On the Wire Podcast: Jessy Irwin on Password Security
In this episode, Dennis Fisher talks with Jessy Irwin about the recent rash of data breaches and credential dumps and why humans are still so terrible at password security. The conversation touches on alternatives to traditional passwords, the limits of two-factor authentication, and he or if thing might actually improve. Music by Chris Gonsalves and […]
Google, Facebook Fight Expansion of FBI Surveillance Powers
Several powerful technology vendors and civil liberties organizations are fighting legislation that would give the FBI the ability to issue National Security Letters–which don’t require a warrant–to get citizens’ browsing history, email metadata, location data, and other highly sensitive information. The new powers would be granted by an amendment to the intelligence appropriations bill, which […]
Angler Exploit Kit EMET Bypass Leads to TeslaCrypt Ransomware
Microsoft has built a number of technical defenses against browser-based exploits in the last decade or so, including a specialized toolkit called EMET that’s designed to defeat advanced exploits. Attackers have now created a version of the notorious Angler exploit kit that can bypass EMET entirely and then install the nasty TeslaCrypt ransomware. This advance […]
Ransomware is Dope
Credit where credit is due: Ransomware is kind of brilliant. From a defender’s perspective, it is perhaps the most difficult threat to deal with in the last five or 10 years. It locks up your data, makes it inaccessible and unrecoverable (without backups), and presents you with, at most, two options: Don’t pay the ransom and […]
Bulgarian Sentenced in $6 Million Tax Refund Scheme
The IRS and taxpayers themselves have been the targets of a wide range of attacks and scams for many years, most of which involve some variety of identity theft. The fraudsters behind these operations often go unpunished, but in a rare victory, the U.S. government has convicted and sentenced to nearly four years in prison a Bulgarian […]
FTC Warns of Security and Privacy Risks in IoT Devices
The Federal Trade Commission has sent comments to the Department of Commerce, outlining a list of concerns about the security and privacy of connected and embedded devices, saying that while many IoT devices have tangible benefits for consumers, “these devices also create new opportunities for unauthorized persons to exploit vulnerabilities”. In a long response to a […]
Life in the Ransomware Underweb
The business of ransomware is booming, and some of the criminals running these operations have so much work and money on their hands that they’re building out affiliate networks to help them handle it all. In their efforts to extort as many victims as possible with their malware, ransomware authors have been spreading their creations in […]
On the Wire Podcast: Ransomware
Ransomware is one of the nastier and more insidious threats to emerge in the last decade, and the attackers using it have targeted consumers and businesses alike. Threats such as CryptoLocker, Locky, Cryptowall, and many others have been locking up users’ files and demanding hundreds or thousands of dollars in order to decrypt them. Security […]
How Call Center Fraud Compares Across the Pond
The UK sees more than 2x the amount of call center fraud than the US The UK is no stranger to phone fraud in financial institutions. The recent data compiled in Pindrop’s 2016 Call Center Fraud Report shows that 1 in every 700 calls made to enterprise call centers in the UK is fraudulent. This is […]