The largest cyber security blog
Microsoft is now offering Windows 7 users “Service Pack 1,” a bundle of security updates and minor feature improvements. If you’re thinking about installing this update, read on for a few caveats and tips that may change your mind. First off, this service pack is mainly a bundle of previously-released security updates. If you are … Читать далее
How do you chronicle the struggle for control of an underground empire when neither combatant wants to admit that he is fighting or even that a war is underway? That’s the nature of a business-feud turned turf-war that is playing out right now between the bosses of two of the Internet’s largest illicit pharmacy operations. … Читать далее
An organized crime group thought to include individuals responsible for the notorious Storm and Waledac worms generated more than $150 million promoting rogue online pharmacies via spam and hacking, according to data obtained by KrebsOnSecurity.com. In June 2010, an anonymous source using the assumed name “Despduck” began an e-mail correspondence with a key anti-spam source … Читать далее
An online bank robbery in which computer crooks stole $63,000 from a Kansas car dealership illustrates the deftness with which cyber thieves are flouting the meager security measures protecting commercial accounts at many banks. At 7:45 a..m. Monday, Nov. 1, 2010, the controller for Abilene, Kansas based Green Ford Sales, Inc. logged into his account … Читать далее
I recently returned from a trip to Russia, where I traveled partly to interview a few characters involved in running the world’s biggest illicit online pharmacies. I arrived just days after the real fireworks, when several truckloads of masked officers from Russian drug enforcement bureaus raided a party thrown exclusively for the top moneymakers of … Читать далее
KrebsOnSecurity.com was honored at the annual Social Security Blogger Awards at the RSA security conference in San Francisco this week. Judges and voters picked this blog as the one they thought best represents the security industry today. Among the four other finalists in this category were some fairly big names (in no particular order): * … Читать далее
A new version of Java fixes at least 21 security flaws in the widely-distributed software bundle. Updates are available for Windows, Linux and Solaris users. If you’re curious about the security updates included in Java 6 Update 24, see the release notes from Oracle. As I have shown in many stories on this blog, outdated … Читать далее
On February 8, 2009, a customer at an ATM at a Bank of America branch in Sun Valley, Calif., spotted something that didn’t look quite right about the machine: A silver, plexiglass device had been attached to the ATM’s card acceptance slot, in a bid to steal card data from unsuspecting ATM users. But the … Читать далее
A company that is helping the federal government track down cyberactivists who have been attacking business which refused to support Wikileaks has itself been hacked by the very same activists. At the center of the storm is a leaderless and anarchic Internet group called Anonymous, which more recently has been coordinating attacks against Egyptian government … Читать далее
Late this week, I heard from several anti-spam activists who alerted me to a nice reminder that spammers don’t always win: Spammers have been promoting their rogue pharmacy sites via images uploaded to free image hosting service imageshack.us. In response, the company appears to have simply replaced those images with the following subtle warning: The … Читать далее