Spammers Abusing Trust in US .Gov Domains
Spammers are abusing ill-configured U.S. dot-gov domains and link shorteners to promote spammy sites that are hidden behind short links ending in”usa.gov”. Spam purveyors are taking advantage of...
View ArticleeBay Asks Users to Downgrade Security
Last week, KrebsOnSecurity received an email from eBay. The company wanted me to switch from using a hardware key fob when logging into eBay to receiving a one-time code sent via text message. I found...
View Article‘Petya’ Ransomware Outbreak Goes Global
A new strain of ransomware dubbed “Petya” is worming its way around the world with alarming speed. The malware is spreading using a vulnerability in Microsoft Windows that the software giant patched in...
View ArticleWho is the GovRAT Author and Mirai Botmaster ‘Bestbuy’?
In February 2017, authorities in the United Kingdom arrested a 29-year-old U.K. man on suspicion of knocking more than 900,000 Germans offline in an attack tied to Mirai, a malware strain that enslaves...
View ArticleKrebs Given ISSA’s ‘President’s Award’
KrebsOnSecurity was honored this month with the 2017 President’s Award for Public Service from the Information Systems Security Association, a nonprofit organization for cybersecurity professionals....
View ArticleThink You’ve Got Your Credit Freezes Covered? Think Again.
I spent a few days last week speaking at and attending a conference on responding to identity theft. The forum was held in Florida, one of the major epicenters for identity fraud complaints in United...
View ArticleBad .Men at .Work. Please Don’t .Click
Web site names ending in new top-level domains (TLDs) like .men, .work and .click are some of the riskiest and spammy-est on the Internet, according to experts who track such concentrations of badness...
View ArticleLifeLock Bug Exposed Millions of Customer Email Addresses
Identity theft protection firm LifeLock — a company that’s built a name for itself based on the promise of helping consumers protect their identities online — may have actually exposed customers to...
View ArticleCredit Card Issuer TCM Bank Leaked Applicant Data for 16 Months
TCM Bank, a company that helps more than 750 small and community U.S. banks issue credit cards to their account holders, said a Web site misconfiguration exposed the names, addresses, dates of birth...
View ArticleWho’s In Your Online Shopping Cart?
Crooks who hack online merchants to steal payment card data are constantly coming up with crafty ways to hide their malicious code on Web sites. In Internet ages past, this often meant obfuscating it...
View Article
More Pages to Explore .....