Independent investigative journalist. Writes about cybercrime. Author of 'Spam Nation', a NYT bestseller. Wrote for The Washington Post '95-'09
One caveat: Better make sure your Google account is ALSO protected by either app-based or security key 2-factor, and that SMS is NOT set as a recovery option. Because if you lose that, you're screwed.
@ckindel None of that can contend with a $12-an-hour mobile store employee who wants to make a quick $500. The lesson here is you can't trust the mobile companies, because they're not set up to combat this problem, and probably never will be.
Exclusive: Feds allege 4 employees of email marketing firm Adconion (now Amobee) hijacked IP addresses for spamming. This 10-count criminal indictment is apparently the Part 1 of a larger investigation into the company's email marketing practices
"Satori" IoT botnet operator Kenneth Schuchman pleads guilty. Satori grew to 100,000 infected systems, with improved versions of the botnet compromising as many as 700,000 IoT devices over 15 months. Admitted "swatting" one of his alleged co-conspirators
@startswithv Seems like a pretty typical money mule recruitment operation. Hope he didn't buy any of the stuff they told him to. I've written countless stories about these scams. Perhaps it's time to revisit them.
@startswithv These people prey on individuals who are looking for work-at-home jobs or part time work. They string you along for weeks doing menial stuff, and then eventually will tell you it's time to process some payments, or send them some money, etc.
NY cloud payroll provider MyPayrollHR abruptly closes up shop, diverts $35 million in payroll, tax payments to its own account. Employees at thousands of companies that used the service dinged for 1-2 payroll payments. Meanwhile, the CEO has vanished
ICYMI, Equifax forced to pull offline a huge database of consumer data guarded only by credentials "admin/admin"
Fun fact: CIA unit exposed by Wikileaks was tasked w/ crafting cyber response to Russia's alleged election meddling
The CEO of twitter just got his account hijacked, apparently by a bunch of SIM swappers who've been targeting high profile people and celebrities of late. Maybe this will finally get some real attention to the epidemic of SIM swapping happening right now? Not holding my breath.
I never do this, but this is important so please RT if you agree: It's not okay for my mobile provider to sell or give my mobile device location info to a 3rd party without at least a court order/subpoena. Background: and
Exclusive: Facebook stored hundreds of millions of user passwords in plain text for years
Bring on the bots and sock puppet accounts. Amazing how a tweet about Putin always engenders defensive responses about Trump.