Clik here to view.
Spammers Abusing Trust in US .Gov Domains
Spammers are abusing ill-configured U.S. dot-gov domains and link shorteners to promote spammy sites that are hidden behind short links ending in”usa.gov”. Spam purveyors are taking advantage of...
View ArticleClik here to view.
eBay Asks Users to Downgrade Security
Last week, KrebsOnSecurity received an email from eBay. The company wanted me to switch from using a hardware key fob when logging into eBay to receiving a one-time code sent via text message. I found...
View ArticleClik here to view.
‘Petya’ Ransomware Outbreak Goes Global
A new strain of ransomware dubbed “Petya” is worming its way around the world with alarming speed. The malware is spreading using a vulnerability in Microsoft Windows that the software giant patched in...
View ArticleClik here to view.
Who is the GovRAT Author and Mirai Botmaster ‘Bestbuy’?
In February 2017, authorities in the United Kingdom arrested a 29-year-old U.K. man on suspicion of knocking more than 900,000 Germans offline in an attack tied to Mirai, a malware strain that enslaves...
View ArticleClik here to view.
Krebs Given ISSA’s ‘President’s Award’
KrebsOnSecurity was honored this month with the 2017 President’s Award for Public Service from the Information Systems Security Association, a nonprofit organization for cybersecurity professionals....
View ArticleClik here to view.
Think You’ve Got Your Credit Freezes Covered? Think Again.
I spent a few days last week speaking at and attending a conference on responding to identity theft. The forum was held in Florida, one of the major epicenters for identity fraud complaints in United...
View ArticleClik here to view.
Bad .Men at .Work. Please Don’t .Click
Web site names ending in new top-level domains (TLDs) like .men, .work and .click are some of the riskiest and spammy-est on the Internet, according to experts who track such concentrations of badness...
View ArticleClik here to view.
LifeLock Bug Exposed Millions of Customer Email Addresses
Identity theft protection firm LifeLock — a company that’s built a name for itself based on the promise of helping consumers protect their identities online — may have actually exposed customers to...
View ArticleClik here to view.
Credit Card Issuer TCM Bank Leaked Applicant Data for 16 Months
TCM Bank, a company that helps more than 750 small and community U.S. banks issue credit cards to their account holders, said a Web site misconfiguration exposed the names, addresses, dates of birth...
View ArticleClik here to view.
Who’s In Your Online Shopping Cart?
Crooks who hack online merchants to steal payment card data are constantly coming up with crafty ways to hide their malicious code on Web sites. In Internet ages past, this often meant obfuscating it...
View Article
