Corporate Partners

Top IT Security Bloggers

Krebs on Security
  • Banks: Credit Card Breach at Staples Stores

    Krebs on Security
    Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a breach involving in-store customer transactions. Staples says it is investigating "a potential issue" and has contacted law enforcement.
  • Spike in Malware Attacks on Aging ATMs

    Krebs on Security
    This author has long been fascinated with ATM skimmers, custom-made fraud devices designed to steal card data and PINs from unsuspecting users of compromised cash machines. But a recent spike in malicious software capable of infecting and jackpotting ATMs is shifting the focus away from innovative, high-tech skimming devices toward the rapidly aging ATM infrastructure in the United States and abroad.
  • Seleznev Arrest Explains ‘2Pac’ Downtime

    Krebs on Security
    The U.S. Justice Department has piled on more charges against alleged cybercrime kingpin Roman Seleznev, a Russian national who made headlines in July when it emerged that he'd been whisked away to Guam by U.S. federal agents while vacationing in the Maldives. The additional charges against Seleznev may help explain the extended downtime at an extremely popular credit card fraud shop in the cybercrime underground.
  • Microsoft, Adobe Push Critical Security Fixes

    Krebs on Security
    Adobe, Microsoft and Oracle each released updates today to plug critical security holes in their products. Adobe released patches for its Flash Player and Adobe AIR software. A patch from Oracle fixes at least 25 flaws in Java. And Microsoft pushed patches to fix at least two-dozen vulnerabilities in a number of Windows components, including Office, Internet Explorer and .NET. One of the updates addresses a zero-day flaw that reportedly is already being exploited in active cyber espionage attacks.
  • Who’s Watching Your WebEx?

    Krebs on Security
    KrebsOnSecurity spent a good part of the past week working with Cisco to alert more than four dozen companies -- many of them household names -- about regular corporate WebEx conference meetings that lack passwords and are thus open to anyone who wants to listen in.
  • Malware Based Credit Card Breach at Kmart

    Krebs on Security
    Sears Holding Co. late Friday said it recently discovered that point-of-sale registers at its Kmart stores were compromised by malicious software that stole customer credit and debit card information. The company says it has removed the malware from store registers and contained the breach, but that the investigation is ongoing. “Yesterday our IT teams detected […]
  • Dairy Queen Confirms Breach at 395 Stores

    Krebs on Security
    Nationwide fast-food chain Dairy Queen on Thursday confirmed that malware installed on cash registers at some 395 stores resulted in the theft of customer credit and debit card information. The acknowledgement comes nearly six weeks after this publication first broke the news that multiple banks were reporting indications of a card breach at Dairy Queen locations across the country.
  • Signed Malware = Expensive “Oops” for HP

    Krebs on Security
    Computer and software industry maker HP is in the process of notifying customers about a seemingly harmless security incident in 2010 that nevertheless could prove expensive for the company to fix and present unique support problems for users of its older products.
  • Spam Nation Book Offer + Tour Details

    Krebs on Security
    As many of you know, my first book -- Spam Nation -- hits bookstore shelves on Nov. 18. I want to thank those of you who have already pre-ordered the book, and offer a small enticement for those who have yet to secure a copy.
  • Huge Data Leak at Largest U.S. Bond Insurer

    Krebs on Security
    On Monday, KrebsOnSecurity notified the Municipal Bond Insurance Association -- the nation's largest bond insurer -- that a misconfiguration in a company Web server had exposed countless customer account numbers, balances and other sensitive data. Much of the information had been indexed by search engines, including a page listing administrative credentials that attackers could use to access data that wasn't already accessible via a simple Web search.

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Blog Posts

Media Release

More media release

Market Place