Author Archives: BrianKrebs

Patch Tuesday, November 2019 Edition

November 12, 2019

Microsoft today released updates to plug security holes in its software, including patches to fix at least 74 weaknesses in various flavors of Windows and in software that runs on top of it. The November updates include patches for a zero-day flaw in Internet Explorer that is currently being exploited in the wild, as well as a sneaky bug in certain versions of Office for Mac that bypasses security protections and was detailed publicly prior to today’s patches.

Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin

November 11, 2019

28 Comments

Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator accounts and database servers, KrebsOnSecurity has learned. Orvis says the exposure was inadvertent, and that many of the credentials were already expired.

Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks

November 7, 2019

53 Comments

Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, a new study posits. Health industry experts say the findings should prompt a larger review of how security — or the lack thereof — may be impacting patient outcomes.

NCR Barred Mint, QuickBooks from Banking Platform During Account Takeover Storm

November 3, 2019

43 Comments

Banking industry giant NCR Corp. [NYSE: NCR] late last month took the unusual step of temporarily blocking third-party financial data aggregators Mint and QuicBooks Online from accessing Digital Insight, an online banking platform used by hundreds of financial institutions. That ban, which came in response to a series of bank account takeovers in which cybercriminals used aggregation sites to surveil and drain consumer accounts, has since been rescinded. But the incident raises fresh questions about the proper role of digital banking platforms in fighting password abuse.

Breaches at NetworkSolutions, Register.com, and Web.com

October 30, 2019

50 Comments

Top domain name registrars NetworkSolutions.com, Register.com and Web.com are asking customers to reset their passwords after discovering an intrusion in August 2019 in which customer account information was accessed.

Takeaways from the $566M BriansClub breach

October 29, 2019

27 Comments

Reporting on the exposure of some 26 million stolen credit cards leaked from a top underground cybercrime store highlighted some persistent and hard truths. Most notably, that the world’s largest financial institutions tend to have a much better idea of which merchants and which bank cards have been breached than do the thousands of smaller banks and credit unions across the United States. Also, a great deal of cybercrime seems to be perpetrated by a relatively small number of people.

Cachet Financial Reeling from MyPayrollHR Fraud

October 24, 2019

69 Comments

When NY based cloud payroll provider MyPayrollHR unexpectedly shuttered its doors last month and disappeared with $26 million worth of customer payroll deposits, its payments processor Cachet Financial Services ended up funding the bank accounts of MyPayrollHR client company employees anyway, graciously eating a $26 million loss which it is now suing to recover.

Ransomware Hits B2B Payments Firm Billtrust

October 22, 2019

39 Comments

Business-to-business payments provider Billtrust is still recovering from a ransomware attack that began last week. The company said it is in the final stages of bringing all of its systems back online from backups.

Avast, NordVPN Breaches Tied to Phantom User Accounts

October 21, 2019

62 Comments

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.

When Card Shops Play Dirty, Consumers Win

October 16, 2019

30 Comments

Cybercrime forums have been abuzz this week over news that BriansClub — one of the underground’s largest shops for stolen credit and debit cards — had been hacked, and its inventory of 26 million cards leaked to security contacts in the banking industry. Now it appears this brazen heist may have been the result of one of BriansClub’s longtime competitors trying to knock out a rival.