Krebs on Security In-depth security news and investigation
- Funding Expires for Key Cyber Vulnerability Databaseby BrianKrebs on 16 April 2025 at 3:59 am
A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking down. The federally funded, non-profit research and development organization MITRE warned today that its contract to maintain the Common Vulnerabilities and Exposures (CVE) program -- which is traditionally funded each year by the Department of Homeland Security -- expires on April 16.
- Trump Revenge Tour Targets Cyber Leaders, Electionsby BrianKrebs on 15 April 2025 at 3:27 am
President Trump last week revoked security clearances for Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (CISA) who was fired by Trump after declaring the 2020 election the most secure in U.S. history. The White House memo, which also suspended clearances for other security professionals at Krebs's employer SentinelOne, comes as CISA is facing huge funding and staffing cuts.
- China-based SMS Phishing Triad Pivots to Banksby BrianKrebs on 10 April 2025 at 3:31 pm
China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called “Smishing Triad” mainly impersonated toll road operators and shipping companies. But experts say these groups are now directly targeting customers of international financial institutions, while dramatically expanding their cybercrime infrastructure and support staff.
- Patch Tuesday, April 2025 Editionby BrianKrebs on 9 April 2025 at 3:09 am
Microsoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of those flaws earned Microsoft's most-dire "critical" rating, meaning malware or malcontents could exploit them with little to no interaction from Windows users.
- Cyber Forensic Expert in 2,000+ Cases Faces FBI Probeby BrianKrebs on 4 April 2025 at 4:37 pm
A Minnesota cybersecurity and computer forensics expert whose testimony has featured in thousands of courtroom trials over the past 30 years is facing questions about his credentials and an inquiry from the Federal Bureau of Investigation (FBI). Legal experts say the inquiry could be grounds to reopen a number of adjudicated cases in which the expert's testimony may have been pivotal.