Category Archives: Security Blog

The IRS

Posted on May 26, 2015 by Carmelo

Multiple sources, such as Krebs and Ars Technica, report that a lot of fraudulent activity has focused around the Get Transcript app on the IRS website. To obtain a transcript online, all that was needed to start the process was … Continue reading

Posted in Security Blog | Tagged , , , , , , | Comments Off on The IRS

Malachite

Posted on May 22, 2015 by Carmelo
Posted in Security Blog | Tagged , , | Comments Off on Malachite

Adult Friend Finder Data Breach: Sexploitation?

Posted on May 22, 2015 by Carmelo

The hook up site, Adult Friend Finder, suffered a data breach. Close to four million users had their data taken. Data included personal details, including email addresses, user-names, dates of birth, postal codes and IP addresses. Many members did not … Continue reading

Posted in Security Blog | Tagged , , , , , , | Comments Off on Adult Friend Finder Data Breach: Sexploitation?

LogJam, FREAK’s Ugly Cousin

Posted on May 22, 2015 by Carmelo

A new encryption attack, called LogJam, has emerged that allows attackers to read and modify the sensitive data passing through encrypted connections, potentially affecting hundreds of thousands of HTTPS-protected sites, mail servers, and other widely used Internet services. A man-in-the-middle … Continue reading

Posted in Security Blog | Tagged , , , , , | Comments Off on LogJam, FREAK’s Ugly Cousin

Chris Roberts. Plane Hacker

Posted on May 18, 2015 by Carmelo

Chris Roberts tweeted what appeared to be a joke about “playing” with a United Airlines plane’s in-flight entertainment and crew-alerting system on April 15. Once he landed, he was questioned by the FBI for several hours. Some of his computer … Continue reading

Posted in Security Blog | Tagged , , , , , , , | Comments Off on Chris Roberts. Plane Hacker

18,000 Passwords from Pennsylvania State University’s College of Engineering

Posted on May 18, 2015 by Carmelo

A breach at Penn State launched an investigation that usernames and passwords from more than 18,000 people may have been accessed. The FBI first alerted the university of the cyberattack in November 2014. The school then hired security firm FireEye … Continue reading

Posted in Security Blog | Tagged , , , , , , | Comments Off on 18,000 Passwords from Pennsylvania State University’s College of Engineering

Starbucks Customers Targeted

Posted on May 13, 2015 by Carmelo

Starbucks customers have been targeted and money is being syphoned from the credit or debit card they have tied to their Starbucks accounts… Why would you even do this? No idea. But when you go for convenience, you usually sacrifice … Continue reading

Posted in Security Blog | Tagged , , , , , , | Comments Off on Starbucks Customers Targeted

Virtual Environment Neglected Operations Manipulation: VENOM

Posted on May 13, 2015 by Carmelo

“Virtual Environment Neglected Operations Manipulation” or Venom, is a new vulnerability that could allow a hacker to infiltrate potentially every machine on a data center’s network, leaving millions of virtual machines vulnerable to attack, if they run QEMU… Venom can … Continue reading

Posted in Security Blog | Tagged , , , | Comments Off on Virtual Environment Neglected Operations Manipulation: VENOM

Microsoft Patching

Posted on May 7, 2015 by Carmelo

Historically, updates to fix security are called patches because back in the day when we used punch cards to program stuff, if we did something wrong, we would affix paper patches over the holes in the punch cards. True story! … Continue reading

Posted in Security Blog | Tagged , , | Comments Off on Microsoft Patching

Wells Fargo Credit Cards

Posted on May 7, 2015 by Carmelo

In order to meet tough sales quotas and unrealistic goals, credit accounts are (allegedly) being opened by Wells Fargo employees, according to the civil complaint filed by the Los Angeles City Attorney. The fraud complaint charges state that in order … Continue reading

Posted in Security Blog | Tagged , , , , | Comments Off on Wells Fargo Credit Cards