Before You Install Windows 7 Service Pack 1

Microsoft is now offering Windows 7 users “Service Pack 1,” a bundle of security updates and minor feature improvements. If you’re thinking about installing this update, read on for a few caveats and tips that may change your mind. First off, this service pack is mainly a bundle of previously-released security updates. If you are … Читать далее

Pharma Wars

How do you chronicle the struggle for control of an underground empire when neither combatant wants to admit that he is fighting or even that a war is underway? That’s the nature of a business-feud turned turf-war that is playing out right now between the bosses of two of the Internet’s largest illicit pharmacy operations. … Читать далее

SpamIt, Glavmed Pharmacy Networks Exposed

An organized crime group thought to include individuals responsible for the notorious Storm and Waledac worms generated more than $150 million promoting rogue online pharmacies via spam and hacking, according to data obtained by KrebsOnSecurity.com. In June 2010, an anonymous source using the assumed name “Despduck” began an e-mail correspondence with a key anti-spam source … Читать далее

Sold a Lemon in Internet Banking

An online bank robbery in which computer crooks stole $63,000 from a Kansas car dealership illustrates the deftness with which cyber thieves are flouting the meager security measures protecting commercial accounts at many banks. At 7:45 a..m. Monday, Nov. 1, 2010, the controller for Abilene, Kansas based Green Ford Sales, Inc. logged into his account … Читать далее

Russian Cops Crash Pill Pusher Party

I recently returned from a trip to Russia, where I traveled partly to interview a few characters involved in running the world’s biggest illicit online pharmacies. I arrived just days after the real fireworks, when several truckloads of masked officers from Russian drug enforcement bureaus raided a party thrown exclusively for the top moneymakers of … Читать далее

KrebsOnSecurity.com Wins Award

KrebsOnSecurity.com was honored at the annual Social Security Blogger Awards at the RSA security conference in San Francisco this week. Judges and voters picked this blog as the one they thought best represents the security industry today. Among the four other finalists in this category were some fairly big names (in no particular order): * … Читать далее

Java 6 Update 24 Plugs 21 Security Holes

A new version of Java fixes at least 21 security flaws in the widely-distributed software bundle. Updates are available for Windows, Linux and Solaris users. If you’re curious about the security updates included in Java 6 Update 24, see the release notes from Oracle. As I have shown in many stories on this blog, outdated … Читать далее

HBGary Federal Hacked by Anonymous

A company that is helping the federal government track down cyberactivists who have been attacking business which refused to support Wikileaks has itself been hacked by the very same activists. At the center of the storm is a leaderless and anarchic Internet group called Anonymous, which more recently has been coordinating attacks against Egyptian government … Читать далее

Imageshack Swaps Spam Pages for Scam Alerts

Late this week, I heard from several anti-spam activists who alerted me to a nice reminder that spammers don’t always win: Spammers have been promoting their rogue pharmacy sites via images uploaded to free image hosting service imageshack.us. In response, the company appears to have simply replaced those images with the following subtle warning: The … Читать далее