‘Money Mule’ Gangs Turn to Bitcoin ATMs

Fraudsters who hack corporate bank accounts typically launder stolen funds by making deposits from the hacked company into accounts owned by “money mules,” willing or unwitting dupes recruited through work-at-home job scams. The mules usually are then asked to withdraw the funds in cash and wire the money to the scammers. Increasingly,…

Inside Arizona’s Pump Skimmer Scourge

Crooks who deploy skimming devices made to steal payment card details from fuel station pumps don’t just target filling stations at random: They tend to focus on those that neglect to deploy various tools designed to minimize such scams, including security cameras, non-standard pump locks and tamper-proof security tape. But don’t…

The Democratization of Censorship

John Gilmore, an American entrepreneur and civil libertarian, once famously quipped that “the Internet interprets censorship as damage and routes around it.” This notion undoubtedly rings true for those who see national governments as the principal threats to free speech. However, events of the past week have convinced me that…

KrebsOnSecurity Hit With Record DDoS

On Tuesday evening, KrebsOnSecurity.com was the target of an extremely large and unusual distributed denial-of-service (DDoS) attack designed to knock the site offline. The attack did not succeed thanks to the hard work of the engineers at Akamai, the company that protects my site from such digital sieges. But according to…

DDoS Mitigation Firm Has History of Hijacks

Last week, KrebsOnSecurity detailed how BackConnect Inc. — a company that defends victims against large-scale distributed denial-of-service (DDoS) attacks — admitted to hijacking hundreds of Internet addresses from a European Internet service provider in order to glean information about attackers who were targeting BackConnect. According to an exhaustive analysis of historic…

Adobe, Microsoft Push Critical Updates

Adobe and Microsoft on Tuesday each issued updates to fix multiple critical security vulnerabilities in their software. Adobe pushed a patch that addresses 29 security holes in its widely-used Flash Player browser plug-in. Microsoft released some 14 patch bundles to correct at least 50 flaws in Windows and associated software, including a…

r2con

During the last couple of days in Barcelona, at the aurea social, everyone was at the r2con, to celebrate the 10th birthday of radare2! It was an amazing 3-days event, which first day was dedicated to trainings, while the two others were all about interesting/fancy/weird talks! We did our very…

Congressional Report Slams OPM on Data Breach

The massive data breach at the U.S. Office of Personnel Management (OPM) that exposed background investigations and fingerprint data on millions of Americans was the result of a cascading series of cybersecurity blunders from the agency’s senior leadership on down to the outdated technology used to secure the sensitive data, according to a…