Blog

Hackers Abused Microsoft’s “Verified Publisher” OAuth Apps to Hack Corporate Email Accounts

Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network (MPN) accounts that were used for creating malicious OAuth applications as part of a malicious campaign designed to breach organizations’ cloud environments and steal email. “The applications created by these fraudulent actors were then used in a consent phishing campaign, which tricked users into…

How to get a Cyber Security job

Introduction Cyber Security is a booming field, but it can be difficult to break into. Cyber Security salaries are great right now. If you’re looking for a Cyber Security job, here are some tips: Look for jobs with “entry-level” in the title. As you search for jobs, look for the term “entry level” in the…

288-Privacy, Security, & OSINT Updates

In this episode, I discuss the latest Privacy & Security news, and present several new OSINT Techniques. Direct support for this podcast comes from our privacy services, online training, and new book for 2023  Open Source Intelligence Techniques (10th Edition). More details can be found at IntelTechniques.com. Thank you for keeping this show ad-free. Listen…

Experian Glitch Exposing Credit Files Lasted 47 Days

On Dec. 23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer’s full credit report — armed with nothing more than a person’s name, address, date of birth, and Social Security number. Experian fixed the glitch, but remained silent about…

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Denis Emelyantsev, a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week. The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking…

New T-Mobile Breach Affects 37 Million Accounts

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. In a filing with federal regulators, T-Mobile said an investigation determined that someone abused its systems to harvest subscriber data tied to approximately 37 million current customer accounts. Image: customink.com In a filing…

Loading…

Something went wrong. Please refresh the page and/or try again.


Follow My Blog

Get new content delivered directly to your inbox.