Brian Krebs

(get it in RSS or Atom)

Hacker who plotted to send heroin to Brian Krebs arrested in Italy

Hacker who plotted to send heroin to Brian Krebs arrested in Italy

I don't envy the scriptwriters who are busy at work on the Krebs movie. The news just keeps coming! The latest: Sergei Vovnenko, known as Fly, was arrested under suspicion of trafficking in stolen credit cards as well as plotting to send heroin to the security journalist/crimefighter.

Carwash POS systems hacked, credit card data drained

Carwash POS systems hacked, credit card data drained

Police in the US state of Massachusetts have busted what they say is a gang of thieves who were buying stolen credit cards and using them to buy gift cards that were then sometimes exhausted of their balance, washed clean of data and reloaded with more stolen credit card data.

Sydney teen arrested as hacking hoaxster sends SWAT team to his house

Sydney teen arrested as hacking hoaxster sends SWAT team to his house

Having been told that residents were tied up inside the home, and that shots had been fired, officers swooped on the Bonar Street address at 4.40 am. But it was all a hoax.

16-year-old Canadian boy arrested for over 30 swattings, bomb threats

SWAT team. Image courtesy of Shutterstock.

Police arrested a Canadian 16-year-old who might have been the swatter of not only security journalist Brian Krebs, but also of schools, to which he allegedly made bogus threats of bombs, hostage-taking and active sniper shooting.

Hardware maker LaCie admits to year-long credit card breach

Hardware maker LaCie admits to year-long credit card breach

The major hardware maker has admitted to a nearly year-long credit card breach - just the latest in a string of companies that have suffered Adobe ColdFusion vulnerabilities-related exploits.

Hack of online dating site Cupid Media exposes 42 million plaintext passwords

Hack of online dating site Cupid Media exposes 42 million plaintext passwords

Guess how many times "123456" was used as a password by users. If you answered "close to 2 million times," you win! Now guess which online dating site service has decided to encrypt customer records using salting and hashing in future.

Data-stealing botnets found in major data brokers' servers

Data-stealing botnets found in major public records servers

Servers at Lexis-Nexis, Dun & Bradstreet, and Kroll Background America/HireRight show up in the dashboard of a small, effective botnet run by a service that sells vital personal information on US residents, an investigation has revealed.

California escrow firm shuttered after cyberthieves drained it of $1.5 million

An escrow firm in the US state of California has been run out of business and its nine employees laid off, after a remote access Trojan planted on its system drained it of $1.5 million.

Could this happen to your business?

DDoS-for-hire service is legal and even lets FBI peek in, says a guy with an attorney

Polish programmers jailed for 5 years for DDoS and cyber-extortion of online casino

It's "a public service on a public connection to other public servers", the operator of RageBooter told Brian Krebs, and if sites don't like getting their socks knocked off in DDoS attacks, they should fix recursive DNS and default DNS server settings.

Oh, and yes, he says, he not only cooperates with the FBI, he works with them. He's busy on Tuesdays around 1 p.m., so try later if you need to to launch an attack.

Monday review - the hot 20 stories of the week

Monday review

Catch up with all the security news from the last seven days - it's weekly roundup time.

The Redkit malware exploit gang has a message for security blogger Brian Krebs

The Redkit malware exploit gang has a message for security blogger Brian Krebs

Award-winning security blogger Brian Krebs is loved by everyone on the internet... apart from the criminals.

Find out what they're saying about him in their latest version of the Redkit exploit kit.

The biggest Mac malware attack of all time - blogger names suspected mastermind

Suspected mastermind behind biggest Mac malware attack of all time

Award-winning security blogger Brian Krebs has shared details of his investigation into who might have been behind Flashback - which hit more than 600,000 Mac computers in early 2012

Monday review - the hot 32 stories of the week

Monday review - the hot stories of the week

It's that time of the week again - here's your roundup of everything we wrote in the last seven days.

Hackers launch DDoS attack on security blogger's site, send SWAT team to his home

Brian Krebs SWATted

Brian Krebs was the victim of a caller ID spoof that resulted in armed police surrounding his house. He's pretty sure about the criminal element responsible and has linked the perpetrator(s) to a denial-of-service attack against Ars Technica following its report of Krebs's ordeal.

Hacker selling $700 exploit that hijacks Yahoo email accounts

Hacker selling $700 Yahoo exploit that hijacks email accounts

A hacker is selling a $700 zero-day exploit for Yahoo Mail that lets an attacker leverage a cross-site scripting (XSS) vulnerability to steal cookies and hijack accounts.

Unmasked! Alleged mastermind of "Project Blitzkrieg" online attack plot against US banks

Alleged mastermind of "Project Blitzkrieg" project targeting US banks is unmasked

Claims are made that a cyber gang is recruiting some 100 botmasters for a Trojan attack against 30 US bank, and the plot's alleged mastermind is unmasked.

But given the alleged fraudster's flamboyant claims, can we be sure he's not a trap set by Russian law enforcement?

Zeus - Exploiting Spear Phishing to Spear Phish

Image (2) zbot-spearphish-thumb.png for post 25130

The Zeus crimeware family has moved into new territory with its latest spam campaign - purporting to be a warning about targeted phishing attacks on ".gov" and ".mil" domains, by Zeus Trojans no less! In fact, one of the latest Read more…

Irresponsible disclosure? That's a big fat zero

Image (1) digital-zero.jpg for post 15645

Brian Krebs has published an interesting interview on his KrebsOnSecurity blog with Evgeny Legerov, the founder of Russian security firm Intevydis. In the interview Legerov reveals that he plans to take the controversial step of releasing details of previously undocumented Read more…