About This Blog   |   Archives   |   RSS Feeds RSS Feed   (What's RSS?)

Archive: August 2008

FBI Warns of Hit Man Scam Resurgence

The FBI is warning people not to be disturbed by an e-mail scam that threatens your life and orders you to pay up to avoid being the target of a hired hit man. The FBI said its Internet Crime Complaint...

By Brian Krebs | August 29, 2008; 10:35 AM ET | Comments (19)

Report Slams U.S. Host as Major Source of Badware

Last week, I examined a series of Web services that make profiting from cyber crime a point-and-click exercise that even the most novice hackers can master. Today, I'd like to highlight the activities of Atrivo, a Concord, Calif., based network...

By Brian Krebs | August 28, 2008; 1:51 PM ET | Comments (70)

White House Imposes New Security Mandate for Federal Agencies

The Bush administration has ordered all federal agencies to adopt new measures to shore up the security of government Web sites, setting a January 2009 deadline for implementing the changes across all dot-gov domains. Agencies will be required to roll...

By Brian Krebs | August 27, 2008; 11:00 AM ET | Comments (15)

Web Fraud 2.0: Thwarting Anti-Spam Defenses

Spammers have made great strides this past year in defeating CAPTCHAs, the distorted text used as a security test to ensure a person and not a machine is behind a computer screen. But automated programs that spammers use to thwart...

By Brian Krebs | August 25, 2008; 7:00 AM ET | Comments (18)

Web Fraud 2.0: Distributing Your Malware

The allure of cyber crime lies in its promise of quick riches, much like that of the illegal drug trade. But building a network of hacked personal computers that can distribute your data-stealing malicious software is a time-consuming process that...

By Brian Krebs | August 22, 2008; 10:19 AM ET | Comments (10)

Opera Update Plugs Multiple Security Holes

Opera has released a software update that fixes at least seven security vulnerabilities in the Web browser program. Users may be prompted to update when they first launch the browser. Alternatively, Opera surfers can simply select "Help" and "Check for...

By Brian Krebs | August 21, 2008; 1:28 PM ET | Comments (5)

Web Fraud 2.0: Digital Forgeries

For businesses, positively identifying someone online - by name, or physical location - is extremely difficult. Many Internet firms seek to verify the identity of customers by requesting scanned copies of their driver's licenses, passports, or utility bills. But what...

By Brian Krebs | August 21, 2008; 7:00 AM ET | Comments (8)

Web Fraud 2.0: Validating Your Stolen Goods

If there is any truth to the old saying that there is no honor among thieves then it is doubly true for thieves who transact with one another yet never actually meet face-to-face. Perhaps that explains the popularity of certain...

By Brian Krebs | August 20, 2008; 7:00 AM ET | Comments (17)

Web Fraud 2.0: Cloaking Connections

These days, nearly every aspect of the underground online economy that supports commercial crime operations has been automated. Online forums and criminal social networking sites have long offered aspiring newbies tips on getting started. But a slew of extremely popular...

By Brian Krebs | August 19, 2008; 10:01 AM ET | Comments (5)

Q&A With FBI's Cyber Division Chief

At the end of the Black Hat hacker convention in Las Vegas a week ago Thursday, I had a few minutes to sit down with James Finch, head of the FBI's Cyber Division. What follows is an excerpted Q&A from...

By Brian Krebs | August 18, 2008; 11:44 AM ET | Comments (41)

Microsoft Patches 26 Security Holes

Microsoft today released updates to fix at least 26 security vulnerabilities in its Windows operating systems and other software. At least 17 of those flaws earned Microsoft's "critical" rating, meaning they could be exploited to break into vulnerable systems with...

By Brian Krebs | August 12, 2008; 4:01 PM ET | Comments (36)

New Tool to Automate Cookie Stealing from Gmail, Others

LAS VEGAS, NEV. -- If you use Gmail and haven't yet taken advantage of a feature Google 
unveiled last week to prevent hackers from hijacking your inbox, now would be an excellent time to do that. A security researcher at...

By Brian Krebs | August 10, 2008; 2:02 PM ET | Comments (22)

Georgian Web Sites Under Attack

As Russian bombs rained down on towns in separatist towns of the former Soviet republic of Georgia, hackers mounted a digital assault on the nation's top Web properties this week, knocking government Web sites offline and defacing others. According to...

By washingtonpost.com Editors | August 10, 2008; 12:05 AM ET | Comments (35)

Wireless Awareness: Don't Be A Sheep

LAS VEGAS, NEV. -- iPhones and other mobile devices with wireless access were among the top contributors to this year's "Wall of Sheep," a public shaming exercise debuting at the Black Hat security conference in Las Vegas this week that...

By washingtonpost.com Editors | August 8, 2008; 1:40 PM ET | Comments (16)

Researchers Warn of Social Networking Scams

LAS VEGAS, NEV. -- Social networking sites like Facebook, MySpace and LinkedIn are fast emerging as some of the most fertile grounds for malicious software, identity thieves and online mischief-makers. And while some of the talks given here at the...

By washingtonpost.com Editors | August 7, 2008; 5:30 PM ET | Comments (6)

Online Crime Gang Stole Millions

LAS VEGAS, NEV. -- To gain a grasp of just how badly organized cyber-crime groups are fleecing American banks and consumers, it may be instructive to look at the details released this week about the operations of a single online...

By washingtonpost.com Editors | August 7, 2008; 3:05 PM ET | Comments (5)

Kaminsky Details DNS Flaw at Black Hat Talk

LAS VEGAS, NEV. -- Roughly 85 percent of Fortune 500 companies have patched their networks to fix a security flaw that lets cyber criminals redirect visitors to counterfeit or malicious Web sites, but Internet users still remain at grave risk...

By washingtonpost.com Editors | August 7, 2008; 12:30 AM ET | Comments (9)

Microsoft to Open Kimono on Security Patches

In a bid to help the security industry stay a step ahead of cyber crooks, Microsoft will release additional details behind the vulnerabilities it patches each month to anti-virus companies and other large vendors of Windows security software. While Microsoft...

By Brian Krebs | August 5, 2008; 10:08 AM ET | Comments (4)

Apple Patches DNS Flaw and 16 Other Holes

Apple released updates to fix at least 17 different security holes in its OS X operating system and other software late Thursday, including a patch for the domain name system (DNS) vulnerability that many other affected vendors addressed nearly three...

By Brian Krebs | August 1, 2008; 9:45 AM ET | Comments (10)

 

©  The Washington Post Company