+ Reply to Thread
Page 5 of 34 FirstFirst ... 3 4 5 6 7 15 ... LastLast
Results 81 to 100 of 662
  1. #81
    BG Content
    Join Date
    Oct 2005
    Posts
    62,818
    BG Level
    10
    FFXIV Character
    Six Souls
    FFXIV Server
    Gilgamesh
    FFXI Server
    Quetzalcoatl
    WoW Realm
    Malorne
    Blog Entries
    9

    DQ hit with the same hack that hit Target/Jimmy John's/SuperValu, It's unsure which locations are affected
    After breaching the cyber security systems of companies like Target, Jimmy John's and, most recently, SuperValu, the auspicious-sounding "Backoff" malware virus has hit Minnesota-based Dairy Queen. It's an unsettling development. It's another cyber break-in, another chance at stolen credit or debit card numbers. As of now, the damage is still unknown.

    According to cybersecurity journalist Brian Krebs, who first reported on the breach on Tuesday, the situation's bad, but it's probably not catostrophic. This isn't a Target situation, which saw 40 million credit and debit cards stolen. Dairy Queens are different. Most are run independently, so there's not as much risk of a huge, company-wide breach.

    But there's a flip side, too. Because there are so many unique locations, it may take months before the company even knows how many stores were breached and had information stolen.

    We don't yet know how Minnesota fits into all of this yet. Dairy Queen is headquartered here and has loads of locations in the state, but if we're lucky, we may actually get out of this unscathed. Krebs reports that credits cards in nearby states like Illinois and Indiana have already been hit from the DQ breach. But Minneapolis -- for now, at least -- is safe.

    For their part, Dairy Queen isn't saying much. Dean Peters, the head of communications for Dairy Queen, acknowledged in a statement that the company's franchises were at risk from the virus, but it's still investigating.

    Gopal Khanna, an IT expert and Minnesota's first Chief Information Officer, says we still outght to be plenty concerned. Even if each Dairy Queen franchise is something like a "mom and pop" store, the whole operation could still be at risk. It's a consequence of living in a fully connected world.

    "We cannot look at any one piece of the link anymore," Khanna says. "Any link can bring down the supply chain."

    Just ten or twenty years ago, Khanna says, controlling a breach would have been easy. The important info -- card numbers, names, addresses -- could be protected, unplugged or locked up in a safe. But in the new, connected "cyber marketplace," that's all changed. The barriers are falling.
    http://blogs.citypages.com/blotter/2...airy_queen.php
    http://krebsonsecurity.com/2014/08/d...would-it-know/

  2. #82

  3. #83

    http://www.computerworld.com/article...e-oh-wait.html

    Healthcare.gov?! OMG HOW?! it's not like people gave a congressional oversight hearing about how hackable it was and then nothing was changed!

  4. #84
    Chram
    Join Date
    Jul 2005
    Posts
    2,582
    BG Level
    7
    FFXIV Character
    Deejay Zombie
    FFXIV Server
    Excalibur

    "We have taken measures to increase security" we uh... changed the default password on the server.

  5. #85

    I thought them saying "Nothing was stolen" was pretty funny. It's not like stealing a TV where people come home and go "oh shit our TV is gone, we were robbed!!"

    "We have taken measures to increase security" we uh... changed the default password on the server.
    admin:qwerty isn't secure?

  6. #86
    listen!
    Join Date
    Apr 2011
    Posts
    7,236
    BG Level
    8
    FFXI Server
    Sylph

    Quote Originally Posted by Meresgi View Post
    I thought them saying "Nothing was stolen" was pretty funny. It's not like stealing a TV where people come home and go "oh shit our TV is gone, we were robbed!!"
    Nothing was stolen, the hackers merely made a copy of the data. The original data is still there, therefore not stolen.

  7. #87

    Quote Originally Posted by hey View Post
    Nothing was stolen, the hackers merely made a copy of the data. The original data is still there, therefore not stolen.


  8. #88

    https://nakedsecurity.sophos.com/201...-instructions/


    Bad USB in the wild now. Github has the code and a list of compatible usb devices, though you can write it for whatever firmware your device is using. Going to test it out when I get home. Pretty nice and saves me the $$ for buying a Ducky, or configuring a teensy.

  9. #89
    BG Content
    Join Date
    Oct 2005
    Posts
    62,818
    BG Level
    10
    FFXIV Character
    Six Souls
    FFXIV Server
    Gilgamesh
    FFXI Server
    Quetzalcoatl
    WoW Realm
    Malorne
    Blog Entries
    9

    Jimmy Johns has made a list available of all of their locations that were hacked and the time periods the data was extracted during;

    https://www.jimmyjohns.com/datasecur...toredates.html

  10. #90
    BG Content
    Join Date
    Oct 2005
    Posts
    62,818
    BG Level
    10
    FFXIV Character
    Six Souls
    FFXIV Server
    Gilgamesh
    FFXI Server
    Quetzalcoatl
    WoW Realm
    Malorne
    Blog Entries
    9

    Kmart Hacked...¯\_(ツ)_/¯
    On Thursday, Oct. 9, Kmart's Information Technology team detected our payment data systems had been breached and immediately launched a full investigation working with a leading IT security firm.

