Top IT Security Bloggers

Krebs on Security
  • Fund Targets Victims Scammed Via Western Union

    Krebs on Security
    If you, a friend or loved one lost money in a scam involving Western Union, some or all of those funds may be recoverable thanks to a more than half-billion dollar program set up by the U.S. Federal Trade Commission.
  • R.I.P. root9B? We Hardly Knew Ya!

    Krebs on Security
    root9B, a company that many in the security industry considered little more than a big-name startup aimed at cashing in on the stock market's insatiable appetite for cybersecurity firms, surprised no one this week when it announced it was ceasing operations at the end of the year.

    Founded in 2011, Colorado Springs, Colo. based root9B Technologies touted itself as an IT security training firm staffed by an impressive list of ex-military leaders with many years of cybersecurity experience at the Department of Defense and National Security Agency (NSA). As it began to attract more attention from investors, root9B's focus shifted to helping organizations hunt for cyber intruders within their networks.
  • Adobe, Microsoft Patch Critical Cracks

    Krebs on Security
    It's Nov. 14 -- the second Tuesday of the month (a.k.a. "Patch Tuesday) -- and Adobe and Microsoft have issued gobs of security updates for their software. Microsoft's 11 patch bundles fix more than four-dozen security holes in various Windows versions and Office products -- including at least four serious flaws that were publicly disclosed prior to today. Meanwhile, Adobe's got security updates available for a slew of titles, including Flash Player, Photoshop, Reader and Shockwave.
  • How to Opt Out of Equifax Revealing Your Salary History

    Krebs on Security
    A KrebsOnSecurity series on how easy big-three credit bureau Equifax makes it to get detailed salary history data on tens of millions of Americans apparently inspired a deeper dive on the subject by Fast Company, which examined how this Equifax division has been one of the company's best investments. In this post, I'll show you how to opt out of yet another Equifax service that makes money at the expense of your privacy.
  • Hack of Attack-for-Hire Service vDOS Snares New Mexico Man

    Krebs on Security
    A New Mexico man is facing federal hacking charges for allegedly using the now defunct attack-for-hire service vDOS to launch damaging digital assaults aimed at knocking his former employer's Web site offline. Prosecutors were able to bring the case in part because vDOS got massively hacked last year, and its customer database of payments and targets leaked to this author and to the FBI.
  • DDoS-for-Hire Service Launches Mobile App

    Krebs on Security
    In May 2013 KrebsOnSecurity wrote about Ragebooter, a service that paying customers can use to launch powerful distributed denial-of-service (DDoS) attacks capable of knocking individuals and Web sites offline. The owner of Ragebooter subsequently was convicted in 2016 of possessing child pornography, but his business somehow lived on while he was in prison. Now just weeks after Poland made probation, a mobile version of the attack-for-hire service has gone up for sale on the Google Play store.
  • Simple Banking Security Tip: Verbal Passwords

    Krebs on Security
    There was a time when I was content to let my bank authenticate me over the phone by asking for some personal identifiers (SSN/DOB) that are broadly for sale in the cybercrime underground. At some point, however, I decided this wasn't acceptable for institutions that held significant chunks of our money, and I began taking our business away from those that wouldn't let me add a simple verbal passphrase that needed to be uttered before any account details could be discussed over the phone.
  • 2nd Breach at Verticalscope Impacts Millions

    Krebs on Security
    For the second time in as many years, hackers have compromised Verticalscope.com, a Canadian company that manages hundreds of popular Web discussion forums totaling more than 45 million user accounts. Evidence of the breach was discovered just before someone began using that illicit access as a commercial for a new paid search service that indexes consumer information exposed in corporate data breaches.
  • Equifax Reopens Salary Lookup Service

    Krebs on Security
    Equifax has re-opened a Web site that lets anyone look up the salary history of a large portion of the American workforce using little more than a person's Social Security number and their date of birth. The big-three credit bureau took the site down just hours after I wrote about it on Oct. 8, and began restoring the site eight days later saying it had added unspecified "security enhancements."
  • Fear the Reaper, or Reaper Madness?

    Krebs on Security
    Last week we looked at reports from China and Israel about a new "Internet of Things" malware strain called "Reaper" that researchers said infected more than a million organizations by targeting newfound security weaknesses in countless Internet routers, security cameras and digital video recorders (DVRs). Now some botnet experts are calling on people to stop the "Reaper Madness," saying the actual number of IoT devices infected with Reaper right now is much smaller.

    Arbor Networks said it believes the current actual size of the Reaper botnet fluctuates between 10,000 and 20,000 bots total. Arbor notes that this can change any time.

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release

Market Place