brian-krebs

Remember the security breach at Target where more than 40 million credit card numbers were hacked? It was Brian Krebs who broke the story. He’s a cybercrime and security reporter. 

In order to do his work, Krebs has learned computer code, the Russian language and how to get onto black market websites and cybercrime networks. And cyber criminals who don’t appreciate his work have found creative and frightening ways to harass him, including calling in a fake hostage situation:

“In March of last year, a heavily armed police force showed up at my home à propos of nothing. They call it "swatting.” Somebody had called in a fake hostage situation at my home. They said Russians had broken into my home and shot my wife and that I was hiding in the closet, send guns and forces to get these guys out of my house.

They showed up… [The swat team] had me put my hands up… walk down my front stoop backwards. [They] handcuffed me and put me in the squad car and this is happening at about five, quarter-to-six in the evening on a week day so all the people trying to come home from work, the police had barricaded the entrance to our neighborhood. People are staring out their windows. It was quite a scene.“

Photo - Daniel Rosenbaum for The New York Times

krebsonsecurity.com
What’s Your Security Maturity Level? — Krebs on Security

waiting to get pwned

Very often, experience is the best teacher here: Data breaches have a funny way of forcing organizations — kicking and screaming — from one vertical column to another in the Security Maturity matrix. Much depends on whether the security professionals in the breached organization have a plan (ideally, in advance of the breach) and the clout for capitalizing on the brief post-breach executive attention on security to ask for changes and resources that can assist the organization in learning from its mistakes and growing.

Laz’s security maturity hierarchy includes five levels:

Level 1 – Information Security processes are unorganized, and may be unstructured. Success is likely to depend on individual efforts and is not considered to be repeatable or scalable. This is because processes would not be sufficiently defined and documented to allow them to be replicated.

Level 2 – Information Security efforts are at a repeatable level where basic project management techniques are established and successes can be repeated. This is due to processes being established, defined, and documented.

Level 3 – Information Security efforts have greater attention to documentation, standardization, and maintenance support.

Level 4 – At this level, an organization monitors and controls its own Information Security processes through data collection and analysis.

Level 5 – This is an optimizing level where Information Security processes are constantly being improved through monitoring feedback from existing processes and introducing new processes to better serve the organization’s particular needs.

Mr. Krebs — a former reporter at The Washington Post who taught himself to read Russian while jogging on his treadmill and who blogs with a 12-gauge shotgun by his side — is so entrenched in the digital underground that he is on a first-name basis with some of Russia’s major cybercriminals. Many call him regularly, leak him documents about their rivals, and try to bribe and threaten him to keep their names and dealings off his blog.
—  Brian Krebs, security journalist and all-around interesting character, gets his New York Times profile. You might know him from such work as the Target breach and the Adobe breach.
U.S. Charges 3 With Running Huge Cyberfraud Ring That Stole 1 Billion Email Addresses

U.S. Charges 3 With Running Huge Cyberfraud Ring That Stole 1 Billion Email Addresses

A lock icon, signifying an encrypted Internet connection, is seen on an Internet Explorer browser in a photo illustration in Paris April 15, 2014. (PHOTO CREDIT: Reuters/Mal Langsdon)

Two Vietnamese citizens and a Canadian have been charged with running a massive cyberfraud ring that stole 1 billion email addresses, then sent spam offering knockoff software products, the U.S. Department of…

View On WordPress

U.S. charges three in ring that stole one billion email addresses

By Lindsay Dunsmuir and Jim Finkle WASHINGTON/BOSTON (Reuters) - Two Vietnamese citizens and a Canadian have been charged with running a massive cyberfraud ring that stole 1 billion email addresses, then sent spam offering knockoff software products, the U.S. Department of Justice said on Friday. The Justice Department described the hacking spree as “one of the largest” data breaches uncovered in U.S. history. It declined to name the email companies that were victimized, though it appeared that the breaches included a massive 2011 attack on email marketing firm Epsilon. Security blogger Brian Krebs reported that Epsilon, a unit of Alliance Data Systems Corp, was among the victims. http://dlvr.it/8sHmXD

Will authentication evolve beyond the basics?

Will authentication evolve beyond the basics?

Writing for The Guardian, journalist Andy Meek questions if increasing cyber attacks ultimately mean the end of username and password security.

