A KrebsOnSecurity series on how easy big-three credit bureau Equifax makes it to get detailed salary history data on tens of millions of Americans apparently inspired a deeper dive on the subject by Fast Company, which examined how this Equifax division has been one of the company's best investments. In this post, I'll show you how to opt out of yet another Equifax service that makes money at the expense of your privacy.
A New Mexico man is facing federal hacking charges for allegedly using the now defunct attack-for-hire service vDOS to launch damaging digital assaults aimed at knocking his former employer's Web site offline. Prosecutors were able to bring the case in part because vDOS got massively hacked last year, and its customer database of payments and targets leaked to this author and to the FBI.
Prosecutors in Minnesota have charged John Kelsey Gammell, 46, with using vDOS and other online attack services to hurl a year's worth of attack traffic at the Web sites associated with Washburn Computer Group, [...]
In May 2013 KrebsOnSecurity wrote about Ragebooter, a service that paying customers can use to launch powerful distributed denial-of-service (DDoS) attacks capable of knocking individuals and Web sites offline. The owner of Ragebooter subsequently was convicted in 2016 of possessing child pornography, but his business somehow lived on while he was in prison. Now just weeks after Poland made probation, a mobile version of the attack-for-hire service has gone up for sale on the Google Play store.
There was a time when I was content to let my bank authenticate me over the phone by asking for some personal identifiers (SSN/DOB) that are broadly for sale in the cybercrime underground. At some point, however, I decided this wasn't acceptable for institutions that held significant chunks of our money, and I began taking our business away from those that wouldn't let me add a simple verbal passphrase that needed to be uttered before any account details could be discussed over the phone.
Most financial institutions will let customers add verbal passwords or personal identification numbers (PINs) that are separate [...]
These won't last long.[...]
from Michelle Starr
They'd better hurry![...]
from Rob Price, Business Insider
What year is this again?[...]
It's still out there.[...]
It's the first time humans have seen this in the wild.[...]