News Feed Item

Investigative Journalist Brian Krebs Receives M3AAWG Mary Litynski Award for Protecting Online Community; Krebs Urges More Industry Cooperation Against Abuse

SAN FRANCISCO, CA -- (Marketwired) -- 02/18/14 -- With an intense passion and impressive self-taught technical skill, investigative journalist Brian Krebs has persistently and courageously shed a rare light on the dark underbelly of the Internet that has resulted in the disruption or shutdown of innumerable cybercrime operations. Recognizing the importance of this new breed of journalism and its role in protecting the online community, Krebs was honored by the Messaging, Malware and Mobile Anti-Abuse Working Group as the recipient of its M3AAWG Mary Litynski Award at the organization's meeting Tuesday in San Francisco.

Writing on his KrebsOnSecurity.com blog, Krebs has extensively tracked and been the first to report on major exploits and security threats affecting the industry. He is credited with uncovering major retail and credit bureau cyber break-ins including the 2013 Target holiday shopping intrusion, exposing hidden malware threats and identifying clandestine activities of online criminals.

Responding to the award, Krebs noted that he often works on stories with security professionals who are also passionate about protecting their end-users. However, from his journalistic vantage point, he pointed out that the industry as a whole needs to be more willing to share vital abuse information within the vetted community to help identify and block cybercrime as it develops.

"Unfortunately, the crooks are doing a better job than the security industry of sharing information right now. They also have gotten better at not putting all their eggs in one basket and spreading around their parasitical behavior, making it harder to detect.

"We need a better way to gauge the reputation of various online enterprises in the ecosystem. We need to develop a self-defense immune system that can provide feedback when a hosting provider or network operator starts showing it is inflected with a high concentration of parasites," Krebs said.

Among the breaking stories Krebs has researched and reported over the years:

  • He discovered and alerted retailers of recent financial data theft at Neiman Marcus, arts and crafts store Michaels and Target.
  • He identified recent data theft at Marriot, Hilton, Sheraton and Westin hotels.
  • He exposed the sale of personal data from a major credit reporting service to an underground identity theft service.
  • He exposed the availability of personal identity information taken from the three major credit reporting services, including social security numbers and birth dates, on a site that sold inexpensive credit reports directly to the public.
  • Through elaborate research and detailed tracking, Krebs identified the McColo hosting provider as one of the largest sources of spam at the time, leading to the shutdown of the service.

"Brian Krebs has created a whole new world of journalism, proving it is possible for a dedicated reporter to make a good living by pursuing in depth investigative reporting that has a noteworthy impact on society. He quite often focuses on the narratives no one else wants to cover, yet these turn out to be the stories that no one can stop talking about once they hit the street," said M3AAWG Co-Chairman Chris Roosenraad.

The 2014 award was announced at the M3AAWG 30th General Meeting, February 17-21, in San Francisco with 40 sessions covering mobile security, malware identification and mitigation, Web security, public policy and other issues. The Voice and Telephony Anti-Abuse Workshop held during the meeting with industry, government and academia professionals identified key threats and actions to help reduce telephone services exploitation. The M3AAWG 31st General Meeting will be in Brussels, June 9-12, 2014.

The annual M3AAWG Mary Litynski Award recognizes the lifetime achievements of a person who has significantly contributed to making the Internet safer for all. It seeks to acknowledge individuals driven for the greater good. As with the 2014 award, submissions for the 2015 award are open to the public at http://www.maawg.org/events/maawg-mary-litynski-award.

About the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG)

The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) is where the industry comes together to work against bots, malware, spam, viruses, denial-of-service attacks and other online exploitation. M3AAWG (www.M3AAWG.org) represents more than one billion mailboxes from some of the largest network operators worldwide. It leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services through technology, collaboration and public policy. It also works to educate global policy makers on the technical and operational issues related to online abuse and messaging. Headquartered in San Francisco, Calif., M3AAWG is driven by market needs and supported by major network operators and messaging providers.

M3AAWG Board of Directors: AT&T (NYSE: T); CenturyLink (NYSE: CTL); Cloudmark, Inc.; Comcast (NASDAQ: CMCSA); Constant Contact (NASDAQ: CTCT); Cox Communications; Damballa, Inc.; Facebook; Google; Mailchimp; Oracle/Eloqua; Orange (NYSE and Euronext: ORA); PayPal; Return Path; Time Warner Cable; Verizon Communications; and Yahoo! Inc.

M3AAWG Full Members: 1&1 Internet AG; Adobe Systems Inc.; AOL; BAE Systems Detica; Cisco Systems, Inc.; CloudFlare; Dynamic Network Services Inc.; Experian Marketing Services; iContact; Internet Initiative Japan (IIJ, NASDAQ: IIJI); LinkedIn; McAfee Inc.; Message Bus; Mimecast; Nominum, Inc.; Proofpoint; Scality; Spamhaus; Sprint; and Twitter.

