Brian Krebs reports: For the past year, a site called Privnotes.com has been impersonating Privnote.com, a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Until recently, I couldn’t quite work out what Privnotes was up to, but today it became crystal clear: Any messages containing bitcoin addresses will be automatically altered…
Category: Of Note
Italian company exposed as a front for malware operations
Catalin Cimpanu reports: For the past four years, an Italian company has operated a seemingly legitimate website and business, offering to provide binary protection against reverse engineering for Windows applications, but has secretly advertised and provided its service to malware gangs. The company’s secret business came to light after security researchers from Check Point began…
Hackers breached A1 Telekom, Austria’s largest ISP
Catalin Cimpanu reports: A1 Telekom, the largest internet service provider in Austria, has admitted to a security breach this week, following a whistleblower’s exposé. The company admitted to suffering a malware infection in November 2019. A1 said its security team detected the malware a month later, but that removing the infection was more problematic than…
Thanos ransomware auto-spreads to Windows devices, evades security
Lawrence Abrams reports that what is now known as Thanos ransomware has features that make it cause for serious concern. In a new report by Recorded Future, we learn that this ransomware is named Thanos and is being promoted as a Ransomware-as-a-Service on Russian-speaking hacker forums since February. Being promoted by a threat actor named Nosophorus, Thanos…
FTC Reaches Settlement with Kohl’s over Allegations it Failed to Provide Victims with Information Related to Identity Theft
From the FTC, this press release: Kohl’s Department Stores, Inc. has agreed to pay a civil penalty of $220,000 to settle Federal Trade Commission allegations that the Wisconsin-based retailer violated the Fair Credit Reporting Act (FCRA) by refusing to provide complete records of transactions to consumers whose personal information was used by identity thieves. In…
Hackers for hire ‘targeted hundreds of institutions’
Paul Murphy in London and Kadhim Shubber in Washington report: A hackers-for-hire group dubbed “Dark Basin” has targeted thousands of individuals and hundreds of institutions around the world, including advocacy groups, journalists, elected officials, lawyers, hedge funds and companies, according to the internet watchdog Citizen Lab. Researchers discovered almost 28,000 web pages created by hackers…