FCC Proposal Targets SIM Swapping, Port-Out Fraud

FCC Proposal Targets SIM Swapping, Port-Out Fraud

The U.S. Federal Communications Commission (FCC) is asking for feedback on new proposed rules to crack down on SIM swapping and number port-out fraud, increasingly prevalent scams in which identity thieves hijack ...
The Life Cycle of a Breached Database

The Life Cycle of a Breached Database

Every time there is another data breach, we are asked to change our password at the breached entity. But the reality is that in most cases by the time the victim organization ...
Adventures in Contacting the Russian FSB

Adventures in Contacting the Russian FSB

KrebsOnSecurity recently had occasion to contact the Russian Federal Security Service (FSB), the Russian equivalent of the U.S. Federal Bureau of Investigation (FBI). In the process of doing so, I encountered a ...
Try This One Weird Trick Russian Hackers Hate

Try This One Weird Trick Russian Hackers Hate

In a Twitter discussion last week on ransomware attacks, KrebsOnSecurity noted that virtually all ransomware strains have a built-in failsafe designed to cover the backsides of the malware purveyors: They simply will ...
Can We Stop Pretending SMS Is Secure Now?

Can We Stop Pretending SMS Is Secure Now?

SMS text messages were already the weakest link securing just about anything online, mainly because there are tens of thousands of people (many of them low-paid mobile store employees) who can be ...
Warning the World of a Ticking Time Bomb

Warning the World of a Ticking Time Bomb

Globally, hundreds of thousand of organizations running Exchange email servers from Microsoft just got mass-hacked, including at least 30,000 victims in the United States. Each hacked server has been retrofitted with a ...