One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. Like attaching a phishing email to a traditional, clean email message, or leveraging link redirects on LinkedIn, or abusing an encoding method that makes it easy to disguise booby-trapped Microsoft […]
Researchers say mobile malware purveyors have been abusing a bug in the Google Android platform that lets them sneak malicious code into mobile apps and evade security scanning tools. Google says it has updated its app malware detection mechanisms in response to the new research. At issue is a mobile malware obfuscation method identified by […]
The Russian government today handed down a treason conviction and 14-year prison sentence on Iyla Sachkov, the former founder and CEO of one of Russia’s largest cybersecurity firms. Sachkov, 37, has been detained for nearly two years under charges that the Kremlin has kept classified and hidden from public view, and he joins a growing […]
Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort, which rents hacked residential and small business devices to cybercriminals looking to hide […]
Many things have changed since 2018, such as the names of the companies in the Fortune 100 list. But one aspect of that vaunted list that hasn’t shifted much since is that very few of these companies list any security professionals within their top executive ranks. The next time you receive a breach notification letter […]
Simon & Schuster Senior Vice President and Publisher Justin Chanda (left) interviews author Judy Blume at the 2023 Annual Conference and Exhibition. Photo: EPNAC This summer marked a homecoming for the American Library Association (ALA), as thousands of library workers and advocates gathered in Chicago for the 2023 Annual Conference and Exhibition. The conference, which […]
The Library Marketplace at the American Library Association’s 2023 Annual Conference and Exhibition, held June 22–27 in Chicago. Photo: Rebecca Lomax/American Libraries With 15,851 total registrants and nearly 600 vendors represented, the American Library Association’s (ALA) 2023 Annual Conference and Exhibition (June 22–27) in Chicago continued to make progress toward prepandemic attendance numbers. The Library […]
National Central Library’s Open Lab Multimedia Center includes a DIY studio, for activities like sewing, and music rooms. Two libraries earned this year’s American Library Association (ALA) Presidential Citation for Innovative International Library Projects. The winning entries are the National Central Library (NCL) in Taipei City, Taiwan, and Seoul National University Library (SNUL) in South […]
Idina Menzel (left) and Cara Mentzel Photo: ENPAC When Idina Menzel was contemplating writing a children’s book, her first thought was to join forces with her younger sister. “I wouldn’t have done it any other way,” Menzel—a world-renowned singer and performer best known for her stage and screen roles in Frozen, Rent, and Wicked—said about […]
Snapshots from ALA’s 2023 Annual Conference and Exhibition in Chicago.Photos: Rebecca Lomax/American Libraries The atmosphere was charged at the American Library Association’s (ALA) 2023 Annual Conference and Exhibition in Chicago. At the center of it all, as usual, was its popular Library Marketplace. Thousands of attendees marveled at the rows of vendor booths that hosted […]
I recently attended an Institute of Museum and Library Services convening focused on the role of libraries in expanding information literacy. I was pleased to see that community engagement kept appearing as a vital component in combating the tide of misinformation (false information), disinformation (intentionally false information), and information withdrawal (censorship and book bans) that […]
Growing up in Boise, Idaho, my dream was always to be a writer in New York City. Instead, in 2000, I found myself fact-checking at Lucky, a magazine about shopping. I wasn’t penning trenchant essays on the state of the world for an audience of adoring readers. I was confirming the prices of handbags and […]
[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] In 2019, a Canadian company called Defiant Tech Inc. pleaded guilty to running LeakedSource[.]com, a service that sold access to billions of passwords and other data exposed in countless data breaches. […]
[This is Part II of a story published here last week on reporting that went into a new Hulu documentary series on the 2015 Ashley Madison hack.] It was around 9 p.m. on Sunday, July 19, when I received a message through the contact form on KrebsOnSecurity.com that the marital infidelity website AshleyMadison.com had been […]
Microsoft Corp. today released software updates to quash 130 security bugs in its Windows operating systems and related software, including at least five flaws that are already seeing active exploitation. Meanwhile, Apple customers have their own zero-day woes again this month: On Monday, Apple issued (and then quickly pulled) an emergency update to fix a […]
When the marital infidelity website AshleyMadison.com learned in July 2015 that hackers were threatening to publish data stolen from 37 million users, the company’s then-CEO Noel Biderman was quick to point the finger at an unnamed former contractor. But as a new documentary series on Hulu reveals [SPOILER ALERT!], there was just one problem with […]
If you’ve ever owned a domain name, the chances are good that at some point you’ve received a snail mail letter which appears to be a bill for a domain or website-related services. In reality, these misleading missives try to trick people into paying for useless services they never ordered, don’t need, and probably will […]
Nikita Kislitsin, formerly the head of network security for one of Russia’s top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. Department of Justice. Experts say Kislitsin’s prosecution could soon put the Kazakhstan government in a sticky diplomatic position, as the Kremlin is already signaling that […]
Public libraries serve as vital community resources, offering a wide range of services, including printing facilities. However, as libraries continue to embrace technology, it becomes increasingly important to ensure the security and privacy of patrons’ and the libraries’ printing activities. A recent example that illustrates this topic was the critical vulnerability found in PaperCut products. […]
Joseph James “PlugwalkJoe” O’Connor, a 24-year-old from the United Kingdom who earned his 15 minutes of fame by participating in the July 2020 hack of Twitter, has been sentenced to five years in a U.S. prison. That may seem like harsh punishment for a brief and very public cyber joy ride. But O’Connor also pleaded […]
