Archive: U.S. Government
Gov't Secrecy and the Mysterious Cyber Initative
The secrecy surrounding the Bush administration's updated National Cyber Security Initiative -- designed to improve the government's digital defenses and put forth an offensive information warfare doctrine -- is endangering the deterrent value of the project and appears to be...
By Brian Krebs | May 15, 2008; 03:50 PM ET | Comments (2)
Three Charged With Hacking Dave & Buster's Chain
Three men have been indicted for hacking into a number of cash registers at Dave & Buster's restaurant locations nationwide to steal data from thousands of credit and debit cards, data that was later sold or used to cause more...
By Brian Krebs | May 14, 2008; 05:15 PM ET | Comments (3)
Online Sellers: Beware of Fake Check Scams
If you sell enough stuff online at sites like Craigslist and eBay, eventually you will receive an offer for your wares that far exceeds your asking price. Such offers are often the first stage of a scam in which the...
By Brian Krebs | May 13, 2008; 11:30 AM ET | Comments (6)
Stepped Up Cyber Role for Spy Agencies
Read Brian Krebs's latest story on washingtonpost.com: "White House Plans Proactive Cyber-Security Role for Spy Agencies." America's spy agencies for the first time would be tasked with gathering intelligence on threats to the nation's computer networks under a policy set...
By washingtonpost.com Editors | May 2, 2008; 12:46 PM ET | Comments (7)
Cyber Justice Chronicles
Security Fix is launching a new feature today called Cyber Justice Chronicles, which will periodically provide short snippets of news about individuals who have been arrested or convicted of computer crime offenses. Law enforcement takes its share of lumps for...
By Brian Krebs | May 1, 2008; 05:15 PM ET | Comments (4)
A Case of Network Identity Theft?
Digital real estate leased to one of the Internet's oldest landholders appears to have been quietly seized by e-mail marketers closely associated with an individual once tagged by anti-spam groups as one of the world's most notorious spammers. What's remarkable...
By Brian Krebs | April 28, 2008; 06:35 PM ET | Comments (13)
A Shifting Definition of 'Severity'
Microsoft this week issued a study that examines the malicious software threat to Windows computers ... a report clearly written from the software giant's vantage point. While the report includes some interesting stats about which malware samples were most prevalent...
By Brian Krebs | April 22, 2008; 09:00 AM ET | Comments (1)
Identity Theft Smash & Grab, CEO Style
Tens of thousands of corporate executives were the target of a series of identity-theft scams this week, e-mail-borne schemes that appear to have netted close to 2,000 victims so far. Early Monday morning, according to two security experts with firsthand...
By Brian Krebs | April 15, 2008; 10:44 PM ET | Comments (30)
Online Banking: Do You Know Your Rights?
The financial industry in the United Kingdom recently reaffirmed a policy that holds online banking customers liable for losses if they fail to secure their personal computers against data-stealing computer viruses. While this policy may seem surprising or even draconian...
By Brian Krebs | April 10, 2008; 08:49 AM ET | Comments (27)
Get Paid to Find 'Back Doors'
A security research and training group is offering up to $20,000 in grants to anyone with computer programming chops who can help locate and close hidden "back doors" in commercial hardware and software. According to the Bethesda, Md.-based SANS Institute...
By Brian Krebs | April 9, 2008; 12:55 PM ET | Comments (7)
Consumers Report $239 Million Lost To Cyber Fraud In '07
U.S. consumers reported losing more than $239 million from online fraud last year, up from $198 million in 2006, according to data released today by the FBI. Internet auction fraud (35.7 percent) and merchandise non-delivery (24.9 percent) were the most...
By Brian Krebs | April 4, 2008; 12:49 PM ET | Comments (2)
Reach Out And Hack Someone
Gone are the days when telephones were dumb appliances that you simply plugged into the wall and forgot: Security researchers from one Internet security firm say they have located more than 100 vulnerabilities in hardware and software that powers the...
By Brian Krebs | April 3, 2008; 05:15 PM ET | Comments (10)
Secret Service Agent To Lead DHS Cyber Division
A cybercrime investigator at the U.S. Secret Service has been named to head the Department of Homeland Security's National Cyber Security Division, Security Fix has learned. Cornelius F. Tate, a graduate of University of Mississippi, currently heads up the Technical...
