No, I Did Not Hack Your MS Exchange Server

New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. Let’s just get this out of the way right now: It wasn’t...

RedTorch Formed from Ashes of Norse Corp.

Remember Norse Corp., the company behind the interactive “pew-pew” cyber attack map shown in the image blow? Norse imploded rather suddenly in 2016 following a series of managerial missteps and funding debacles. Now, the founders of Norse have launched a...

Fintech Giant Fiserv Used Unclaimed Domain

If you sell Web-based software for a living and ship code that references an unregistered domain name, you are asking for trouble. But when the same mistake is made by a Fortune 500 company, the results can range from costly to disastrous. Here’s the story of...

Can We Stop Pretending SMS Is Secure Now?

SMS text messages were already the weakest link securing just about anything online, mainly because there are tens of thousands of people (many of them low-paid mobile store employees) who can be tricked or bribed into swapping control over a mobile phone number to...