FEC: Campaigns Can Use Discounted Cybersecurity Services

Credit to Author: BrianKrebs| Date: Thu, 11 Jul 2019 20:41:21 +0000

The U.S. Federal Election Commission (FEC) said today companies can offer discounted cybersecurity services to political campaigns without running afoul of existing campaign finance laws, provided they already do the same for other non-political entities. The decision comes amid much jostling on Capitol Hill over election security at the state level, and fresh warnings from U.S. intelligence agencies about impending cyber attacks targeting candidates in the lead up to the 2020 election.

Read more

Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware

Credit to Author: BrianKrebs| Date: Tue, 04 Jun 2019 00:16:11 +0000

For almost the past month, key computer systems serving the government of Baltimore, Md. have been held hostage by a ransomware strain known as “Robbinhood.” Media publications have cited sources saying the Robbinhood version that hit Baltimore city computers was powered by “Eternal Blue,” a hacking tool developed by the U.S. National Security Agency (NSA) and leaked online in 2017. But new analysis suggests that while Eternal Blue could have been used to spread the infection, the Robbinhood malware itself contains no traces of it.

Read more

Supreme Court: Police Need Warrant for Mobile Location Data

Credit to Author: BrianKrebs| Date: Fri, 22 Jun 2018 20:30:13 +0000

The U.S. Supreme Court today ruled that the government needs to obtain a court-ordered warrant to gather location data on mobile device users. The decision is a major development for privacy rights, but experts say it may have limited bearing on the selling of real-time customer location data by the wireless carriers to third-party companies.

Read more

Why Is Your Location Data No Longer Private?

Credit to Author: BrianKrebs| Date: Sat, 26 May 2018 16:18:48 +0000

The past month has seen one blockbuster revelation after another about how our mobile phone and broadband providers have been leaking highly sensitive customer information, including real-time location data and customer account details. In the wake of these consumer privacy debacles, many are left wondering who’s responsible for policing these industries? How exactly did we get to this point? What prospects are there for changes to address this national privacy crisis at the legislative and regulatory levels? These are some of the questions we’ll explore in this article.

Read more

Fake News at Work in Spam Kingpin’s Arrest?

Credit to Author: BrianKrebs| Date: Tue, 11 Apr 2017 15:51:46 +0000

Over the past several days, many Western news media outlets have predictably devoured thinly-sourced reporting from a Russian publication that the arrest last week of a Russian spam kingpin in Spain was related to hacking attacks linked to last year’s U.S. election. While there is scant evidence that the spammer’s arrest had anything to do with the election, the success of that narrative is a sterling example of how the Kremlin’s propaganda machine is adept at manufacturing fake news, undermining public trust in the media, and distracting attention away from the real story.

Read more

WikiLeaks Dumps Docs on CIA’s Hacking Tools

Credit to Author: BrianKrebs| Date: Wed, 08 Mar 2017 18:39:11 +0000

WikiLeaks on Tuesday dropped one of its most explosive word bombs ever: A secret trove of documents apparently stolen from the U.S. Central Intelligence Agency (CIA) detailing methods of hacking everything from smart phones and TVs to compromising Internet routers and computers. KrebsOnSecurity is still digesting much of this fascinating data cache, but here are some first impressions based on what I’ve seen so far.

Read more

The Download on the DNC Hack


Over the past few weeks, I’ve been inundated with questions from readers asking why I haven’t written much about two stories that have consumed the news media of late: The alleged Russian hacking attacks against the Democratic National Committee (DNC) and, more recently, the discovery of malware on a laptop at a Vermont power utility that has been attributed to Russian hacker groups. I’ve avoided covering these stories mainly because I don’t have any original reporting to add to them, and because I generally avoid chasing the story of the day — preferring instead to focus on producing original journalism on cybercrime and computer security.

Read more