Author All post by : BrianKrebs

    HomeArticles posted byBrianKrebs
22 July, 2019

What You Should Know About the Equifax Data Breach Settlement

Posted in : A Little Sunshine, Equifax Breach Settlement Q&A, Privacy, Security Tools on by : BrianKrebs

Big-three credit bureau Equifax has reportedly agreed to pay at least $650 million to settle lawsuits stemming from a 2017 breach that let intruders steal personal and financial data on roughly 148 million Americans. Here’s a brief primer that attempts to break down what this settlement means for you, and what it says about the value of your identity.

19 July, 2019

QuickBooks Cloud Hosting Firm iNSYNQ Hit in Ransomware Attack

Posted in : Data Breaches, iNSYNQ ransomware attack, Privacy on by : BrianKrebs

Cloud hosting provider iNSYNQ says it is trying to recover from a ransomware attack that shut down its network and has left customers unable to access their accounting data for the past three days. Unfortunately for iNSYNQ, the company appears to be turning a deaf ear to the increasingly anxious cries from its users for more information about the incident.

16 July, 2019

Meet the World’s Biggest ‘Bulletproof’ Hoster

Posted in : AbdAllah, Alexander Alexandrovich Volosovik, Alexander Volosovyk, Breadcrumbs, bulletproof hosting providers, chronopay, Delft University of Technology, Downlow, Dutch National High-Tech Crimes Unit, Intel 471, Jason Passwaters, King Saud University, MaxiDed, Mikhail Rytikov, Ne'er-Do-Well News, New York University, Privacy, sosweet,, Web Fraud 2.0, Yalishanda on by : BrianKrebs

For at least the past decade, a computer crook variously known as “Yalishanda,” “Downlow” and “Stas_vl” has run one of the most popular “bulletproof” Web hosting services catering to a vast array of phishing sites, cybercrime forums and malware download servers. What follows are a series of clues that point to the likely real-life identity of a Russian man who appears responsible for enabling a ridiculous amount of cybercriminal activity on the Internet today.

15 July, 2019

Is ‘REvil’ the New GandCrab Ransomware?

Posted in : Cisco Talos, GandCrab, Intel471, Kaspersky Lab, Ne'er-Do-Well News, Privacy, rEvil, Sodin, Sodinokibi, Tesorion, The Coming Storm on by : BrianKrebs

The cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims. But a growing body of evidence suggests the GandCrab team have instead quietly regrouped behind a more exclusive and advanced ransomware program known variously as “REvil,” “Sodin,” and “Sodinokibi.”

11 July, 2019

FEC: Campaigns Can Use Discounted Cybersecurity Services

Posted in : A Little Sunshine, Adav Noti, Campaign Legal Center, Dan Petalas, Defending Digital Campaigns, Department of Homeland Security, Eric Geller, FBI Director Christopher Wray, Federal Election Commission, Garvey Schubert Barer, Microsoft Corp., Politico, Privacy, Sen. Ron Wyden, Senate Majority Leader Mitch McConnell, The New York Times on by : BrianKrebs

The U.S. Federal Election Commission (FEC) said today companies can offer discounted cybersecurity services to political campaigns without running afoul of existing campaign finance laws, provided they already do the same for other non-political entities. The decision comes amid much jostling on Capitol Hill over election security at the state level, and fresh warnings from U.S. intelligence agencies about impending cyber attacks targeting candidates in the lead up to the 2020 election.

28 June, 2019

Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers

Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers
Posted in : cloud solution provider, Microsoft Office 365, multi-factor authentication, PCM breach, Privacy, Security Tools on by : BrianKrebs

It might be difficult to fathom how this isn’t already mandatory, but Microsoft Corp. says it will soon force all Cloud Solution Providers (CSPs) that help companies manage their Microsoft Azure and Office365 accounts to use multi-factor authentication. The move comes amid a noticeable uptick in phishing and malware attacks targeting CSP employees and contractors.

25 June, 2019

Tracing the Supply Chain Attack on Android

Tracing the Supply Chain Attack on Android
Posted in : Android, blazefire, Breadcrumbs, Chu da, Chuda, Dr. Web, google, Haagen, Hagen, Hsu Heng, Ltd, Ne'er-Do-Well News, Privacy, Shanghai Blazefire Network Technology Co Ltd., Shanghai Bronze Network Technology Co., Shanghai Qianyou Network Technology Co., Shanghai Tongjue Network Technology Co., Shanghai Wildfire Network Technology Co., The Coming Storm,, Triada malware, wildfire, yehuo on by : BrianKrebs

Earlier this month, Google disclosed that a supply chain attack by one of its vendors resulted in malicious software being pre-installed on millions of new budget Android devices. Google didn’t exactly name those responsible, but said it believes the offending vendor uses the nicknames “Yehuo” or “Blazefire.” What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware.

19 June, 2019

Collections Firm Behind LabCorp, Quest Breaches Files for Bankruptcy

Collections Firm Behind LabCorp, Quest Breaches Files for Bankruptcy
Posted in : American Medical Collection Agency, CareCentrix, Conduent, Data Breaches, Jeremy Hill, LabCorp, Privacy, Quest Diagnostics, Retrieval Masters Creditors Bureau, Russell H. Fuchs on by : BrianKrebs

A medical billing firm responsible for a recent eight-month data breach that exposed the personal information on nearly 20 million Americans has filed for bankruptcy, citing “enormous expenses” from notifying affected consumers and the loss of its four largest customers.