New evidence shows the Aisuru botnet, which outpaces all other IoT-based botnets, is drawing most of its firepower from hacked IoT devices hosted on US ISPs
The world's largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) … Mastodon: @briankrebs@infosec.exchange and @vxdb@infosec.exchange ...
Open letter: the EFF and top security experts urge the Trump administration to end its “political retribution” investigation into ex-CISA Director Chris Krebs
“An independent infosec community is fundamental to protecting our democracy, and to the profession itself.” — www.cybersecuritydive.com/news/chris- k... Zack Whittaker / @zackwhittaker.com : Electr...
A scammer details how voice phishing groups are abusing Apple's support line to generate “account confirmation” message prompts from Apple to their customers
Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution … Bluesky: @crowslabyrinth.com , @lilithsaintcrow.com , @metacurity.com , @kryton3298 , @its...
A look at the activity of some members of The Com, an online community linked to the Scattered Spider hacking group, and their involvement in extortion groups
which corresponds to the screen name “@Holy” — and found the same account was used across a number of cybercrime channels that are entirely focused on extorting young people into harming themselves or...
The US announces charges, sanctions, and a $10M reward for info leading to the arrest of Russian national Mikhail Matveev, a Babuk ransomware campaign suspect
SPECIALLY DESIGNATED NATIONALS LIST UPDATE Sarai Rodriguez / HealthITSecurity : US Formally Charges Russian Hacker Behind Global Ransomware Attacks CircleID : U.S. Targets Russian Mastermind Behind Do...
Brian Krebs apologizes to IoT manufacturer Ubiquiti after posting now-removed articles on a “breach” based on a “sole source” currently under federal indictment
Last year, I posted a series of articles about a purported “breach” at Ubiquiti. Tweets: @quinnypig , @alyssam_infosec , @berendjanwever , @davezatz , @blowdart , @jrozner , and @g_solaria See also Me...
Hackers are increasingly using hacked law enforcement emails to send Emergency Data Requests to ISPs, telecoms, social networks, and others, who quickly comply
There is a terrifying and highly effective “method” that criminal hackers are now using to harvest sensitive customer data … Tweets: @briankrebs , @rayredacted , @michaelguimarin , @elizabeth_joh , @v...
Research: ModifiedElephant APT has targeted activists, journalists, lawyers, and others in India to spy on or plant digital evidence since at least 2012
files that incriminate the target in specific crimes—prior to conveniently coordinated arrests.” 2/n https://www.sentinelone.com/ ... Nilanjana Roy / @nilanjanaroy : That stage of authoritarianism: “I...
The person claiming responsibility for the FBI email server hack says they were able to send spam messages by abusing insecure code in the FBI's LEEP portal
even with how silly it was written AND not following protocol — was NOT the weird juju I wanted going into this weekend. https://krebsonsecurity.com/ ... https://twitter.com/... @embryoresist : 1) Bre...
Interviews with 15 people show CISA is underfunded, short on talent, outmatched by adversaries, and overwhelmed by the fallout from two massive cyberattacks
The agency that protects the U.S. from hackers is hobbled by funding woes, a talent shortage and growing pains that are jeopardizing … Tweets: @ericgeller , @gossithedog , @kevincollier , @howelloneil...