More than 140,000 phishing websites have been found linked to a phishing-as-a-service (PhaaS) platform named Sniper Dz over the past year, indicating that it’s being used by a large number of cybercriminals to conduct credential theft. “For prospective phishers, Sniper Dz offers an online admin panel with a catalog of phishing pages,” Palo Alto Networks…
Read More
Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join a malicious Docker Swarm controlled by the threat actor. This enabled the attackers to “use Docker Swarm’s orchestration features for command-and-control (C2) purposes,” Datadog researchers Matt Muir and Andy Giron said in an…
Read More
Oct 01, 2024Ravie LakshmananCorporate Security / Financial Fraud The U.S. Department of Justice (DoJ) has charged a 39-year-old U.K. national for perpetrating a hack-to-trade fraud scheme that netted him nearly $3.75 million in illegal profits. Robert Westbrook of London was arrested last week and is expected to be extradited to the U.S. to face charges…
Read More
The PlayStation Network is suffering a global outage, with subscribers confirming that they can no longer play online games or access the company’s website. When attempting to access PSN, users may be greeted with errors stating, “The connection to the server timed out” or “An error has occurred.” The PlayStation Network status page has confirmed…
Read MoreThe PlayStation Network is suffering a global outage, with subscribers confirming that they can no longer play online games or access the company’s website. When attempting to access PSN, users may be greeted with errors stating, “The connection to the server timed out” or “An error has occurred.” The PlayStation Network status page has confirmed…
Read More
Microsoft has introduced an updated version of the “Publish API for Edge extension developers” that increases the security for developer accounts and the updating of browser extensions. When first publishing a new Microsoft Edge browser extension, developers are required to submit it through the Partner Center. Once approved, subsequent updates can be done through the Partner…
Read More
The U.S. Securities and Exchange Commission (SEC) charged Robert B. Westbrook, a U.K. citizen, with hacking into the computer systems of five U.S. public companies to access confidential earnings information and conduct insider trading. Westbrook then used this nonpublic information to make trades ahead of 14 earnings announcements between January 2019 and August 2020, earning…
Read More
A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, a new indictment charges. KrebsOnSecurity has learned that many of the man’s alleged targets…
Read More
Microsoft Defender now automatically detects and notifies users with a Microsoft 365 Personal or Family subscription when they’re connected to unsecured Wi-Fi networks. The Defender privacy protection feature (also known as Defender VPN) protects your privacy and security when connected to public Wi-Fi or an untrusted network, where your data and identity could be exposed…
Read More
The settlement comes after an FCC investigation into a major 2021 breach as well as three other incidents at T-Mobile in 2022 and 2023. T-Mobile will pay $31.5 million in connection with a settlement with the Federal Communications Commission (FCC) over a series of four breaches from 2021 to 2023, the agency announced Monday. The…
Read More