Обвинительное заключение, судебные иски оживляют историю Трампа с Альфа-банком

В октябре 2016 года СМИ сообщили, что данные, собранные самыми известными в мире экспертами по кибербезопасности, выявили частые и необъяснимые переписки между сервером электронной почты, используемым организацией Трампа, и Альфа-банком, одним из крупнейших российских финансовых учреждений. Эти публикации породили спекуляции о возможном секретном обратном канале связи, а также серию судебных исков и расследований, кульминацией которых … Читать далее

Crooks Continue to Exploit GoDaddy Hole

Godaddy.com, the world’s largest domain name registrar, recently addressed an authentication weakness that cybercriminals were using to blast out spam through legitimate, dormant domains. But several more recent malware spam campaigns suggest GoDaddy’s fix hasn’t gone far enough, and that scammers likely still have a sizable arsenal of hijacked GoDaddy domains at their disposal. On … Читать далее

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Two of the most disruptive and widely-received spam email campaigns over the past few months — including an ongoing sextortion email scam and a bomb threat hoax that shut down dozens of schools, businesses and government buildings late last year — were made possible thanks to an authentication weakness at GoDaddy.com, the world’s largest domain name … Читать далее

Are the Days of “Booter” Services Numbered?

It may soon become easier for Internet service providers to anticipate and block certain types of online assaults launched by Web-based attack-for-hire services known as “booter” or “stresser” services, new research released today suggests. The findings come from researchers in Germany who’ve been studying patterns that emerge when miscreants attempt to mass-scan the entire Internet … Читать далее

DDoS on Dyn Impacts Twitter, Spotify, Reddit

Criminals this morning massively attacked Dyn, a company that provides core Internet services for Twitter, SoundCloud, Spotify, Reddit and a host of other sites, causing outages and slowness for many of Dyn’s customers. Twitter is experiencing problems, as seen through the social media platform Hootsuite. In a statement, Dyn said that this morning, October 21, … Читать далее

KrebsOnSecurity Hit With Record DDoS

On Tuesday evening, KrebsOnSecurity.com was the target of an extremely large and unusual distributed denial-of-service (DDoS) attack designed to knock the site offline. The attack did not succeed thanks to the hard work of the engineers at Akamai, the company that protects my site from such digital sieges. But according to Akamai, it was nearly double … Читать далее

The Democratization of Censorship

John Gilmore, an American entrepreneur and civil libertarian, once famously quipped that “the Internet interprets censorship as damage and routes around it.” This notion undoubtedly rings true for those who see national governments as the principal threats to free speech. However, events of the past week have convinced me that one of the fastest-growing censorship … Читать далее

Triple DDoS vs. KrebsOnSecurity

“When nobody hates you, nobody knows you’re alive.” – Diplomacy, by Chris Smither During the last week of July, a series of steadily escalating cyber attacks directed at my Web site and hosting provider prevented many readers from being able to reach the site or read the content via RSS. Sorry about that. What follows … Читать далее

RSA Among Dozens of Firms Breached by Zero-Day Attacks

This is the second installment of a multi-part series examining the tools and tactics used by attackers in the RSA breach and other recent network intrusions characterized as “ultra-sophisticated” and “advanced persistent threats.”  If you missed the first piece, please check out Advanced Persistent Tweets: Zero-Day in 140 Characters. The recent data breach at security … Читать далее