A complete member list is available at http://www.m3aawg.org/about/roster.

Add to Digg Bookmark with del.icio.us Add to Newsvine

Media Contact:
Linda Marcus, APR
1+714-974-6356 (U.S. Pacific)
Email Contact
Astra Communications

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
SYS-CON Events announced today that Enzu will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Enzu’s mission is to be the leading provider of enterprise cloud solutions worldwide. Enzu enables online businesses to use its IT infrastructure to their competitive advantage. By offering a suite of proven hosting and management services, Enzu wants companies to focus on the core of their online busine...
In his session at 19th Cloud Expo, Nick Son, Vice President of Cyber Risk & Public Sector at Coalfire, will discuss the latest information on the FedRAMP Program. Topics will cover: FedRAMP Readiness Assessment Report (RAR). This new process is designed to streamline and accelerate the FedRAMP process from the traditional timeline by initially focusing on technical capability instead of documentation preparedness. FedRAMP for High-impact level systems. Early in 2016 FedRAMP officially publishe...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
Join IBM November 2 at 19th Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA, and learn how to go beyond multi-speed it to bring agility to traditional enterprise applications. Technology innovation is the driving force behind modern business and enterprises must respond by increasing the speed and efficiency of software delivery. The challenge is that existing enterprise applications are expensive to develop and difficult to modernize. This often results in what Gartner calls...
WebRTC sits at the intersection between VoIP and the Web. As such, it poses some interesting challenges for those developing services on top of it, but also for those who need to test and monitor these services. In his session at WebRTC Summit, Tsahi Levent-Levi, co-founder of testRTC, reviewed the various challenges posed by WebRTC when it comes to testing and monitoring and on ways to overcome them.
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Business Development at Nvidia, will discuss the accelerating pace of AI development and how IBM Cloud and NVIDIA are partnering to bring AI capabilities to "every day," on-demand. They will also review two "free infrastruct...
Qosmos, the market leader for IP traffic classification and network intelligence technology, has announced that it will launch the Launch L7 Viewer at CloudExpo | @ThingsExpo Silicon Valley, being held November 1 – 3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. The L7 Viewer is a traffic analysis tool that provides complete visibility of all network traffic that crosses a virtualized infrastructure, up to Layer 7. It facilitates and accelerates common IT tasks such as VM migra...
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, discussed how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.
Rapid innovation, changing business landscapes, and new IT demands force businesses to make changes quickly. In the eyes of many, containers are at the brink of becoming a pervasive technology in enterprise IT to accelerate application delivery. In this presentation, you'll learn about the: The transformation of IT to a DevOps, microservices, and container-based architecture What are containers and how DevOps practices can operate in a container-based environment A demonstration of how Docke...
Smart Cities are here to stay, but for their promise to be delivered, the data they produce must not be put in new siloes. In his session at @ThingsExpo, Mathias Herberts, Co-founder and CTO of Cityzen Data, will deep dive into best practices that will ensure a successful smart city journey.
The Internet of Things (IoT) promises to simplify and streamline our lives by automating routine tasks that distract us from our goals. This promise is based on the ubiquitous deployment of smart, connected devices that link everything from industrial control systems to automobiles to refrigerators. Unfortunately, comparatively few of the devices currently deployed have been developed with an eye toward security, and as the DDoS attacks of late October 2016 have demonstrated, this oversight can ...
President Obama recently announced the launch of a new national awareness campaign to "encourage more Americans to move beyond passwords – adding an extra layer of security like a fingerprint or codes sent to your cellphone." The shift from single passwords to multi-factor authentication couldn’t be timelier or more strategic. This session will focus on why passwords alone are no longer effective, and why the time to act is now. In his session at 19th Cloud Expo, Chris Webber, security strateg...
November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Penta Security is a leading vendor for data security solutions, including its encryption solution, D’Amo. By using FPE technology, D’Amo allows for the implementation of encryption technology to sensitive data fields without modification to schema in the database environment. With businesses having their data become increasingly more complicated in their mission-critical applications (such as ERP, CRM, HRM), continued ...
In the 21st century, security on the Internet has become one of the most important issues. We hear more and more about cyber-attacks on the websites of large corporations, banks and even small businesses. When online we’re concerned not only for our own safety but also our privacy. We have to know that hackers usually start their preparation by investigating the private information of admins – the habits, interests, visited websites and so on. On the other hand, our own security is in danger bec...
Two weeks ago (November 3-5), I attended the Cloud Expo Silicon Valley as a speaker, where I presented on the security and privacy due diligence requirements for cloud solutions. Cloud security is a topical issue for every CIO, CISO, and technology buyer. Decision-makers are always looking for insights on how to mitigate the security risks of implementing and using cloud solutions. Based on the presentation topics covered at the conference, as well as the general discussions heard between sessi...