“The username and password has long been the basic set of authentication credentials that grants access into computer and web-based systems and networks,” he explains.

“But in light of recent data breaches, at least one regulator – New York State’s…

View On WordPress

I absolutely love online shopping, but I was a little unnerved last week when I received an unexpected email from Target notifying me that my personal
information may have been obtained by unauthorized persons due to a recent security breach.
 

Read the Story on My Personal Blog Here

 My first  thought…Seriously ? Glad I did not start boycotting Walmart yet- Upon reading the email and further investigation, I learned that Target’s 

website had been hacked and over 40 million customers’ information including credit card info, addresses, phone numbers, names, and email 
addresses had been compromised.
 

Hackers hate the guy that helped expose the breach, but online shoppers should really love Brian Krebs. Why should you love him? He helps keep online shoppers safe from cyber crime.

Click Here for More Details… 

Happy Shopping!

With Luv,

Quinta Nicole
“Online Success Coach" 

Connect with me on Facebook —–>> http://www.Facebook.com/QuintaNicole 

Adobe Flash Plagued by More Critical Zero-Days

Adobe Flash Plagued by Zero-Days

In what seems like a recurring nightmare for Adobe, yet another zero-day vulnerability has been discovered recently. According to Adobe, “a critical vulnerability (CVE-2015-0311) exists in Adobe Flash Player 16.0.0.287 and earlier versions for Windows and Macintosh,” and “successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. We are…

View On WordPress

Security researcher : appliances infiltrated behind the attacks of pirates "lizard squad"

Security researcher : appliances infiltrated behind the attacks of pirates “lizard squad”

A security researcher published results report reveals big traffic sources used by pirates “Lizard Squad” when directing attacks distributed denial of service DDoS, which cause the disruption of websites targeted for action.

And security researcher, Brian Krebs, the pirates “lizard squad” have developed malicious software to control the Internet routers routers are enough, and especially those…

View On WordPress

La policia de Reino Unido arresta a miembro del grupo de hackers Lizard Squad

Policia de #ReinoUnido arresta a miembro hacker de #LizardSquad - #PSN #XboxLive #videojuegos #internet #latism

Un miembro del grupo de hackers Lizard Squad fue arrestado en conexión con el hackeo de redes de video juegos PlayStation Network y Xbox Live.

Vinnie Omari, uno de los hackers que atribuyó la responsabilidad del ataque en ambos servicios de video juegos, fue detenido ayer “por sospecha de fraude por falsa representación y delito de la Ley de Mal Uso de Computadoras” por agentes de la Unidad de…

View On WordPress

Instead Of A Real Response, Perennially Hacked Sony Is Acting Like A Spoiled Teenager

Instead Of A Real Response, Perennially Hacked Sony Is Acting Like A Spoiled Teenager

Jody Westby

This article by Jody Westby is spot on.  Understanding and actions of the recording industry are often beyond primitive, their actions reflect their aversion to transparency, negative publicity and their dependence on self-serving practices.  Their business models are dead, yet they insist on pushing their antiquated agenda.  The Sony hackers, whoever and wherever they may be, have…

View On WordPress

krebsonsecurity.com
Brian Krebs in Focus of Cybercrime Underground

Over the past six months, “fans” of this Web site and its author [Brian Krebs] have shown their affection in some curious ways. One called in a phony hostage situation that resulted in a dozen heavily armed police surrounding my home. Another opened a $20,000 new line of credit in my name. Others sent more than $1,000 in bogus PayPal donations from hacked accounts. Still more admirers paid my cable bill for the next three years using stolen credit cards. Malware authors have even used my name and likeness to peddle their wares.

But the most recent attempt to embarrass and fluster this author easily takes the cake as the most elaborate: Earlier this month, the administrator of an exclusive cybercrime forum hatched and executed a plan to purchase heroin, have it mailed to my home, and then spoof a phone call from one of my neighbors alerting the local police.

ANONYMOUS HACKER GROUP TO STRIKE SOON

According to TechNews Daily Anonymous and an Islamic Group plan strikes on May 7 on various US banks and institutions.For more on the Story—> ANONYMUS TO STRIKE TOMMORROW

Related articles

View Post