Security News

Really interesting article: A trained eye (or even a not-so-trained one) can discern when something phishy is going on with a domain or subdomain name. There are search tools, such as Censys.io,...

Cybercrime Gang Phoned Victims to Increase Phishing Attack Success RatesThe FIN7 cybercrime gang regularly phoned victims, posing as buyers, to trick victims into opening phishing emails and...

Phishing emails purported to be commercial offers - but were really installing remote administration software on victims’ systems.

A new wave of spear-phishing emails masquerading as legitimate procurement and accounting letters have hit over 400 industrial organizations, according to Kaspersky Lab. read more

A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site...

If you trust Google, this is the second-factor security key for you.

At Node Summit, coders served some humble pie Software developers have been lionized in recent years for their influence over the information economy. At the Node Summit in San Francisco,...

Phishing attackers have failed to compromise a single employee account at Google since the company mandated authentication using U2F hardware tokens in early 2017. That’s the remarkable claim made...

Russians Tied to Hack Attacks, But 'Two-Factor' No Silver Bullet, Google WarnsSpear phishing attacks are in the news again following the Justice Department's indictment of Russian military...

Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place...