Tag Archive for: author

About the Author – Krebs on Security


Brian Krebs worked as a reporter for The Washington Post from 1995 to 2009, authoring more than 1,300 blog posts for the Security Fix blog, as well as hundreds of stories for washingtonpost.com and The Washington Post newspaper, including eight front-page stories in the dead-tree edition and a Post Magazine cover piece on botnet operators. In 2014, he was profiled in The New York TimesBusiness Week, NPR’s Terry Gross, and by Poynter.org. More recently, he was invited to an “Ask Me Anything” discussion on Reddit about investigative reporting.

But you didn’t really want to read my résumé, did you? What most people want to know is how I got into computer security, and whether I have a technical background in the field.

The short answer is “by accident,” and “no,” respectively. I earned a Bachelor of Arts in International Studies from George Mason University in 1994, and at the time I wasn’t much interested in computers, although I had programmed a bit on an Apple II and spent quite a bit of time visiting online bulletin boards as a kid.

It wasn’t until 2001 — when my entire home network was overrun by a Chinese hacking group — that I became intensely interested in computer security. I had been monkeying with a default installation of Red Hat Linux (6.2) on an old Hewlett-Packard system, because for some reason I had it in my head that it would be fun to teach myself how to turn the spare computer into an oversized firewall [ah, the irony]. That is, until the Lion Worm came around and locked me out of my system. Twice.

After that incident, I decided to learn as much as I could about computer and Internet security, and read most everything on the subject that I could get my hands on at the time. It’s an obsession that hasn’t let up.

Much of my knowledge about computers and Internet security comes from having cultivated regular and direct access to some of the smartest and most clueful geeks on the planet. The rest I think probably comes from a willingness to take risks, make mistakes, and learn from them.

I am 50 years old, and live with my wife Jennifer in Northern Virginia. When I’m not at the computer, I most often spend my free time reading,…

Source…

Security Aegis, Author at Security Boulevard – Security Boulevard



Security Aegis, Author at Security Boulevard  Security Boulevard

Source…

Zack Kaplan, Author at Security Boulevard – Security Boulevard



Zack Kaplan, Author at Security Boulevard  Security Boulevard

Source…

Kaspersky tracks Windows zero days to ‘Moses’ exploit author


New research by Kaspersky Lab shows a rise in APT groups leveraging exploits to gain initial foothold in a target network, including recent, high-profile zero-day vulnerabilities in Microsoft Exchange Server as well as Windows.

The security vendor released its APT Trends Report Q2 Thursday, which documented an uptick in certain activity over the last few months. Researchers found that advanced persistent threat (APT) groups  committed several supply chain attacks in recent months. For example, Kaspersky found the Chinese-speaking APT group it tracks as “BountyGlad” compromised a digital certificate authority in February. According to the report, the group demonstrated an increase in “strategic sophistication with this supply-chain attack.” 

However, one of the most significant trends was a shift in tactics. Kaspersky researchers found that while APT groups mainly use social engineering to gain an initial foothold, Q2 saw an increase in using zero days and exploits. Several of the zero-days, including two Windows vulnerabilities that were patched earlier this year, were traced to an exploit developer Kaspersky has dubbed “Moses.”

“Various marks and artifacts left in the exploit mean that we are also highly confident that CVE-2021-1732 and CVE-2021-28310 were created by the same exploit developer that we track as “Moses”,” the report said.

Both are Microsoft Windows zero days that received a CVSS score of 7.8 and designated as elevation of privilege vulnerabilities.

Kaspersky had previously identified Moses in its APT Trends Report for Q1. According to the Q2 report, “Moses” appears to make exploits available to several APTs, but so far researchers have only confirmed two groups that have  utilized exploits developed by Moses: Bitter APT and Dark Hotel.

Kaspersky researchers David Emm and Ariel Jungheit told SearchSecurity that they are two distinct groups, and it is unclear why Moses presumably worked with them. However, one of the groups’ targets appears to be known.

“In the case of Bitter APT, our telemetry indicates that the exploits have been used against targets inside Pakistan, though they could have been used against targets inside China also,” Emm and Jungheit…

Source…