CISA Admin Leaked AWS GovCloud Keys on Github

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency CISA maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive...

CVE-2025-60274

creationtimestamp| type| source ---|---|--- 2025-11-16 20:47:14+00:00| seen| https://krebsonsecurity.com/2025/11/microsoft-patch-tuesday-november-2025-edition/...

KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS

KrebsOnSecurity last week was hit by a near record distributed denial-of-service DDoS attack that clocked in at more than 6.3 terabits of data per second a terabit is one trillion bits of data. The brief attack appears to have been a test run for a massive new Internet of Things IoT botnet capabl...

Happy 15th Anniversary, KrebsOnSecurity!

Image: Shutterstock, Dreamansions. KrebsOnSecurity.com turns 15 years old today! Maybe it's indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024's most engrossing security stories were about bad things happening to bad guys. It's also ...

KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO

On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The...

Treasury Sanctions Creators of 911 S5 Proxy Botnet

The U.S. Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5, an online anonymity service that for many years was the easiest and cheapest way to route ones Web traffic through malware-infected computers around the globe...

Happy 14th Birthday, KrebsOnSecurity!

KrebsOnSecurity celebrates its 14th year of existence today! I promised myself this post wouldnt devolve into yet another Cybersecurity Year in Review. Nor do I wish to hold forth about whatever cyber horrors may await us in 2024. But I do want to thank you all for your continued readership,...

Ten Years Later, New Clues in the Target Breach

On Dec. 18, 2013, KrebsOnSecurity broke the news that U.S. retail giant Target was battling a wide-ranging computer intrusion that compromised more than 40 million customer payment cards over the previous month. The malware used in the Target breach included the text string "Rescator," which also...

Top Suspect in 2015 Ashley Madison Hack Committed Suicide in 2014

When the marital infidelity website AshleyMadison.com learned in July 2015 that hackers were threatening to publish data stolen from 37 million users, the companys then-CEO Noel Biderman was quick to point the finger at an unnamed former contractor. But as a new documentary series on Hulu reveals...

Meet the Administrators of the RSOCKS Proxy Botnet

Authorities in the United States, Germany, the Netherlands and the U.K. last week said they dismantled the "RSOCKS" botnet, a collection of millions of hacked devices that were sold as "proxies" to cybercriminals looking for ways to route their malicious traffic through someone elses computer...

KrebsOnSecurity in New Netflix Series on Cybercrime

Netflix has a new documentary series airing next week -- "Web of Make Believe: Death, Lies & the Internet" -- in which Yours Truly apparently has a decent amount of screen time. The debut episode explores the far-too-common harassment tactic of "swatting" -- wherein fake bomb threats or hostage...

Microsoft Patch Tuesday April 2022 and custom CVE comments sources in Vulristics

Hello everyone! This episode will be about Microsoft Patch Tuesday for April 2022 and new improvements in my Vulristics project. I decided to add more comment sources. Because its not just Tenable, Qualys, Rapid7 and ZDI make Microsoft Patch Tuesday reviews, but also other security companies and...

Happy 12th Birthday, KrebsOnSecurity.com!

KrebsOnSecurity.com celebrates its 12th anniversary today! Maybe "celebrate" is too indelicate a word for a year wracked by the global pandemics of COVID-19 and ransomware. Especially since stories about both have helped to grow the audience here tremendously in 2021. But this sites birthday also...

DDoS Chart Toppers—BPS, PPS and RPS Greatest Hits

New to the scene, monster-sized botnet Mēris is raising some eyebrows with giant requests per second rps attacks as shared by Cloudflare 17.2M rps, reported August 19, Yandex peaking at 21.8M rps on September 5, and KrebsOnSecurity 2M rps on September 9. Some commentary came in on Slashdot, The...

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

On Thursday evening, KrebsOnSecurity was the subject of a rather massive and mercifully brief distributed denial-of-service DDoS attack. The assault came from "Meris," the same new botnet behind record-shattering attacks against Russian search giant Yandex this week and internet infrastructure fi...

Adventures in Contacting the Russian FSB

KrebsOnSecurity recently had occasion to contact the Russian Federal Security Service FSB, the Russian equivalent of the U.S. Federal Bureau of Investigation FBI. In the process of doing so, I encountered a small snag: The FSBs website said in order to communicate with them securely, I needed to...

Note to Self: Create Non-Exhaustive List of Competitors

What was the best news you heard so far this month? Mine was learning that KrebsOnSecurity is listed as a restricted competitor by Gartner Inc. NYSE:IT -- a $4 billion technology goliath whose analyst reports can move markets and shape the IT industry. Earlier this month, a reader pointed my...

New KrebsOnSecurity Mobile-Friendly Site

Dear Readers, this has been long overdue, but at last I give you a more responsive, mobile-friendly version of KrebsOnSecurity. We tried to keep the visual changes to a minimum and focus on a simple theme that presents information in a straightforward, easy-to-read format. Please bear with us ove...

No, I Did Not Hack Your MS Exchange Server

New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. Lets just get this out of the way right now: It wasnt me. The Shadowserver Foundation, a nonprofit...

Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer Gang

The leader of Mexicos Green Party has been removed from office following allegations that he received money from a Romanian ATM skimmer gang that stole hundreds of millions of dollars from tourists visiting Mexicos top tourist destinations over the past five years. The scandal is the latest fallo...