Credit to Author: BrianKrebs| Date: Wed, 12 Apr 2017 14:23:15 +0000
Adobe and Microsoft separately issued updates on Tuesday to fix a slew of security flaws in their products. Adobe patched dozens of holes in its Flash Player, Acrobat and Reader products. Microsoft pushed fixes to address dozens of vulnerabilities in Windows and related software.
Read more
Credit to Author: BrianKrebs| Date: Tue, 11 Apr 2017 15:51:46 +0000
Over the past several days, many Western news media outlets have predictably devoured thinly-sourced reporting from a Russian publication that the arrest last week of a Russian spam kingpin in Spain was related to hacking attacks linked to last year’s U.S. election. While there is scant evidence that the spammer’s arrest had anything to do with the election, the success of that narrative is a sterling example of how the Kremlin’s propaganda machine is adept at manufacturing fake news, undermining public trust in the media, and distracting attention away from the real story.
Read more
Credit to Author: BrianKrebs| Date: Mon, 10 Apr 2017 04:17:09 +0000
Authorities in Spain have arrested a Russian computer programmer thought to be one of the world’s most notorious spam kingpins. Spanish police arrested Pyotr Levashov under an international warrant executed in the city of Barcelona, according to Reuters. Russian state-run television station RT (formerly Russia Today) reported that Levashov was arrested while vacationing in Spain with his family. According to numerous stories here at KrebsOnSecurity, Levashov was better known as “Severa,” the hacker moniker used by a pivotal figure in many popular Russian-language cybercrime forums. Severa was the moderator for the spam subsection of multiple online communities, and in this role served as the virtual linchpin connecting virus writers with huge spam networks that Severa allegedly created and sold himself.
Read more
Credit to Author: BrianKrebs| Date: Fri, 07 Apr 2017 16:57:11 +0000
Video game giant GameStop Corp. [NSYE: GME] says it is investigating reports that hackers may have siphoned credit card and customer data from its website — gamestop.com. The company acknowledged the investigation after being contacted by KrebsOnSecurity.
Read more
Credit to Author: BrianKrebs| Date: Thu, 06 Apr 2017 14:22:55 +0000
The author of a banking Trojan called Nuclear Bot — a teenager living in France — recently released the source code for his creation just months after the malware began showing up for sale in cybercrime forums. Now the young man’s father is trying to convince him not to act on a job offer in the United States, fearing it may be a trap set by law enforcement agents.
Read more
Credit to Author: BrianKrebs| Date: Tue, 04 Apr 2017 18:41:33 +0000
“He built a piece of software. That tool was pirated and abused by hackers. Now the feds want him to pay for the computer crooks’ crimes.” The above snippet is the subhead of a story published last month by the Daily Beast titled “FBI Arrests Hacker Who Hacked No One.” The subject of that piece — a 26-year-old American named Taylor Huddleston — faces felony hacking charges connected to two computer programs he authored and sold: An anti-piracy product called Net Seal, and a Remote Administration Tool (RAT) called NanoCore that he says was a benign program designed to help users remotely administer their computers. The author of the Daily Beast story, former black hat hacker and Wired.com editor Kevin Poulsen, argues that Huddelston’s case “raises a novel question: When is a programmer criminally responsible for the actions of his users? Some experts say [the case] could have far reaching implications for developers, particularly those working on new technologies that criminals might adopt in unforeseeable ways.” But a closer look at the government’s side of the story — as well as public postings left behind by the accused and his alleged accomplices — paints a more complex and nuanced picture that suggests this may not be the case to raise that legal question in a meaningful way.
Read more
Credit to Author: BrianKrebs| Date: Fri, 31 Mar 2017 16:33:24 +0000
Once you understand how easy and common it is for thieves to attach “skimming” devices to ATMs and other machines that accept debit and credit cards, it’s difficult not to closely inspect and even tug on the machines before using them. Several readers who are in the habit of doing just that recently shared images of skimmers they discovered after gently pulling on various parts of a cash machine they were about to use.
Read more
Credit to Author: BrianKrebs| Date: Thu, 30 Mar 2017 21:33:48 +0000
Many readers are understandably concerned about recent moves by the U.S. Congress that would roll back privacy rules barring broadband Internet service providers (ISPs) from sharing or selling customer browsing history, among other personal data. Some are concerned enough by this development that they’re looking at obfuscating all of their online browsing by paying for a subscription to a virtual private networking (VPN) service. This piece is intended to serve as a guidepost for those contemplating such a move.
Read more