Top IT Security Bloggers

Krebs on Security
  • Breach at IT Automation Firm LANDESK

    Krebs on Security
    LANDESK, a company that sells software to help organizations securely and remotely manage their fleets of desktop computers, servers and mobile devices, alerted employees last week that a data breach may have exposed their personal information. But LANDESK employees contacted by this author say the breach may go far deeper for the company and its customers.
  • Hilton Acknowledges Credit Card Breach

    Krebs on Security
    Two months after KrebsOnSecurity first reported that multiple banks suspected a credit card breach at Hilton Hotel properties across the country, Hilton has acknowledged an intrusion involving malicious software found on some point-of-sale systems.
  • Security Bug in Dell PCs Shipped Since 8/15

    Krebs on Security
    All new Dell laptops and desktops shipped since August 2015 contain a serious security vulnerability that exposes users to online eavesdropping and malware attacks. Dell says it is prepping a fix for the issue, but experts say the threat may ultimately need to be stomped out by the major Web browser makers.
  • How to Enable Multifactor Security on Amazon

    Krebs on Security
    Amazon has added multi-factor authentication to help customers better secure their accounts from hackers. The security feature allows customers to receive a code via text message and/or a third-party app -- such as Google Authenticator.
  • ISIS Jihadi Helpdesk Customer Log, Nov. 20

    Krebs on Security
    From NBC News come revelations that ISIS has its very own web-savvy, 24-hour Jihadi Help Desk manned by a half-dozen senior operatives to assist foot soldiers in spreading their message far and wide. My first reaction to this story was disbelief, then envy (hey, where the heck is my 24/7 support?). But soon my mind began racing with other possibilities.

    Imagine the epic trolling opportunities available to a bored or disgruntled Jihadi Help Desk operator. For this persona, we need to reach way back into the annals of Internet history, to the Bastard Operator from Hell (BOFH) -- a megalomaniacal system administrator who constantly toyed with the very co-workers he was paid to support....

    [RECORDED MESSAGE]: Thank you for contacting the ISIS Jihadi Help Desk. We are currently experiencing higher than normal call volume. Please wait and your inquiry will be answered in the order that it was received. This call may be monitored for customer service and Jihadi training purposes.
  • Starwood Hotels Warns of Credit Card Breach

    Krebs on Security
    Starwood Hotels & Resorts Worldwide today warned that malware designed to help cyber thieves steal credit and debit card data was found on point-of-sale cash registers at some of the company's hotels in North America. The disclosure makes Starwood just the latest in a recent string of hotel chains to announce credit card breach investigations.
  • Federal Legislation Targets “Swatting” Hoaxes

    Krebs on Security
    A bill introduced in the U.S. House of Representatives on Wednesday targets "swatting," an increasingly common and costly hoax in which perpetrators spoof a communication to authorities about a hostage situation or other violent crime in progress in the hopes of tricking police into responding at a particular address with deadly force.
  • Report: Everyone Should Get a Security Freeze

    Krebs on Security
    This author has frequently urged readers to place a freeze on their credit files as a means of proactively preventing identity theft. Now, a major consumer advocacy group is recommending the same: The U.S. Public Interest Research Group (US-PIRG) recently issued a call for all consumers to request credit file freezes before becoming victims of ID theft.
  • Paris Terror Attacks Stoke Encryption Debate

    Krebs on Security
    U.S. state and federal law enforcement officials appear poised to tap into public concern over the terror attacks in France last week to garner support for proposals that would fundamentally weaken the security of encryption technology used by U.S. corporations and citizens. Here's a closer look at what's going on, and why readers should be tuned in and asking questions.
  • Chipotle Serves Up Chips, Guac & HR Email

    Krebs on Security
    The restaurant chain Chipotle Mexican Grill seems pretty good at churning out huge numbers of huge burritos, but the company may need to revisit some basic corporate cybersecurity concepts. For starters, Chipotle's human resources department has been replying to new job applicants using the domain "" -- a Web site name that the company has never owned or controlled.

    Translation: Until last week, anyone could have read email destined for the company's HR department just by registering the domain "". Also, Chipotle itself has inadvertently being pointing this out for months in emails to anyone who applied for a job via the company's Web site.

Editor's Recommendations

Solution Centres


View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release

Market Place