By Brian Krebs | April 3, 2008; 12:43 PM ET | Comments (1)
8.3 Million Records Spilled in Data Breaches This Year
At least 8.3 million personal and financial records of consumers were potentially compromised by data spills or breaches at businesses, universities and government agencies in the first quarter of 2008, according to statistics released today. The San Diego based Identity...
By Brian Krebs | April 2, 2008; 03:00 PM ET | Comments (7)
Cyber Attacks on the Campaign Trail
It is rare for the key topics typically covered in this blog -- cybercrime and computer security -- to be wielded as talking points by a major presidential candidate. But in a foreign policy speech last week, presumptive Republican Party...
By Brian Krebs | March 31, 2008; 03:08 PM ET | Comments (8)
The Curious Case of Dmitry Golubov
Earlier this month, Security Fix took a look at Dmitry Ivanovich Golubov, a Ukrainian politician once considered by U.S. law enforcement to be a top cybercrime boss. Golubov took rather strong exception to the way he was characterized in that...
By Brian Krebs | March 28, 2008; 10:50 AM ET | Comments (16)
U.S.-Based ISPs Count Known Terror Groups as Clients
Herndon, Va.-based Network Solutions said Wednesday that it suspended Hizbollah.org, an official site of Hezbollah, a Lebanese political and paramilitary group. Turns out, Network Solutions, which was one of the original firms in the domain registration business, was accepting payment...
By Brian Krebs | March 27, 2008; 04:46 PM ET | Comments (11)
White House Taps Tech Entrepreneur For Cyber Post
The Bush administration is planning to tap a Silicon Valley entrepreneur to head a new inter-agency group charged with coordinating the federal government's efforts to protect its computer networks from organized cyber attacks. Sources in the government contracting community said...
By Brian Krebs | March 19, 2008; 11:11 PM ET | Comments (1)
The FDIC Computer Intrusion Report
Last week, Security Fix featured the highlights from a non-public report by the Federal Deposit Insurance Corp. (FDIC) that examined a huge recent spike in the cost of computer intrusions for banks and consumers. I chose not to publish the...
By Brian Krebs | March 5, 2008; 10:12 AM ET | Comments (8)
Wall Street Reports Increase In PC Intrusions In '07
On Thursday, Security Fix featured an exclusive look at data pulled from an unreleased government report showing a steep increase in the amount of funds that banks, businesses and consumers lost last year due to computer hacking and malicious software...
By Brian Krebs | February 22, 2008; 09:40 AM ET | Email a Comment
Banks: Losses From Computer Intrusions Up in 2007
U.S. financial institutions reported a sizable increase last year in the number of computer intrusions that led to online bank account takeovers and stolen funds, according to data obtained by Security Fix. The data also suggest such incidents are becoming...
By Brian Krebs | February 20, 2008; 10:40 AM ET | Comments (19)
Research May Hasten Death of Mobile Privacy Standard
Researchers at a computer security conference in Washington, D.C. this week detailed a method for dramatically reducing the cost and time needed to crack the security that prevents eavesdropping of GSM-based mobile phones. The weaknesses in the GSM encryption technology...
By Brian Krebs | February 19, 2008; 12:52 PM ET | Comments (24)
Fake Prez. Campaign Video Spreads Malware
Spammers are taking advantage of public awareness about the U.S. presidential race to trick people into installing malicious software. A recent blast of spam purports to contain links to a video of Sen. Hillary Clinton (D-N.Y.) on the campaign trail,...
By Brian Krebs | February 14, 2008; 04:50 PM ET | Comments (9)
Report: TSA Site Exposed Travelers To ID Theft
A House of Representatives panel yesterday released a damning report about a Transportation Security Administration Web site built to address grievances from travelers errantly flagged by the government's no-fly list. It conlucded that cronyism and a lack of oversight exposed...
By Brian Krebs | January 12, 2008; 09:15 AM ET | Comments (59)
Sears's Privacy Promises Broken?
Sears is having a bit of a rough day with the privacy community. The company got off to a rocky start with revelations that many customers who gave Sears their personal details after shopping at the company's Web site also...
By Brian Krebs | January 3, 2008; 06:40 PM ET | Comments (72)
Feds Put More Botmasters, Phishers Behind Bars
The FBI today released details of several cybercrime cases against individuals accused of defrauding banks, companies and consumers of more than $20 million with the help of "botnets," large groupings of hijacked personal computers. The computer crime crackdown is Part...
