Two days ago, attackers allegedly associated with the fame-seeking group Lizard Squad briefly hijacked Google’s Vietnam domain (google.com.vn). On Wednesday, Lenovo.com was similarly attacked. Sources now tell KrebsOnSecurity that both hijacks were possible because the attackers seized control over Webnic.cc , the Malaysian registrar that serves both domains and 600,000 others
The Rise in State Tax Refund Fraud
Intuit: Anti-fraud Improvements by IRS Fuel Up To 3700 Percent Rise in Phony State Filings Scam artists stole billions of dollars last year from the U.S. Treasury by filing phony federal tax refund requests on millions of Americans.
The Great Bank Heist, or Death by 1,000 Cuts?
I received a number of media requests and emails from readers over the weekend to comment on a front-page New York Times story about an organized gang of cybercriminals pulling off “one of the largest bank heists ever.” Turns out, I reported on this gang’s activities in December 2014, although my story ran minus many of the superlatives in the Times piece. The Times’ story, “Bank Hackers Steal Millions Via Malware,” looks at the activities of an Eastern European cybercrime group that Russian security firm Kaspersky Lab calls the “Carbanak” gang. According to Kaspersky, this group deployed malware via phishing scams to get inside of computers at more than 100 banks and steal upwards of USD $300 million — possibly as high as USD $1 billion.
Fuel Station Skimmers: Primed at the Pump
I recall the first time I encountered an armed security guard at a local store.
Defense Contract Management Agency Probes Hack
The Defense Contract Management Agency , the U.S. federal government entity responsible for performing contract administration services for the Department of Defense , is responding to a suspected cybersecurity breach and has pulled a number of its servers offline while the investigation continues, KrebsOnSecurity has learned
Microsoft Pushes Patches for Dozens of Flaws
Microsoft today released nine update bundles to plug at least 55 distinct security vulnerabilities in its Windows operating system and other software.
Phishers Pounce on Anthem Breach
Phishers and phone fraudsters are capitalizing on public concern over a massive data breach announced this week at health insurance provider Anthem in a bid to steal financial and personal data from consumers.
Citing Tax Fraud Spike, TurboTax Suspends State E-Filings
TurboTax owner Intuit Inc.
China To Blame in Anthem Hack?
Bloomberg reports that U.S. federal investigators probing the theft of 80 million Social Security records and other sensitive data from insurance giant Anthem Inc. are pointing the finger at state-sponsored hackers from China.
Yet Another Flash Patch Fixes Zero-Day Flaw
For the third time in two weeks, Adobe has issued an emergency security update for its Flash Player software to fix a dangerous zero-day vulnerability that hackers already are exploiting to launch drive-by download attacks. The newest update, version 16.0.0.305 , addresses a critical security bug ( CVE-2015-0313 ) present in the version of Flash that Adobe released o n Jan.