Blog Archives

Update: PF Changs in Chattanooga affected by security breach

“On Tuesday, June 10, the United States Secret Service alerted P.F. Chang’s to a possible security compromise involving credit and debit card data reportedly stolen from certain P.F. Chang’s China Bistro branded restaurants located in the continental United States. An investigation into this incident was immediately initiated. Our team, including third-party forensics experts, has been working continuously to understand the nature and scope of the incident. This investigation is

Mozilla leaks addresses and passwords of developers

Another company suffers data loss, this time from a failed “data santization script.”

Microsoft EMET 5.0

If you want to improve Windows security, and you are a power user, you should be using EMET.  Now allows blocking of plugins per application, aka no calls to java via Word.

Jimmy John’s Sandwich may have suffered data breach

A breach may have occurred.  If you used your credit card at JJ’s recently, you might want to call your card company to make sure all is well.

BadUSB’s debut at Blackhat

A new vulnerability will allow USB devices to impersonate other USB devices such as keyboards or networking cards, allowing covert/malicious attacks.

CIA did monitor the Senate

“The head of the Central Intelligence Agency has apologized to leaders of the Senate Intelligence Committee after determining that his officers improperly accessed computers that were supposed to be available only to committee investigators”

Android Fake ID Vulnerability

“Researchers named the flaw “Fake ID” because it allows malicious applications to pass fake credentials to Android OS, which fails to properly verify the application’s cryptographic signature.”

New “Mayhem” *nix malware attacks Linux and FreeBSD

Sophisticated new malware turns servers into bots.  Make sure you patch your unix-like boxes.

Apple responds to “Back Doors” in IOS

They says it’s for diagnostic purposes.  Original forensic expert responds to their claims.

MailPoet vulnerability endangers WordPress, Joomla

the vulnerability in MailPoet, a WordPress plugin with more than 1.7 million downloads, allows attackers to upload any file of their choice to vulnerable servers