Brian Krebs – Page 2 – WindowsTechs.com

Massive botnet chews through 20,000 WordPress sites

Posted on December 10, 2018 by Danny Bradbury

Attackers have infected 20,000 WordPress sites by brute-forcing administrator usernames and passwords. Continue reading Massive botnet chews through 20,000 WordPress sites→

Hacker says USPS ignored serious security flaw for over a year

Posted on November 23, 2018 by John E Dunn

A security researcher claims the US Postal Service ignored a security flaw affecting 60 million users, until it was contacted by a journalist. Continue reading Hacker says USPS ignored serious security flaw for over a year→

The key to protecting the midterms is resilience for election systems, experts say

Posted on October 18, 2018 by Zaid Shoorbajee

With less than three weeks until the midterm elections, a lot of work has gone into preparing for the threat of election interference. But experts speaking at the CyberTalks conference on Thursday acknowledged that disaster could still strike, and that the officials who run U.S. elections have to be armed with proper resources and resilient systems. “We’re not seeing activity right now relating to direct election hacking. We’re not seeing anything right now along the lines of 2016, and that frankly makes me a little nervous,” said Homeland Security Undersecretary Chris Krebs. “So we’re working aggressively with our partners, the state and local [officials] to work through what an adversary could do with a two-and-a-half-week lead-up to the midterm elections.” U.S. intelligence officials have stressed over the past two years that Russia attempted to interfere in the 2016 election. Krebs said the hope is now to avoid a “failure of […]

The post The key to protecting the midterms is resilience for election systems, experts say appeared first on Cyberscoop.

Continue reading The key to protecting the midterms is resilience for election systems, experts say→

Krebs/Sager interview on supply chain security

Posted on October 13, 2018 by David Harley

Brian Krebs interview with Tony Sager, on supply chain security.
The post Krebs/Sager interview on supply chain security appeared first on Security Boulevard.
Continue reading Krebs/Sager interview on supply chain security→

Teen hacker admits to SWATting schools, airline flight

Posted on September 7, 2018 by Lisa Vaas

The teenager made bomb threats to schools, and to a flight between the UK and San Francisco while it was in mid-air. Continue reading Teen hacker admits to SWATting schools, airline flight→

Mobile spyware maker mSpy leaks millions of records – AGAIN

Posted on September 6, 2018 by Lisa Vaas

The irony: Parents put it on kids’ phones to protect them, but this breach exposed sensitive data including Whatsapp and Facebook messages. Continue reading Mobile spyware maker mSpy leaks millions of records – AGAIN→

Google hasn’t suffered an employee phishing compromise in over a year

Posted on July 24, 2018 by John E Dunn

Phishing attackers have failed to compromise a single employee account at Google since the company mandated authentication using U2F hardware tokens in early 2017. That’s the remarkable claim made to security writer Brian Krebs. Continue reading Google hasn’t suffered an employee phishing compromise in over a year→

Sextortion and leaked passwords

Posted on July 15, 2018 by David Harley

Sextortion scammers exploit a long-gone password leak to convince victims they know more than they really do.
The post Sextortion and leaked passwords appeared first on Security Boulevard.
Continue reading Sextortion and leaked passwords→

LocationSmart bug allowed for leak of location data for nearly any U.S. phone

Posted on May 18, 2018 by Zaid Shoorbajee

A company that provides other companies with cell phone location-tracking services had an API on its website that inadvertently allowed anyone to freely look up the location of almost any cell phone in the United States. The bug was in a demo that the company, LocationSmart, posted on its website. The demo was to show people that it could approximate their phones’ locations using nearby cell towers. A report published Thursday by independent security journalist Brian Krebs shows that it would have been easy for someone to abuse the demo to secretly locate nearly any U.S. phone. LocationSmart is a location-as-a-service company that gives its customers the ability to “track assets, connect with employees and engage with customers through one secure interface,” according to its website. The demo sent a text message to a device to get permission from its owner before pinging the nearest cell phone tower in order to send […]

The post LocationSmart bug allowed for leak of location data for nearly any U.S. phone appeared first on Cyberscoop.

Continue reading LocationSmart bug allowed for leak of location data for nearly any U.S. phone→

Facebook crime forums existed unchallenged for up to nine years

Posted on April 18, 2018 by Graham Cluley

Cybersecurity blogger Brian Krebs spent just a couple of hours last week hunting for the Facebook forums used by fraudsters, and what he discovered is alarming.
Continue reading Facebook crime forums existed unchallenged for up to nine years→