CarmeloWalsh[.]com

Oracle Systems Breached… MICROS Point of Sale Systems’ Customer Portal Breached

Posted on August 8, 2016 by Carmelo

Oracle had their computer systems breached and that lead to the compromise of the MICROS customer service portal.

The MICROS customer service portal system had traffic going to a server owned/operated by Carbanak. MICROS is owned by Oracle’s retail division. According to Brian Krebs’ website, there was 700 systems at Oracle that were infected. The malware planted on Oracle’s systems enabled Carbanak to steal customers’ login credentials.

Over 330,000 MICROS point of sales systems are employed in many retail businesses… to name a few are Starbucks, Sonic, Burger King, IKEA, Helzberg diamonds, MGM resorts, Wyndham, Hilton, Marriott. Here is a graphic on Brian’s site.

More details are still coming as the coverage and capability of the attack are still being investigated.

Read about it on KrebsOnSecurity or on Fortune

Posted in Security Blog | Tagged 2016, breach, Brian Krebs, Carbanak, data breach, hacked, malware, Oracle | Comments Off

DEFCON 2016

Posted on August 6, 2016 by Carmelo

Posted in Security Blog | Tagged 2016, defcon, defcon2016, defcon24, lol | Comments Off

Happy 25th Birthday to the World Wide Web

Posted on August 6, 2016 by Carmelo

The very first webpage was put online 25 years ago today and it’s still available here! The creator is Tim Berners-Lee and his wiki page is impressive :)

The Internet (which is the infrastructure on which the web and other services run on) is 45 years old.

Posted in Security Blog | Tagged 1991, 2016 | Comments Off

CEO Fired After Fake Email Loses Firm $47 Million

Posted on July 20, 2016 by Carmelo

FACC, in May has let their CEO, Walter Stephan, go after a fake email made it’s way to the financial controllers office and €52.8 million ($58 million USD) was wired out of the company. It caused their stock to drop by 38%. The company supplies Boeing and Airbus.

A month prior, FACC sacked its CFO, because fraudsters had targeted the financial accounting department. The company had not identified malware related to the fraud and said it was pursuing damages and insurance claims.

The company was able to halt $10.9 million.

Fraudsters may establish a bogus email address to pose as the CEO and then convince a subordinate in the finance department to wire funds to an overseas account under the pretense it is due to a known supplier. The FBI has warned that fraudsters target firms with international suppliers.

Confessions of a Cyber Spy Hunter

Posted on July 20, 2016 by Carmelo

With over 20 years of experience leading high technology companies out of Silicon Valley, Eric has played a part in shaping the industry as an executive at heavyweights like McAfee, Symantec, and Cisco. Today, he is the CEO of ZanttZ, a company that is developing stealth cyber security technology solutions. Eric and his company are at the forefront of the latest developments in the world of global espionage, and the merging of man and machine. He attests that the Hollywood-created image of the daring secret agent sneaking into a foreign government’s laser protected server room to steal top secret information couldn’t be further from modern reality. In fact, the “James Bond” of the 21st century doesn’t just use a computer, he is the computer.

Sure, this video is 3 years old, but it’s really interesting.

Posted in Security Blog | Tagged 2013, advanced persistent threat, APT, breach, computer security, cyber risk, cyber warfare, cybercrime, cyberwarfare, hacking, malware, Security Awareness, spy, ted, video tutorial, virus, warfare | Comments Off

The Neus

Posted on July 17, 2016 by Carmelo

Justin Neu came to town with his family, another Marine I haven’t seen in 20 years! We had to make a recreation of one of our pictures from when we were young and dumb.

in 1994 in Japan

22 Years later

Carmelo, Justin, Emily, TJ, Kenny, Ana, Mena, Damien, Jaime

Posted in life | Comments Off

National Crime Agency in the UK

Posted on July 16, 2016 by Carmelo

The National Crime Agency in the UK has published the National Crime Assessment, it is a fantastic read and can be found here.

An interesting fact is that plain crime is at 47% total crimes committed, while computer misuse and computer enabled fraud total up to 53% of total crime. Thusly, cyber crime has tipped the scales and has overtaken other crimes.

Some thoughts, is it because not everybody has the right amount of security awareness? Is it because there is inconsistencies in tracking down the bad guys? The office of national statistics in the UK states that there were 2.46 million incidents with 2.11 million victims in the UK in 2015.

I feel that the reason why this is so is because not enough people are doing the right things… the basic things, to protect themselves and to protect what they are custodians and guardians of. Individually, government and businesses are not doing the very basic things to safeguard data.

Read the report here!

Posted in Security Blog | Tagged 2016, breach report, breaches, risk analysis, Security Awareness, UK | Comments Off

1/3 of Wendy’s Locations Compromised

Posted on July 12, 2016 by Carmelo

1,025 out of the 3,000 Wendy’s locations had malware on their Point-Of-Sale systems. Investigation has uncovered that infection and exfiltration of credit card information (names, numbers, expiration dates) going back to January of 2015.

We believe this series of cybersecurity attacks resulted from certain service providers’ remote access credentials being compromised, allowing access to the POS system.

Want to check if you were affected? https://payment.wendys.com/paymentcardcheck.html

More information here and here

Posted in Security Blog | Tagged 2015, 2016, advanced persistent threat, APT, breach, credit card, cybercrime, hacked, malware, PCI Compliance, Security Awareness | Comments Off

Share

Share

Share

Share

Share

Share

Share

Share

Share

Share

Blog Stats