Author Archives: BrianKrebs

IBM Runs World’s Worst Spam-Hosting ISP?

October 21, 2015

This author has long sought to shame Web hosting and Internet service providers who fail to take the necessary steps to keep spammers, scammers and other online ne’er-do-wells off their networks. Typically, the companies on the receiving end of this criticism are little-known Internet firms. But according to anti-spam activists the title of the Internet’s most spam-friendly provider recently has passed to networks managed by IBM — one of the more recognizable and trusted names in technology and security.

Flash, Java Patches Fix Critical Holes

October 20, 2015

22 Comments

Adobe has issued a patch to fix a zero-day vulnerability in its Flash Player software. Separately, Oracle today released an update to plug more than two-dozen flaws in its Java software. Both programs plug directly into the browser and are highly targeted by malicious software and malefactors. Although Flash and Java are both widely installed, most users could probably ditch each program with little to no inconvenience or regret.

Don’t Be Fooled by Fake Online Reviews Part II

October 19, 2015

66 Comments

In July I wrote about the dangers of blindly trusting online reviews, especially for high-dollar services like moving companies. That piece told the story of Full Service Van Lines, a moving company that had mostly five-star reviews online but whose owners and operators had a long history of losing or destroying their customers’ stuff and generally taking months to actually ship the damaged goods it delivered. Last week, federal regulators shut the company down.

Adobe, Microsoft Push Critical Security Fixes

October 14, 2015

42 Comments

Adobe and Microsoft on Tuesday each released security updates to remedy critical vulnerabilities in their software. Adobe pushed patches to plug at least 56 security holes present in Adobe Reader and Acrobat, as well as a fix for Flash Player that corrects 13 flaws. Separately, Microsoft issued six update bundles to address at least 33 security problems in various versions of Windows, Microsoft Office and other software.

Hacker Who Sent Me Heroin Faces Charges in U.S.

October 13, 2015

110 Comments

A Ukrainian hacker who once hatched a plot to have heroin sent to my Virginia home and then alert police when the drugs arrived had his first appearance in a U.S. court today, after being extradited to the United States to face multiple cybercrime charges.

Arrest of Chinese Hackers Not a First for U.S.

October 13, 2015

8 Comments

The Washington Post reported last week that the Chinese government has quietly arrested a handful of hackers at the urging of the U.S. government, a move described as “an unprecedented step to defuse tensions with Washington at a time when the Obama administration has threatened economic sanctions.” While this a welcome and encouraging development, this is not the first time Beijing has arrested Chinese hackers in response to pressure from the U.S. government.

Credit Card Breach at America’s Thrift Stores

October 12, 2015

28 Comments

Another charity store chain has been hacked: America’s Thrift Stores, an organization that operates donations-based thrift stores throughout the southeast United States, said this week that it recently learned it was the victim of a malware-driven security breach that targeted software used by a third-party service provider.

At Experian, Security Attrition Amid Acquisitions

October 8, 2015

62 Comments

T-Mobile disclosed last week that some 15 million customers had their Social Security numbers and other personal data stolen thanks to a breach at Experian, the largest of the big American consumer credit bureaus. But this actually wasn’t the first time that a hacking incident at Experian exposed sensitive T-Mobile customer data, and that previous breach may hold important clues about what went wrong more recently.

What’s in a Boarding Pass Barcode? A Lot

October 6, 2015

124 Comments

The next time you’re thinking of throwing away a used boarding pass with a barcode on it, consider tossing the boarding pass into a document shredder instead. Two-dimensional barcodes and QR codes can hold a great deal of information, and the codes printed on airline boarding passes may allow someone to discover more about you, your future travel plans, and your frequent flyer account.

Trump Hotel Collection Confirms Card Breach

October 5, 2015

23 Comments

The Trump Hotel Collection, a string of luxury hotel properties tied to business magnate and now Republican presidential candidate Donald Trump, said last week that a year-long breach of its credit card system may have resulted in the theft of cards used at the hotels. The acknowledgement comes roughly three months after this author first reported that multiple financial institutions suspected the hotels were compromised.