Top IT Security Bloggers

Krebs on Security
  • Silk Road Lawyers Poke Holes in FBI’s Story

    Krebs on Security
    New court documents released this week by the U.S. government in its case against the alleged ringleader of the Silk Road online black market and drug bazaar suggest that the feds may have some 'splaining to do.
  • ID Theft Service Customer Gets 27 Months

    Krebs on Security
    A Florida man was sentenced today to 27 months in prison for trying to purchase Social Security numbers and other data from an identity theft service that pulled consumer records from a subsidiary of credit bureau Experian.
  • Apple Releases Patches for Shellshock Bug

    Krebs on Security
    Apple has released updates to insulate Mac OS X systems from the dangerous "Shellshock" bug, a pervasive vulnerability that is already being exploited in active attacks.
  • We Take Your Privacy and Security. Seriously.

    Krebs on Security
    "Please note that [COMPANY NAME] takes the security of your personal data very seriously." If you've been on the Internet for any length of time, chances are very good that you've received at least one breach notification email or letter that includes some version of this obligatory line. But as far as lines go, this one is about as convincing as the classic break-up line, "It's not you, it's me."
  • Signature Systems Breach Expands

    Krebs on Security
    Signature Systems Inc., the point-of-sale vendor blamed for a credit and debit card breach involving some 216 Jimmy John's sandwich shop locations, now says the breach also may have jeopardized customer card numbers at nearly 100 other independent restaurants across the country that use its products.
  • ‘Shellshock’ Bug Spells Trouble for Web Security

    Krebs on Security
    As if consumers weren’t already suffering from breach fatigue: Experts warn that attackers are exploiting a critical, newly-disclosed security vulnerability present countless networks and Web sites that rely on Unix and Linux operating systems. Experts say the flaw, dubbed "Shellshock," is so intertwined with the modern Internet that it could prove challenging to fix, and in the short run is likely to put millions of networks and countless consumer records at risk of compromise.
  • $1.66M in Limbo After FBI Seizes Funds from Cyberheist

    Krebs on Security
    A Texas bank that's suing a customer to recover $1.66 million spirited out of the country in a 2012 cyberheist says it now believes the missing funds are still here in the United States -- in a bank account that's been frozen by the federal government as part of an international cybercrime investigation by the FBI.
  • Jimmy John’s Confirms Breach at 216 Stores

    Krebs on Security
    More than seven weeks after this publication broke the news of a possible credit card breach at nationwide sandwich chain Jimmy John's, the company now confirms that a break-in at one of its payment vendors jeopardized customer credit and debit card information at 216 stores.
  • Who’s Behind the Bogus $49.95 Charges?

    Krebs on Security
    Hardly a week goes by when I don't hear from a reader wondering about the origins of a bogus credit card charge for $49.95 or some similar amount for a product they never ordered. As this post will explain, such charges appear to be the result of crooks trying to game various online affiliate programs by using stolen credit cards.
  • Home Depot: 56M Cards Impacted, Malware Contained

    Krebs on Security
    Home Depot said today that cyber criminals armed with custom-built malware stole an estimated 56 million debit and credit card numbers from its customers between April and September 2014. That disclosure officially makes the incident the largest retail card breach on record.