Krebs on Security

This blog will include articles centered around various ongoing topics.

National

English

Blog

Outlet metrics

Domain Authority

Ranking

Global

#118063

United States

#40643

Computers Electronics and Technology/Computer Security

#115

Traffic sources

Monthly visitors

Articles

DOGE Worker’s Code Supports NLRB Whistleblower

3 weeks ago | krebsonsecurity.com | Brian Krebs

A whistleblower at the National Labor Relations Board (NLRB) alleged last week that denizens of Elon Musk’s Department of Government Efficiency (DOGE) siphoned gigabytes of data from the agency’s sensitive case files in early March. The whistleblower said accounts created for DOGE at the NLRB downloaded three code repositories from GitHub.
Whistleblower: DOGE Siphoned NLRB Case Data

3 weeks ago | krebsonsecurity.com | Brian Krebs

A security architect with the National Labor Relations Board (NLRB) alleges that employees from Elon Musk‘s Department of Government Efficiency (DOGE) transferred gigabytes of sensitive data from agency case files in early March, using short-lived accounts configured to leave few traces of network activity.
Funding Expires for Key Cyber Vulnerability Database

4 weeks ago | krebsonsecurity.com | Brian Krebs

A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking down. The federally funded, non-profit research and development organization MITRE warned today that its contract to maintain the Common Vulnerabilities and Exposures (CVE) program — which is traditionally funded each year by the Department of Homeland Security — expires on April 16.
Trump Revenge Tour Targets Cyber Leaders, Elections

1 month ago | krebsonsecurity.com | Brian Krebs

President Trump last week revoked security clearances for Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (CISA) who was fired by Trump after declaring the 2020 election the most secure in U.S. history. The White House memo, which also suspended clearances for other security professionals at Krebs’s employer SentinelOne, comes as CISA is facing huge funding and staffing cuts.
China-based SMS Phishing Triad Pivots to Banks

1 month ago | krebsonsecurity.com | Brian Krebs

China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called “Smishing Triad” mainly impersonated toll road operators and shipping companies. But experts say these groups are now directly targeting customers of international financial institutions, while dramatically expanding their cybercrime infrastructure and support staff.
Patch Tuesday, April 2025 Edition

1 month ago | krebsonsecurity.com | Brian Krebs

Microsoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of those flaws earned Microsoft’s most-dire “critical” rating, meaning malware or malcontents could exploit them with little to no interaction from Windows users.
Cyber Forensic Expert in 2,000+ Cases Faces FBI Probe

1 month ago | krebsonsecurity.com | Brian Krebs

A Minnesota cybersecurity and computer forensics expert whose testimony has featured in thousands of courtroom trials over the past 30 years is facing questions about his credentials and an inquiry from the Federal Bureau of Investigation (FBI). Legal experts say the inquiry could be grounds to reopen a number of adjudicated cases in which the expert’s testimony may have been pivotal.
How Each Pillar of the 1st Amendment is Under Attack

1 month ago | krebsonsecurity.com | Brian Krebs

“Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.” -U.S. Constitution, First Amendment.
When Getting Phished Puts You in Mortal Danger

1 month ago | krebsonsecurity.com | Brian Krebs

Many successful phishing attacks result in a financial loss or malware infection. But falling for some phishing scams, like those currently targeting Russians searching online for organizations that are fighting the Kremlin war machine, can cost you your freedom or your life. Researchers at the security firm Silent Push mapped a network of several dozen phishing domains that spoof the recruitment websites of Ukrainian paramilitary groups, as well as Ukrainian government intelligence sites.
Arrests in Tap-to-Pay Scheme Powered by Phishing

1 month ago | krebsonsecurity.com | Brian Krebs

Authorities in at least two U.S. states last week independently announced arrests of Chinese nationals accused of perpetrating a novel form of tap-to-pay fraud using mobile devices. Details released by authorities so far indicate the mobile wallets being used by the scammers were created through online phishing scams, and that the accused were relying on a custom Android app to relay tap-to-pay transactions from mobile devices located in China.