American Financial Corp. that exposed more than 885 million personal and financial records tied to mortgage deals going back to 2003, KrebsOnSecurity has learned.”

     

    Posted in Identity Theft, Newsletters | No Comments »

    Tech Support Scams in Google Search Ads

    June 8th, 2019 by

    Google Search Ads Infiltrated Again by Tech Support Scam

    Yet another reason why I never, ever, click on an “Ad” from a Google search…

    f you are planning on doing any shopping over the weekend, you may want to be careful when doing searches in Google. This is because scammers have infiltrated Google’s ad network to redirect users to tech support scams when they click on popular search terms such as Lowes and PayPal.

    A security research recently told BleepingComputer about a new malvertising campaign that is causing searches for the keyword “Lowes” to redirect a user to a tech support scam.

    Posted in Identity Theft, Malware | No Comments »

    If you use WhasApp, be sure to read this!

    May 15th, 2019 by

    WhatsApp vulnerability exploited to infect phones with Israeli spyware

    “Attackers have been exploiting a vulnerability in WhatsApp that allowed them to infect phones with advanced spyware made by Israeli developer NSO Group, the Financial Times reported on Monday, citing the company and a spyware technology dealer.”

    “WhatsApp said the fix on Friday was made to the company’s servers and was aimed at preventing attacks from working. The company released a patch for end users on Monday. “

    Posted in Identity Theft, Malware | No Comments »

    Keylogger from AWS? You bet!

    May 6th, 2019 by

    Hawkeye keylogger using fileless delivery system via Amazon AWS

    Don’t try to respond by phone or email, all you will do is end up with an innocent person or company who have had their details spoofed and picked at random from a long list that the bad guys have previously found. The bad guys choose companies, Government departments and organisations  with subjects that are designed to entice you or alarm you into blindly opening the attachment or clicking the link in the email to see what is happening.  “

    Posted in Identity Theft, Malware, Scams | No Comments »

    Beware of free Windows “Cleaners”

    April 28th, 2019 by

    Fake Windows PC Cleaner Drops AZORult Info-Stealing Trojan

    Yet another reason to avoid so-called “Cleaners” for Windows. First off, I don’t trust things that will “automatically” make changes to my PC without my knowing exactly what they are doing. Yet these programs keep showing up, even advertised on-line as well as on TV. 

    Researchers have discovered a web site pushing a PC cleaner tool for Windows that in reality is just a front for the Azorult password and information stealing Trojan.

    AZORult is a trojan that when installed attempts to steal a user’s browser passwords, FTP client passwords, cryptocurrency wallets, desktop files, and much more.

    Instead of renting distribution methods such as spam, exploit kits, or being dropped by other trojans, the attackers decided to create a fake Windows utility and an accompanying web site to distribute the trojan instead.

    Posted in Identity Theft, Malware, Scams | No Comments »

    « Previous Entries