Zales.com Leaked Customer Data, Just Like Sister Firms Jared, Kay Jewelers Did in 2018
In December 2018, bling vendor Signet Jewelers fixed a weakness in their Kay Jewelers and Jared websites that exposed the…
FBI Raids Chinese Point-of-Sale Giant PAX Technology
U.S. federal investigators today raided the U.S. offices of PAX Technology, a Chinese provider of point-of-sale devices used by millions…
Conti Ransom Gang Starts Selling Access to Victims
The Conti ransomware affiliate program appears to have altered its business plan recently. Organizations infected with Conti's malware who refuse…
Missouri Governor Vows to Prosecute St. Louis Post-Dispatch for Reporting Security Vulnerability
On Wednesday, the St. Louis Post-Dispatch ran a story about how its staff discovered and reported a security vulnerability in…
How Coinbase Phishers Steal One-Time Passwords
A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete…
Patch Tuesday, October 2021 Edition
Microsoft today issued updates to plug more than 70 security holes in its Windows operating systems and other software, including…
What Happened to Facebook, Instagram, & WhatsApp?
Facebook and its sister properties Instagram and WhatsApp are suffering from ongoing, global outages. We don't yet know why this…
FCC Proposal Targets SIM Swapping, Port-Out Fraud
The U.S. Federal Communications Commission (FCC) is asking for feedback on new proposed rules to crack down on SIM swapping…
The Rise of One-Time Password Interception Bots
In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites…
Apple AirTag Bug Enables ‘Good Samaritan’ Attack
The new $30 Airtag tracking device from Apple has a feature that allows anyone who finds one of these tiny…