The Federal Bureau of Investigation (FBI) is warning that individuals sympathetic to the Islamic State of Iraq and al-Shams (ISIS) are mass-defacing Websites using known vulnerabilities in WordPress .
Sign Up at irs.gov Before Crooks Do It For You
If you’re an American and haven’t yet created an account at irs.gov , you may want to take care of that before tax fraudsters create an account in your name and steal your personal and tax data in the process. Recently, KrebsOnSecurity heard from Michael Kasper , a 35-year-old reader who tried to obtain a copy of his most recent tax transcript with the Internal Revenue Service (IRS).
MS Update 3033929 Causing Reboot Loop
One of the operating system updates Microsoft released on Tuesday of this week — KB3033929 — is causing a reboot loop for a fair number of Windows 7 users, according to postings on multiple help forums. The update in question does not appear to address a pressing security vulnerability, so users who have not yet installed it should probably delay doing so until Microsoft straightens things out. Various tech help forums ares starting to fill up with requests from Windows 7 users who are experiencing a reboot loop after applying the glitchy patch , which is a “code signing” update that improves the ability of Windows 7 and Windows Server 2008 R2 systems to validate the integrity and authenticity of programs running on top of the operating system.
Apple Pay: Bridging Online and Big Box Fraud
Lost amid the media firestorm these past few weeks about fraudsters turning to Apple Pay is this stark and rather unsettling reality: Apple Pay makes it possible for cyber thieves to buy high-priced merchandise from brick-and-mortar stores using stolen credit and debit card numbers that were heretofore only useful for online fraud.
Data Breach at Health Insurer Anthem Could Impact Millions
Anthem Inc. , the nation’s second largest health insurer, disclosed Wednesday that hackers had broken into its servers and stolen Social Security numbers and other personal data from all of its business lines. Given the company’s size, this breach could end up impacting tens of millions of Americans.
Lizard Kids: A Long Trail of Fail
The Lizard Squad , a band of young hooligans that recently became Internet famous for launching crippling distributed denial-of-service (DDoS) attacks against the largest online gaming networks, is now advertising own Lizard-branded DDoS-for-hire service.
Banks: Card Breach at Some Chick-fil-A’s
Sources at several U.S.
FBI: North Korea to Blame for Sony Hack
The FBI today said it has determined that the North Korean government is responsible for the devastating recent hack attack against Sony Pictures Entertainment . Here’s a brief look the FBI’s statement, what experts are learning about North Korea’s cyberattack capabilities, and what this incident means for other corporations going forward
‘Poodle’ Bug Returns, Bites Big Bank Sites
Many of the nation’s top banks, investment firms and credit providers are vulnerable to a newly-discovered twist on a known security flaw that exposes Web site traffic to eavesdropping. The discovery has prompted renewed warnings from the U.S. Department of Homeland Security advising vulnerable Web site owners to address the flaw as quickly as possible.
Be Wary of ‘Order Confirmation’ Emails
If you receive an email this holiday season asking you to “confirm” an online e-commerce order or package shipment, please resist the urge to click the included link or attachment: Malware purveyors and spammers are blasting these missives by the millions each day in a bid to trick people into giving up control over their computers and identities.