Today marks the 14th anniversary of KrebsOnSecurity, a cybersecurity blog founded by investigative journalist Brian Krebs. In a blog post, Krebs expressed his gratitude to readers for their continued support and readership over the years. He also shared his career journey, from working as a paperboy for The Washington Post to becoming an independent investigative journalist. Krebs highlighted the importance of making technical stories relatable to a general audience and thanked The Washington Post for instilling these skills in him. He also mentioned that KrebsOnSecurity now has over 52,000 email subscribers and emphasized the importance of advertising partners in keeping the blog financially viable. The post concludes with a list of some of the most-read stories published on KrebsOnSecurity in 2023.
KrebsOnSecurity, celebrating 14 awesome years of cyber awareness!
Latest from Blog
CISA review finds critical infrastructure plagued by ‘low hanging’ cyber lapses
TLDR: Phishing, stolen credentials, and other basic cybersecurity lapses are allowing hackers, including China-linked threat groups, to infiltrate U.S. critical infrastructure networks. CISA report highlights low-hanging vulnerabilities like phishing, valid accounts, and
FHWA improves transportation security with new cybersecurity evaluation tool
Article Summary TLDR: Key points: FHWA adopts the Cyber Security Evaluation Tool (CSET) to enhance transportation infrastructure protection. The CSET is a voluntary tool designed to help transportation authorities identify, detect, protect
Guardians securing digital front for remote troops with precision
TLDR: The 3rd Infantry Division conducted the Army’s first long-range, fully remote cybersecurity operation at the division level while the 1st Armored Brigade Combat Team was at Fort Irwin, California. The remote
Microsoft’s Licensing: A Security Threat to the Nation
TLDR: Microsoft’s licensing practices pose a threat to national security, as they have a cozy relationship with China. Government agencies are locked into using Microsoft products, making them vulnerable to security breaches.
Hackers can steal keystrokes from Apple Vision Pro with GAZEsploit
TLDR: New GAZEploit Attack Lets Hackers Capture Keystrokes from Apple Vision Pro A vulnerability known as GAZEploit allows hackers to capture keystrokes from Apple Vision Pro’s virtual keyboards by analyzing eye movements.
Janet L Rathod is the new CISO at Johns Hopkins
TLDR: Janet L. Rathod named chief information security officer at Johns Hopkins, bringing over two decades of experience in cybersecurity. Rathod has previously worked at Citigroup, Capital One, and the FBI, and
Apple Vision Pro Vulnerability Exposes Virtual Keyboard Inputs to Attackers
Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers TLDR: Security flaw in Apple’s Vision Pro mixed reality headset allowed attackers to infer data entered on the virtual keyboard Attack dubbed
Breaking: Adobe Reader Zero-Day, Mobi TLD Hijack, WhatsApp Exploit News
TLDR: A possible zero-day vulnerability was discovered in Adobe Reader. Researchers were able to hijack the .mobi TLD by spending $20. WhatsApp’s View Once feature was exploited in the wild. SecurityWeek’s cybersecurity
Cyber Security Authority licenses for professionals and establishments, BizTech explains
TLDR: 94 cybersecurity service providers, professionals, and establishments were certified and accredited by the Cyber Security Authority (CSA). Certification and accreditation ensure services meet approved standards and procedures. A total of 94
Business lessons from the rise of cyber espionage are crucial
TLDR: Cyber espionage is on the rise globally, posing a threat to both government and private sector organizations. Nation-state attackers are using sophisticated techniques, including AI, to target businesses for economic, political,