Corporate Partners

Top IT Security Bloggers

Krebs on Security
  • Carefirst Blue Cross Breach Hits 1.1M

    Krebs on Security
    CareFirst BlueCross BlueShield on Wednesday said it had been hit with a data breach that compromised the personal information on approximately 1.1 million customers. There are indications that the same attack methods may have been used in this intrusion as with breaches at Anthem and Premera, incidents that collectively involved data on more than 90 million Americans.
  • mSpy Denies Breach, Even as Customers Confirm It

    Krebs on Security
    Last week, KrebsOnSecurity broke the news that sensitive data apparently stolen from hundreds of thousands of customers mobile spyware maker mSpy had been posted online. mSpy has since been quoted twice by other publications denying a breach of its systems. Meanwhile, this blog has since contacted multiple people whose data was published to the deep Web, all of whom confirmed they were active or former mSpy customers.
  • Security Firm Redefines APT: African Phishing Threat

    Krebs on Security
    A security firm made headlines last week when it boasted it had thwarted plans by organized Russian cyber criminals to launch an attack against multiple US-based banks. But a closer look at the details behind that report suggests that the actors in question were relatively unsophisticated Nigerian phishers who'd simply registered a bunch of new fake bank Web sites.
  • St. Louis Federal Reserve Suffers DNS Breach

    Krebs on Security
    The St. Louis Federal Reserve today sent a message to the banks it serves alerting them that in late April 2015 attackers succeeded in hijacking the domain name servers for the institution. The attack redirected Web searches and queries for those seeking a variety of domains run by the government entity to a Web page set up by the attackers in an apparent bid by cybercrooks to hijack online communications of banks and other entities dealing with the regional Fed office.
  • Starbucks Hacked? No, But You Might Be

    Krebs on Security
    When it comes to reporting on breaches involving customer accounts at major brands, the news media overall deserves an F-minus. Hardly a week goes by when I don't hear from readers about a breathless story proclaiming that yet another household brand name company has been hacked. Upon closer inspection, the stories usually are based on little more than anecdotal evidence from customers who had their online loyalty or points accounts hijacked and then drained of value.
  • Mobile Spy Software Maker mSpy Hacked, Customer Data Leaked

    Krebs on Security
    mSpy, the makers of a dubious software-as-a-service product that claims to help more than two million people spy on the mobile devices of their kids and partners, appears to have been massively hacked. Last week, a huge trove of data apparently stolen from the company's servers was posted on the Dark Web, exposing countless emails, text messages, payment and location data on an undetermined number of mSpy "users."
  • Adobe, Microsoft Push Critical Security Fixes

    Krebs on Security
    Microsoft today issued 13 patch bundles to fix roughly four dozen security vulnerabilities in Windows and associated software. Separately, Adobe pushed updates to fix a slew of critical flaws in its Flash Player and Adobe Air software, as well as patches to fix holes in Adobe Reader and Acrobat. Three of the Microsoft patches earned the […]
  • Who’s Scanning Your Network? (A: Everyone)

    Krebs on Security
    Not long ago I heard from a reader who wanted advice on how to stop someone from scanning his home network, or at least recommendations about to whom he should report the person doing the scanning. I couldn't believe that people actually still cared about scanning, and I told him as much: These days there are countless entities -- some benign and research-oriented, and some less benign -- that are continuously mapping and cataloging virtually every devices that's put online.
  • Deconstructing the 2014 Sally Beauty Breach

    Krebs on Security
    This week, nationwide beauty products chain Sally Beauty disclosed that, for the second time in a year, it was investigating reports that hackers had broken into its networks and stolen customer credit card data. That investigation is ongoing, but I recently had an opportunity to interview a former Sally Beauty IT technician who provided a first-hand look at how the first breach in 2014 breach went down.
  • PayIvy Sells Your Online Accounts Via PayPal

    Krebs on Security
    Normally, if one wishes to buy stolen account credentials for paid online services like Netflix, Hulu, XBox Live or Spotify, the buyer needs to visit a cybercrime forum or drop into a dark Web marketplace that only accepts Bitcoin as payment. Increasingly, however, these accounts are showing up for sale at Payivy[dot]com, an open Web marketplace that happily accepts PayPal in exchange for a variety of stolen accounts.

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Blog Posts

Media Release

More media release

Market Place