Top IT Security Bloggers
Krebs on Security
-
Critical Update for Adobe Reader & Acrobat
Krebs on SecurityAdobe has released a security update for its Acrobat and PDF Reader products that fixes at least eight critical vulnerabilities in Mac and Windows versions of the software. If you use either of these programs, please take a minute to update now. -
Breach at Goodwill Vendor Lasted 18 Months
Krebs on SecurityC&K Systems Inc., a third-party payment vendor blamed for a credit and debit card breach at more than 330 Goodwill locations nationwide, disclosed this week that the intrusion lasted more than 18 months and has impacted at least two other organizations. -
LinkedIn Feature Exposes Email Addresses
Krebs on SecurityOne of the risks of using social media networks is having information you intend to share with only a handful of friends be made available to everyone. Sometimes that over-sharing happens because friends betray your trust, but more worrisome are the cases in which a social media platform itself exposes your data in the name of marketing. -
Critical Fixes for Adobe, Microsoft Software
Krebs on SecurityAdobe today released updates to fix at least a dozen critical security problems in its Flash Player and AIR software. Separately, Microsoft pushed four update bundles to address at least 42 vulnerabilities in Windows, Internet Explorer, Lync and .NET Framework. -
In Wake of Confirmed Breach at Home Depot, Banks See Spike in PIN Debit Card Fraud
Krebs on SecurityNearly a week after this blog first reported signs that Home Depot was battling a major security incident, the company has acknowledged that it suffered a credit and debit card breach dating back to April 2014 involving its U.S. and Canadian stores. Home Depot was quick to assure customers and banks that no debit card PIN data was compromised in the break-in. Nevertheless, multiple financial institutions contacted by this publication are reporting a steep increase over the past few days in fraudulent ATM withdrawals on customer accounts. -
Home Depot Hit By Same Malware as Target
Krebs on SecurityThe apparent credit and debit card breach uncovered this week at Home Depot was aided in part by a new variant of the same malicious software that stole card account data from cash registers at Target last December, according to sources close to the investigation. -
Dread Pirate Sunk By Leaky CAPTCHA
Krebs on SecurityEver since October 2013, when the FBI took down the online black market and drug bazaar known as the Silk Road, privacy activists and security experts have traded conspiracy theories about how the U.S. government managed to discover the geographic location of the Silk Road Web servers. Those systems were supposed to be obscured behind the anonymity service Tor, but as court documents released Friday explain, that wasn't entirely true: Turns out, the login page for the Silk Road employed an anti-abuse CAPTCHA service that pulled content from the open Internet, thus leaking the site's true location. -
Data: Nearly All U.S. Home Depot Stores Hit
Krebs on SecurityNew data gathered from the cybercrime underground suggests that the apparent credit and debit card breach at Home Depot involves nearly all of the company's stores across the nation. -
Banks: Credit Card Breach at Home Depot
Krebs on SecurityMultiple banks say they are seeing evidence that Home Depot stores may be the source of a massive new batch of stolen credit and debit cards that went on sale this morning in the cybercrime underground. Home Depot says that it is working with banks and law enforcement agencies to investigate reports of suspicious activity. […] -
Fun With Funny Money
Krebs on SecurityReaders or "fans" of this blog have sent some pretty crazy stuff to my front door over the past few years, including a gram of heroin, a giant bag of feces, an enormous cross-shaped funeral arrangement, and a heavily armed police force. Last week, someone sent me a far less menacing package: an envelope full of cash. Granted, all of the cash turned out to be counterfeit money, but hey it's the thought that counts, right?