By Brian Krebs | November 29, 2007; 01:00 PM ET | Comments (17)
MPAA University 'Toolkit' Raises Privacy Concerns
The Motion Picture Association of America is urging some of the nation's largest universities to deploy custom software designed to pinpoint students who may be using the schools' networks to illegally download pirated movies. A closer look at the MPAA's...
By Brian Krebs | November 23, 2007; 06:30 AM ET | Comments (105)
Security Pro Admits to Hijacking PCs for Profit
A Los Angeles security professional has admitted to infecting more than a quarter million computers with malicious software and installing spyware that was used to steal personal data and serve victims with online advertisements. John Kenneth Schiefer, 26, variously known...
By Brian Krebs | November 10, 2007; 06:03 PM ET | Comments (140)
Russian Business Network: Down, But Not Out
A major Russian Internet service provider whose client list amounted to a laundry list of organized cyber crime operations appears to have closed shop. But security experts caution that there are signs that the highly profitable network may already be...
By Brian Krebs | November 7, 2007; 12:31 PM ET | Comments (11)
Deconstructing the Fake FTC E-mail Virus Attack
A targeted e-mail virus disguised as an identity theft inquiry from the Federal Trade Commission appears to have successfully compromised more than 500 PCs, including victims at banks, real estate brokerages, law firms and marketing companies. Each of the victims...
By Brian Krebs | November 5, 2007; 06:00 AM ET | Comments (28)
'Net Governance Body Punts On WHOIS Privacy
The nonprofit organization that manages the Internet's domain-name system has voted to punt on a proposed change to the global WHOIS database of Web site name registrants. The changes would have given Web site owners the ability to shield their...
By Brian Krebs | October 31, 2007; 04:20 PM ET | Comments (14)
Calculating the Costs of Cyber Crime
On Monday, Security Fix looked at figures published by the Justice Department suggesting that the FBI had between 3 and 6 percent of its field agents dedicated to fighting cyber crime. On the surface, that number may seem low for...
By Brian Krebs | September 27, 2007; 11:25 AM ET | Comments (6)
Is Cyber Crime Really the FBI's No. 3 Priority?
The Federal Bureau of Investigation says that its No. 3 priority is protecting the United States "against cyber-based attacks and high-technology crimes." Given the increasing pervasiveness and costs associated with such crime, FBI Director Robert Mueller should be commended for...
By Brian Krebs | September 24, 2007; 03:14 PM ET | Comments (16)
Attacks Prompt Update for 'Tor' Anonymity Network
One of the best-known and free services for helping Internet users maintain their anonymity online - a network known simply as "Tor" -- suffered an attack this past week that may have exposed the identities of thousands of users. The...
By Brian Krebs | August 8, 2007; 02:00 PM ET | Comments (1)
LexisNexis Warns of Consumer Database Breaches
Last month, Security Fix wrote that scam artists were trying to steal the login credentials that law enforcement officers use to access their accounts at Accurint, a database operated by LexisNexis owner ReedElsevier that contains highly detailed and personal files...
By Brian Krebs | June 21, 2007; 09:34 AM ET | Comments (6)
DHS to Answer for Hundreds of Cyber Break-Ins
The Department of Homeland Security's chief information officer is expected to receive a tongue-lashing from lawmakers on Capitol Hill Wednesday, where an oversight committee will present data showing hundreds of digital break-ins and shoddy security practices at the very agency...
By Brian Krebs | June 19, 2007; 05:15 PM ET | Comments (18)
House Approves Anti-Caller ID Spoofing Bill
The U.S. House of Representatives on Wednesday approved legislation that would make it a crime for someone to fake their phone's outgoing Caller ID information for nefarious purposes. The "Truth in Caller ID Act of 2007" would make it "unlawful...
By Brian Krebs | June 14, 2007; 05:01 PM ET | Comments (8)
Spy vs. I-Spy: A Tale of Dueling Anti-Spyware Bills
The House of Representatives last week passed a bill called the "I-SPY Act" -- a.k.a. the "Internet Spyware Prevention Act of 2007." I believe it's important to highlight the benefits and limitations of this measure. For starters, I-SPY is an...
By Brian Krebs | May 29, 2007; 08:43 AM ET | Comments (3)
Tuning Up Uncle Sam's Cyber Crime Laws
Lawmakers in the House of Representatives on Monday introduced a bill that seeks to modernize the nation's computer crime laws and give prosecutors more leeway and resources in going after cyber crooks. The Cyber-Security Enhancement Act of 2007, authored by...
By Brian Krebs | May 15, 2007; 11:34 AM ET | Comments (4)
