Top IT Security Bloggers

Krebs on Security
  • Stealthy, Razor Thin ATM Insert Skimmers

    Krebs on Security
    An increasing number of ATM skimmers targeting banks and consumers appear to be of the razor-thin insert variety. These card-skimming devices are made to fit snugly and invisibly inside the throat of the card acceptance slot. Here's a look at a stealthy new model of insert skimmer pulled from a cash machine in southern Europe just this past week.
  • Counterfeit U.S. Cash Floods Crime Forums

    Krebs on Security
    One can find almost anything for sale online, particularly in some of the darker corners of the Web and on the myriad cybercrime forums. These sites sell everything from credit cards to identities and stolen merchandise, but until very recently, one illicit good I had never seen for sale on the forums was counterfeit U.S. currency.
  • Lorem Ipsum: Of Good & Evil, Google & China

    Krebs on Security
    Imagine discovering a secret language spoken only online by a knowledgeable and learned few. Over a period of weeks, as you begin to tease out the meaning of this curious tongue and ponder its purpose, the language appears to shift in subtle but fantastic ways, remaking itself daily before your eyes. And just when you are poised to share your findings with the rest of the world, the entire thing vanishes.

    This fairly describes my roller coaster experience of curiosity, wonder and disappointment over the past few weeks, as I've worked alongside security researchers in an effort to understand how "lorem ipsum" -- common placeholder text on countless Web sites -- could be transformed into so many apparently geopolitical and startlingly modern phrases when translated from Latin to English using Google Translate.
  • Why So Many Card Breaches? A Q&A

    Krebs on Security
    The news wires today are buzzing with stories about another potentially major credit/debit card breach at yet another retail chain: This time, the apparent victim is AB Acquisition, which operates Albertsons stores under a number of brands, including ACME Markets, Jewel-Osco, Shaw’s and Star Markets. Today’s post includes no special insight into this particular retail […]
  • How Secure is Your Security Badge?

    Krebs on Security
    Security conferences are a great place to learn about the latest hacking tricks, tools and exploits, but they also remind us of important stuff that was shown to be hackable in previous years and never really got fixed. Perhaps the best example of this at last week's annual DefCon security conference in Las Vegas came from hackers who built on research first released in 2010 to show just how trivial it still is to read, modify and clone most HID cards -- the rectangular white plastic "smart" cards that organizations worldwide distribute to employees for security badges.
  • Tenn. Firm Sues Bank Over $327K Cyberheist

    Krebs on Security
    An industrial maintenance and construction firm in Tennessee that was hit by a $327,000 cyberheist is suing its financial institution to recover the stolen funds, charging the bank with negligence and breach of contract. Court-watchers say the lawsuit -- if it proceeds to trial -- could make it easier and cheaper for cyberheist victims to recover losses.
  • Adobe, Microsoft Push Critical Security Fixes

    Krebs on Security
    Adobe and Microsoft today each independently released security updates to fix critical problems with their products. Adobe issued patches for Adobe Reader/Acrobat, Flash Player and AIR, while Microsoft pushed nine security updates to address at least 37 security holes in Windows and related software.
  • Personalize Your Copy of Spam Nation

    Krebs on Security
    Good news for fans of this blog who have not yet pre-ordered a copy of my upcoming book, Spam Nation. Politics & Prose, a literary landmark in the District of Columbia, will be helping me launch a six-city book tour, and is offering a personalized message from this author for anyone who pre-orders a copy of Spam Nation through the D.C. store's Web site.
  • New Site Recovers Files Locked by Cryptolocker Ransomware

    Krebs on Security
    Until today, Microsoft Windows users who've been unfortunate enough to have the personal files on their computer encrypted and held for ransom by a nasty strain of malware called CryptoLocker have been faced with a tough choice: Pay cybercrooks a ransom of a few hundred to several thousand dollars to unlock the files, or kiss those files goodbye forever. That changed this morning, when two security firms teamed up to launch a free new online service that can help victims unlock and recover files scrambled by the malware.
  • Q&A on the Reported Theft of 1.2B Email Accounts

    Krebs on Security
    My phone and email have been flooded with requests from various media outlets over the past 12 hours since security consultancy Hold Security dropped the news that a Russian gang has stolen more than a billion email account credentials. Rather than respond to each of them in turn, allow me to add a bit of perspective here in the most direct way possible: The Q&A.
CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Enterprise Security Suite

Comprehensive protection from your internet gateway to your mail and file servers, desktops, laptops, and mobile devices, fully integrated and centrally managed.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.