Category Archives: A Little Sunshine

Includes investigative blog posts meant to shine a light on the darker corners of the Internet.

Immunet: A Second Opinion Worth a Second Look

April 14, 2010

Security experts have long maintained that running two different anti-virus products on the same Windows machine is asking for trouble, because the two programs will compete for resources, slow down or even crash the host PC.

But an upstart anti-virus company called Immunet Protect is hoping Windows users shrug off this conventional wisdom, and embrace the dual anti-virus approach. Indeed, the company’s free product works largely by sharing data about virus detections by other anti-virus products on the PCs of the Immunet user community.

TrendMicro Toolbar + Long URL = Fail

April 12, 2010

24 Comments

Many anti-virus products — particularly the “Internet security suite” variety — now ship with various Web browser toolbars, plug-ins and add-ons designed to help protect the customer’s personal information and to detect malicious Web sites. Unfortunately, if designed poorly, these browser extras can actually lower the security posture of the user’s system by introducing security and stability issues.

Hundreds of WordPress Blogs Hit by ‘Networkads.net’ Hack

April 9, 2010

33 Comments

A large number of bloggers using Wordpress are reporting that their sites were recently hacked and redirecting visitors to a page that tries to install malicious software.

ISP Privacy Proposal Draws Fire

April 7, 2010

34 Comments

A proposal to let Internet service providers conceal the contact information for their business customers is drawing fire from a number of experts in the security community, who say the change will make it harder to mitigate the threat from botnets and malicious software.

Computer Crooks Steal $100,000 from Ill. Town

April 6, 2010

32 Comments

A rash of home foreclosures and abandoned dwellings had already taken its toll on the tax revenue for the Village of Summit, a town of 10,000 just outside Chicago. Then, in March, computer crooks broke into the town’s online bank account, making off with nearly $100,000.

e-Banking Guidance for Banks & Businesses

April 6, 2010

14 Comments

One bit of criticism I’ve heard about my stories on small businesses losing their shirts over online banking fraud is that I don’t often enough point out what banks and customers should be doing differently to lessen the chance of suffering one of these incidents. As it happens, a source of mine was recently at a conference where one of the key speakers was a senior official from the Office of the Comptroller of the Currency, one of the main banking industry regulators.

SpyEye vs. ZeuS Rivalry

April 1, 2010

20 Comments

It’s common for malware writers to taunt one another with petty insults nested within their respective creations. Competing crime groups also often seek to wrest infected machines from one another. A very public turf war between those responsible for maintaining… Read More »

Spam Site Registrations Flee China for Russia

March 31, 2010

17 Comments

A crackdown by the Chinese government on anonymous domain name registrations has chased spammers from Chinese registrars (.cn) to those that handle the registration of Russian (.ru) Web site names, new spam figures suggest. Yet, those spammy domains may soon migrate to yet another country, as Russia is set to enforce a policy similar to China’s beginning April 1.

Would You Have Spotted this ATM Fraud?

March 25, 2010

91 Comments

The stories I’ve written on ATM skimmers — devices criminals sometime attach to bank money machines to steal customer data — remain the most popular at Krebs on Security so far. I think part of the public’s fascination with these devices is rooted in the idea that almost everyone uses ATMs, and that it’s entirely possible to encounter this quiet, unassuming type of crime right in very neighborhoods in which we live. Indeed, police in Alexandria, Va. — just a couple of miles to the East of where I live — recently were alerted to the skimmer found on an ATM at a Wachovia Bank there.

Cybersecurity Policy Roundup

March 24, 2010

21 Comments

There are several cybersecurity policy issues on Capitol Hill and elsewhere worth keeping an eye on. Lawmakers in the Senate have introduced a measure that would call for trade restrictions against countries identified as hacker havens. Another proposal is meeting resistance from academics who worry about the effect of the bill’s mandatory certification programs for cyber security professionals.