http://www.nytimes.com/2014/08/06/t...billion-stolen-internet-credentials.html?_r=0 I am surprised no one posted this yet.
This is nothing more than a fluff piece to get their corp's name out there. Welcome to the new age of advertising. Why is it a fluff piece? Even in the article it states that nothing has been done with the information that was "hacked/stolen". If the article was about this is what happened and this is how it is prevented, then it would have had substance. The article also gives rise to a question of, if they are in contact with this group credited with the hack, are they funding them to drum up business. Adept use of fear is a very persuasive tool.
Krebs covered it: https://krebsonsecurity.com/2014/08/qa-on-the-reported-theft-of-1-2b-email-accounts/
"... I spent the last four years writing an entire book about it, describing how these networks are created, the crooks that run them, and the cybercrime kingpins who make it worth their while. More information about this book and ways to pre-order it before its release in November is available here..." It's all about lending credence to and advertise the book he spent the last four years on.
I usually take this with a grain of salt. Stuff like this is often true but also often blown way out of proportion for all sorts of reasons... such as promoting a book
Everything on the web is blown out proportion fact remains if someone got accessed to 400k+ websites and there user/pass people should be worried and change passes none the less.
https://www.schneier.com/blog/archives/2014/08/over_a_billion_.html edit Nah, I don't see Krebs engaging in fear mongering for book profit or whatnot- I think his readers really did pester his email asking him to cover to the topic and give his thoughts on it (it happens a lot). https://krebsonsecurity.com/2014/08/qa-on-the-reported-theft-of-1-2b-email-accounts/
Anyone who ran this story is running the fear campaign whether they thought they were dupped or not. This guy is trying to sell his book and promote his company. Krebs still ran the story regardless of what he says afterwards. Yes, he is profiting off this story. He is profiting from the web traffic to his site in the form of how much a company is willing to pay for advertising space on his site. So to say he is not getting compensated; he would need to qualify that statement by saying not directly. Krebs is trying to run damage control.
Right, Krebs doesn't run a site solely funded by donations. I don't think he and Alex Holden conspired together to run a story in hopes of making a killing in profit though. Holden screwed himself on his own.
bump Someone just posted this over at Wilders. Good run down. http://www.youarenotpayingattention.com/2014/08/08/the-lie-behind-1-2-billion-stolen-passwords/
Things like this get blown out of proportion because these so called "security experts" know that inciting fear is the easiest way to sell a product/service. Most of these "security experts" couldn't stop a "hacker" if their lives depended on it.