Two critical browser patches for iPhones and Macs - plus a quiet patch for a Mac password disclosure glitch we wrote about recently.
04/26/18 5:41 pm
Thank you GDPR.
04/26/18 9:57 am
The 20-year-old CIH virus, aka "Chernobyl", isn't just a museum curiosity. It still has plenty of lessons to teach us today.
04/26/18 7:59 am
The site's down and at least four of its admins have been arrested
04/26/18 7:52 am
The smallest thing about the Yahoo mega-breach is the fine
04/26/18 6:38 am
Authorities in the U.S., U.K. and the Netherlands on Tuesday took down popular online attack-for-hire service WebStresser.org and arrested its alleged administrators. Investigators say that prior to the takedown, the service had more than 136,000 registered users and was responsible for launching somewhere between four and six million attacks over the past three years.
04/25/18 10:41 am
MEDantex, a Kansas-based company that provides medical transcription services for hospitals, clinics and private physicians, took down its customer Web portal last week after being notified by KrebsOnSecurity that it was leaking sensitive patient medical records -- apparently for thousands of physicians.
04/23/18 2:18 pm
Facebook has built some of the most advanced algorithms for tracking users, but when it comes to acting on user abuse reports about Facebook groups and content that clearly violate the company's "community standards," the social media giant's technology appears to be woefully inadequate.
04/20/18 5:59 am
In 2016, KrebsOnSecurity exposed a network of phony Web sites and fake online reviews that funneled those seeking help for drug and alcohol addiction toward rehab centers that were secretly affiliated with the Church of Scientology. Not long after the story ran, that network of bogus reviews disappeared from the Web. Over the past few months, however, the same prolific purveyor of these phantom sites and reviews appears to be back at it again, enlisting the help of Internet users and paying people $25-$35 for each fake listing.
04/18/18 9:08 am
Hours after being alerted by KrebsOnSecurity, Facebook last week deleted almost 120 private discussion groups totaling more than 300,000 members who flagrantly promoted a host of illicit activities on the social media network's platform. The scam groups facilitated a broad spectrum of shady activities, including spamming, wire fraud, account takeovers, phony tax refunds, 419 scams, denial-of-service attack-for-hire services and botnet creation tools. The average age of these groups on Facebook's platform was two years.
04/16/18 3:38 pm
The latest Bosch AUTODOME IP range is the only camera with built-in Essential Video Analytics and a pan, tilt and zoom (PTZ) function.
10/01/17 11:17 am
We are entering a period of time when we are going to see an uptick in the number of security threats, both physical and in cyberspace. There is an increasing global unrest. Over the past few months what we’ve seen electorally, in the U.S., but also in Europe and in other parts of the world, has been a manifestation of that.
10/01/17 4:11 am
The Art Institute of Chicago hosts 1.5 million visitors annually, holds 300,000 works of art, serves as the venue for hundreds of private events every year and is a cornerstone of downtown Chicago tourism. All of these factors make security absolutely essential and absolutely challenging.
10/01/17 4:11 am
Iconic American architect Frank Lloyd Wright was commissioned to build a unique residential complex for Buffalo, New York, businessman Darwin D. Martin and his family between 1903 and 1905. Scholars consider the complex of six interconnected buildings as one of Wright’s finest achievements, but the history of the house has been a rocky one.
10/01/17 4:09 am
Bike thefts, drug abuse, assaults and other violent crimes, protest-counterprotest melees, and cyber hackers are crowding onto the ever-expanding plates of college and university police and security forces. But those in the field say they’re up to those myriad challenges thanks to the combination of equipment, technology and training they can bring to bear.
10/01/17 4:08 am
Microsoft has released new Spectre mitigations for Windows 10, which include Intel microcode fixes for CPUs running on Windows.
04/26/18 12:39 pm
Taking a “dirty deeds done dirt cheap” approach, the kit generates an initial malware payload for social-engineering spam campaigns for just $40 per month.
04/26/18 12:33 pm
Not just a miner, the malware also sets up a hidden default account with system administrator privileges, to be used for re-infection and further attacks.
04/26/18 11:21 am
Default configuration of WD’s My Cloud storage device keeps port open for unprivileged data exfiltration within a network.
04/25/18 1:42 pm
In an unusual move, Metamorfo abuses legitimate, signed Windows binaries to load the malicious code.
04/25/18 10:27 am
This Metasploit module exploits a Drupal property injection in the Forms API. Drupal versions 6.x, less than 7.58, 8.2.x, less than 8.3.9, less than 8.4.6, and less than 8.5.1 are vulnerable.
04/26/18 8:01 am
GitList version 0.6 unauthenticated remote code execution exploit.
04/26/18 7:57 am
Red Hat Security Advisory 2018-1254-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql56-mysql. Issues addressed include a ridiculous amount of unspecified vulnerabilities.
04/26/18 7:50 am
Red Hat Security Advisory 2018-1252-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed relate to speculative execution.
04/26/18 7:47 am
04/26/18 7:45 am