Skip to main content

Joker’s Stash Carding Market t

Joker’s Stash, by some accounts the largest underground shop for selling stolen credit card and identity data, says it’s closing up shop effective mid-February 2021. The announcement came on the heels of a turbulent year for the major cybercrime store, and just weeks after U.S. and European authorities seized a number of its servers. A […]

The Library of Congress Web Ar...

The Library of Congress Web Archiving Team Goes Agile

Today’s guest post is from Grace Thomas, Senior Digital Collections Specialist on the Library of Congress Web Archiving Team. You can read more about the Web Archiving Team right here on the Signal. In the web archiving community, we build the plane and fly it simultaneously. While this pattern is present in most disciplines, web […]

Microsoft Patch Tuesday, Janua...

Microsoft today released updates to plug more than 80 security holes in its Windows operating systems and other software, including one that is actively being exploited and another which was disclosed prior to today. Ten of the flaws earned Microsoft’s most-dire “critical” rating, meaning they could be exploited by malware or miscreants to seize remote […]

SolarWinds: What Hit Us Could ...

New research into the malware that set the stage for the megabreach at IT vendor SolarWinds shows the perpetrators spent months inside the company’s software development labs honing their attack before inserting malicious code into updates that SolarWinds then shipped to thousands of customers. More worrisome, the research suggests the insidious methods used by the […]

Exploring the Past with Sanbor...

Walk the streets of any U.S. city today, and you might come across historic markers or masonry etchings indicating what the buildings used to be. It is always fascinating to learn what our neighborhoods, cities, and towns used to be —factories turned residences, street names changed, the places and spaces our predecessors lived, ate, and […]

Ubiquiti: Change Your Password...

Ubiquiti, a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. The company says an incident at a third-party cloud provider may have exposed customer account information and credentials used to remotely […]

Sealed U.S. Court Records Expo...

The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo released Wednesday by the Administrative Office (AO) of the U.S. Courts. The judicial branch agency said […]

All Aboard the Pequod!

Like countless others, I frittered away the better part of Jan. 6 doomscrolling and watching television coverage of the horrifying events unfolding in our nation’s capital, where a mob of President Trump supporters and QAnon conspiracy theorists was incited to lay siege to the U.S. Capitol. For those trying to draw meaning from the experience, […]

Library Professionals Saving T...

On this week’s Princh Library Blog post guest writer Anne Reddacliff, Australian librarian, shares the initiatives of the ALIA Sustainable Libraries Group to save the planet. The group saving the planet At ALIA Sustainable Libraries Group our aim is not just to help libraries and librarians with green initiatives but to help them save the […]

Hamas May Be Threat to 8chan, ...

In October 2020, KrebsOnSecurity looked at how a web of sites connected to conspiracy theory movements QAnon and 8chan were being kept online by DDoS-Guard, a dodgy Russian firm that also hosts the official site for the terrorist group Hamas. New research shows DDoS-Guard relies on data centers provided by a U.S.-based publicly traded company, […]

Happy 11th Birthday, KrebsOnSe...

Today marks the 11th anniversary of KrebsOnSecurity! Thank you, Dear Readers, for your continued encouragement and support! With the ongoing disruption to life and livelihood wrought by the Covid-19 pandemic, 2020 has been a fairly horrid year by most accounts. And it’s perhaps fitting that this was also a leap year, piling on an extra […]

Volunteer Vignette: We’re all

In today’s post, Sam Schireson interviews a By the People volunteer, Judith, who has gone above and beyond! By the People is a crowdsourced transcription program launched in 2018 at the Library of Congress. Volunteer-created transcriptions are used to make digitized collections more accessible and discoverable on loc.gov. You can read our other Volunteer Vignette on the Signal […]

VMware Flaw a Vector in SolarW...

U.S. government cybersecurity agencies warned this week that the attackers behind the widespread hacking spree stemming from the compromise at network software firm SolarWinds used weaknesses in other, non-SolarWinds products to attack high-value targets. According to sources, among those was a flaw in software virtualization platform VMware, which the U.S. National Security Agency (NSA) warned […]

Can you help? Seeking people t...

Experimenting toward the Digital Strategy Visualization of the American English Dialect Recordings Collection (held by the American Folklife Center) in Citizen DJ, a recent experiment from LC Labs. In LC Labs we work collaboratively across the Library of Congress, and with external partners, to advance and the agency’s Digital Strategy. We do this through experimentation, […]

Silver Linings

On this week’s Princh Library Blog post we have guest writer Stephen Abram sharing his thoughts on how the ongoing Covid-19 pandemic has affected libraries, and how libraries can adopt to create the “new norm”. What we learnt A few things are clear now: The COVID-19 crisis and the attendant behavioural changes will last a […]

Malicious Domain in SolarWinds...

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned. Austin, Texas-based SolarWinds disclosed this week that a compromise […]

SolarWinds Hack Could Affect 1...

The still-unfolding breach at network management software firm SolarWinds may have resulted in malicious code being pushed to nearly 18,000 customers, the company said in a legal filing on Monday. Meanwhile, Microsoft should soon have some idea which and how many SolarWinds customers were affected, as it recently took possession of a key domain name […]