Latest Warnings

March 6, 2016

Seagate Phish Exposes All Employee W-2’s

This post was originally published on this site Email scam artists last week tricked an employee at data storage giant Seagate Technology into giving away W-2 tax documents on all current and past employees, KrebsOnSecurity has learned. W-2 forms contain employee Social Security numbers, salaries and other personal data, and are highly prized by thieves involved in filing phony tax refund requests with the Internal Revenue Service (IRS) and the states. Seagate headquarters in Cupertino, Calif. Image: Wikipedia According to Seagate, the scam struck on March 1, about a week after KrebsOnSecurity warned readers to be on the lookout for email […]
March 14, 2016

From Stolen Wallet to ID Theft, Wrongful Arrest

This post was originally published on this site It’s remarkable how quickly a stolen purse or wallet can morph into full-blow identity theft, and possibly even result in the victim’s wrongful arrest. All of the above was visited recently on a fellow infosec professional whose admitted lapse in physical security lead to a mistaken early morning arrest in front of his kids. The guy police say stole Miller’s wallet and got him wrongfully arrested was himself apprehended earlier this month. On the morning of Feb. 20, Lance Miller was arrested in front of his two children by local sheriffs in Golden, […]
April 7, 2016

FBI: $2.3 Billion Lost to CEO Email Scams

This post was originally published on this site The U.S. Federal Bureau of Investigation (FBI) this week warned about a “dramatic” increase in so-called “CEO fraud,” e-mail scams in which the attacker spoofs a message from the boss and tricks someone at the organization into wiring funds to the fraudsters. The FBI estimates these scams have cost organizations more than $2.3 billion in losses over the past three years. In an alert posted to its site, the FBI said that since January 2015, the agency has seen a 270 percent increase in identified victims and exposed losses from CEO scams. […]
April 8, 2016

Adobe Patches Flash Player Zero-Day Threat

This post was originally published on this site Adobe Systems this week rushed out an emergency patch to plug a security hole in its widely-installed Flash Player software, warning that the vulnerability is already being exploited in active attacks. Adobe said a “critical” bug exists in all versions of Flash including Flash versions and lower (older) across a broad range of systems, including Windows, Mac, Linux and Chrome OS. Find out if you have Flash and if so what version by visiting this link. In a security advisory, the software maker said it is aware of reports that the vulnerability is being […]