Corporate Partners

Top IT Security Bloggers

Krebs on Security
  • Home Depot: 56M Cards Impacted, Malware Contained

    Krebs on Security
    Home Depot said today that cyber criminals armed with custom-built malware stole an estimated 56 million debit and credit card numbers from its customers between April and September 2014. That disclosure officially makes the incident the largest retail card breach on record.
  • In Home Depot Breach, Investigation Focuses on Self-Checkout Lanes

    Krebs on Security
    The malicious software that unknown thieves used to steal credit and debit card numbers in the data breach at Home Depot this year was installed mainly on payment systems in the self-checkout lanes at retail stores, according to sources close to the investigation. The finding means thieves probably stole far fewer cards during the almost five-month breach than they might have otherwise.
  • Medical Records For Sale in Underground Stolen From Texas Life Insurance Firm

    Krebs on Security
    How much are your medical records worth in the cybercrime underground? This week, KrebsOnSecurity discovered medical records being sold in bulk for as little as $6.40 apiece. The digital documents, several of which were obtained by sources working with this publication, were stolen from a Texas-based life insurance company that now says it is working with federal authorities on an investigation into an apparent data breach.
  • Critical Update for Adobe Reader & Acrobat

    Krebs on Security
    Adobe has released a security update for its Acrobat and PDF Reader products that fixes at least eight critical vulnerabilities in Mac and Windows versions of the software. If you use either of these programs, please take a minute to update now.
  • Breach at Goodwill Vendor Lasted 18 Months

    Krebs on Security
    C&K Systems Inc., a third-party payment vendor blamed for a credit and debit card breach at more than 330 Goodwill locations nationwide, disclosed this week that the intrusion lasted more than 18 months and has impacted at least two other organizations.
  • LinkedIn Feature Exposes Email Addresses

    Krebs on Security
    One of the risks of using social media networks is having information you intend to share with only a handful of friends be made available to everyone. Sometimes that over-sharing happens because friends betray your trust, but more worrisome are the cases in which a social media platform itself exposes your data in the name of marketing.
  • Critical Fixes for Adobe, Microsoft Software

    Krebs on Security
    Adobe today released updates to fix at least a dozen critical security problems in its Flash Player and AIR software. Separately, Microsoft pushed four update bundles to address at least 42 vulnerabilities in Windows, Internet Explorer, Lync and .NET Framework.
  • In Wake of Confirmed Breach at Home Depot, Banks See Spike in PIN Debit Card Fraud

    Krebs on Security
    Nearly a week after this blog first reported signs that Home Depot was battling a major security incident, the company has acknowledged that it suffered a credit and debit card breach dating back to April 2014 involving its U.S. and Canadian stores. Home Depot was quick to assure customers and banks that no debit card PIN data was compromised in the break-in. Nevertheless, multiple financial institutions contacted by this publication are reporting a steep increase over the past few days in fraudulent ATM withdrawals on customer accounts.
  • Home Depot Hit By Same Malware as Target

    Krebs on Security
    The apparent credit and debit card breach uncovered this week at Home Depot was aided in part by a new variant of the same malicious software that stole card account data from cash registers at Target last December, according to sources close to the investigation.
  • Dread Pirate Sunk By Leaky CAPTCHA

    Krebs on Security
    Ever since October 2013, when the FBI took down the online black market and drug bazaar known as the Silk Road, privacy activists and security experts have traded conspiracy theories about how the U.S. government managed to discover the geographic location of the Silk Road Web servers. Those systems were supposed to be obscured behind the anonymity service Tor, but as court documents released Friday explain, that wasn't entirely true: Turns out, the login page for the Silk Road employed an anti-abuse CAPTCHA service that pulled content from the open Internet, thus leaking the site's true location.

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Blog Posts

Media Release

More media release

Market Place