You are browsing archives for
KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test run for a massive new Internet of Things (IoT) botnet capable of launching […]
In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $700,000 to settle a civil lawsuit from a health insurance company whose customer data was posted for sale on the forum in 2023. Conor Brian Fitzpatrick, a.k.a. “Pompompurin,” is slated for resentencing next month […]
Microsoft on Tuesday released software updates to fix at least 70 vulnerabilities in Windows and related products, including five zero-day flaws that are already seeing active exploitation. Adding to the sense of urgency with this month’s patch batch from Redmond are fixes for two other weaknesses that now have public proof-of-concept exploits available. Microsoft and […]
In this week’s Princh Library Blog, recurring guest writer Nina Grant talks about an emerging sensation among couples – library weddings. Enjoy! Wedding trends are always shifting, but one unique idea is quietly stealing the show—and it’s all happening between the stacks. While traditional ceremonies still reign, more and more couples are choosing libraries as their […]
A Texas firm recently charged with conspiring to distribute synthetic opioids in the United States is at the center of a vast network of companies in the U.S. and Pakistan whose employees are accused of using online ads to scam westerners seeking help with trademarks, book writing, mobile app development and logo designs, a new […]
An employee at Elon Musk’s artificial intelligence company xAI leaked a private key on GitHub that for the past two months could have allowed anyone to query private xAI large language models (LLMs) which appear to have been custom made for working with internal data from Musk’s companies, including SpaceX, Tesla and Twitter/X, KrebsOnSecurity has learned. […]
Last week, I tripped across a couple of posts from MIT that I thought included the clearest explanations I’d seen of the cost and *reasons* for the cost of training and using Generative AI. Explained: Generative AI’s environmental impact and The multifaceted challenge of powering AI I added those to my list of bookmarks on […]
A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United States, where he is facing charges of wire fraud, conspiracy and identity theft. U.S. prosecutors allege Tyler Robert Buchanan and co-conspirators hacked into dozens of companies in the United States […]
In this interview, Natalie Burclaff describes the Industry Associations Web Archive and the variety of content it preserves. She also offers insights into the challenges of curating the collection and explains why it serves as a crucial resource for understanding how industry has evolved and responded to global events. This is part of a series […]
A whistleblower at the National Labor Relations Board (NLRB) alleged last week that denizens of Elon Musk’s Department of Government Efficiency (DOGE) siphoned gigabytes of data from the agency’s sensitive case files in early March. The whistleblower said accounts created for DOGE at the NLRB downloaded three code repositories from GitHub. Further investigation into one […]
A security architect with the National Labor Relations Board (NLRB) alleges that employees from Elon Musk‘s Department of Government Efficiency (DOGE) transferred gigabytes of sensitive data from agency case files in early March, using short-lived accounts configured to leave few traces of network activity. The NLRB whistleblower said the unusual large data outflows coincided with […]
OK, that’s a clickbait title, but only a little. They’re actually amongst the heaviest users of Claude, according to Anthropic (PDF), via the 2025 AI Index Report from Stanford’s Institute for Human-Centered AI. The report itself is a 456-page PDF, so do start with the key takeaways, but then either search for specific words of […]
On March 20, 2025, the DC Chapter of AI4LAM held its first meeting at the Martin Luther King Jr. Memorial Library in downtown Washington, and Library of Congress staff were excited to take part in the event. AI4LAM is an international, collaborative community focused on advancing the use of artificial intelligence (AI) in, for, and […]
A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking down. The federally funded, non-profit research and development organization MITRE warned today that its contract to maintain the Common Vulnerabilities and Exposures (CVE) program — which is traditionally funded each […]
President Trump last week revoked security clearances for Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (CISA) who was fired by Trump after declaring the 2020 election the most secure in U.S. history. The White House memo, which also suspended clearances for other security professionals at Krebs’s employer SentinelOne, comes as […]
China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called “Smishing Triad” mainly impersonated toll road operators and shipping companies. But experts say these groups are now directly targeting customers of international financial institutions, while dramatically expanding their cybercrime […]
Today’s blog post is an interview with Hanna Fogle, a 2024-25 Librarian-in-Residence here at the Library of Congress. Carlyn: Hi Hanna, could you tell us a bit about what you do as a Librarian-in-Residence (LIR)? How would you explain your job to someone outside the Library of Congress? What do you like most about your […]
Microsoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of those flaws earned Microsoft’s most-dire “critical” rating, meaning malware or malcontents could exploit them with little to no interaction from Windows users. The zero-day […]
This is a very current report, with questions being collected between Feb 19-March 1, 2025. From the Social Media Lab at the Ted Rogers School of Management, Toronto Metropolitan University (TMU), The State of Generative AI Use in Canada 2025: Exploring Public Attitudes and Adoption Trends. 1,500 Canadians were asked questions about their use and knowledge of generative […]
A Minnesota cybersecurity and computer forensics expert whose testimony has featured in thousands of courtroom trials over the past 30 years is facing questions about his credentials and an inquiry from the Federal Bureau of Investigation (FBI). Legal experts say the inquiry could be grounds to reopen a number of adjudicated cases in which the […]