    Our investigation to date indicates the breach started in early September. According to the security experts we have been working with, our Kmart store payment data systems were infected with a form of malware that was undetectable by current anti-virus systems. We were able to quickly remove the malware. However, we believe certain debit and credit card numbers have been compromised.
    http://searsholdings.mediaroom.com/i...10&item=137317

    Dairy Queen releases a list of which locations were hacked
    http://www.dq.com/us-en/datasecurity...ocalechange=1&

  11. #91
    BG Content
    Join Date
    Jul 2007
    Posts
    21,105
    BG Level
    10
    FFXI Server
    Lakshmi
    Blog Entries
    1

    Why do companies store payment information if they can't keep them private?

  12. #92

    Because there's no such thing as a secure system.

  13. #93

    Quote Originally Posted by GoggleHead View Post
    Because there's no such thing as a secure system.
    Every system is secure...



    ..until it is connected to anything or anyone! :D

  14. #94
    True skill only comes from macro switching all your e-peen gear thru 10 pages
    Join Date
    Sep 2007
    Posts
    5,039
    BG Level
    8
    FFXI Server
    Quetzalcoatl



    lol, that shit never gets old ^

  15. #95
    BG Content
    Join Date
    Oct 2005
    Posts
    62,818
    BG Level
    10
    FFXIV Character
    Six Souls
    FFXIV Server
    Gilgamesh
    FFXI Server
    Quetzalcoatl
    WoW Realm
    Malorne
    Blog Entries
    9

    Staples Breached, Damage Unknown
    Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a data breach. Staples says it is investigating “a potential issue” and has contacted law enforcement.

    According to more than a half-dozen sources at banks operating on the East Coast, it appears likely that fraudsters have succeeded in stealing customer card data from some subset of Staples locations, including seven Staples stores in Pennsylvania, at least three in New York City, and another in New Jersey.

    Framingham, Mass.-based Staples has more than 1,800 stores nationwide, but so far the banks contacted by this reporter have traced a pattern of fraudulent transactions on a group of cards that had all previously been used at a small number of Staples locations in the Northeast.
    https://krebsonsecurity.com/2014/10/...taples-stores/

    Microsoft Office vulnerability found, said to be as dangerous as Heartbleed & Shellshock
    Microsoft has advised users that a new security flaw has been discovered within Microsoft Office that makes it possible for hackers to gain administrative rights to user accounts. The company said the flaw is primarily found in PowerPoint, which has been the target of “limited, targeted attacks.”

    The hack hasn’t yet been given a label like headline-makers Heartbleed and Shellshock, but it has been classified as a zero-day attack, defined as a threat that infiltrates a system through a previously unknown vulnerability. In this case that vulnerability is a malicious Object Linking and Embedding object, a proprietary piece of Microsoft technology that makes it possible for PowerPoint users to embed and link to documents within a slideshow.

    “User interaction is required to exploit this vulnerability,” Microsoft explained in a security advisory published Tuesday evening. “In an email attack scenario, an attack could exploit the vulnerability by sending a specifically crafted file to the user. For this attack scenario to be successful, the user must be convinced to open the specially crafted file containing the malicious OLE object. … In a Web-based scenario, an attacker would have to host a website that contains a specially crafted Microsoft Office file, such as a PowerPoint file, that is used in an attempt to exploit the vulnerability.”
    http://www.ibtimes.com/microsoft-off...rpoint-1710176
    https://technet.microsoft.com/en-us/...y/3010060.aspx

  16. #96

    http://www.businessinsider.com/currentc-hacked-2014-10

    Here's a bad sign for CurrentC, the fledgling mobile payment system in development by a consortium of retailers.

    CurrentC is sending emails to people who signed up for the beta version of the app warning them "that unauthorized third parties obtained the e-mail addresses of some of you."
    CurrentC, the answer from retailers and headed by Wal-Mart in opposition of the other NFC payment shit like ApplePay and googlewallet has already been hacked.

    Within the last 36 hours, we learned that unauthorized third parties obtained the e-mail addresses of some of our CurrentC pilot program participants and individuals who had expressed interest in the app. Many of these email addresses are dummy accounts used for testing purposes only. The CurrentC app itself was not affected.
    Shit is hilarious, and NFC payment is horrible right now. You can find code to compile into an .apk that lets you scan nearby NFC transmissions. Pretty sure there was 1 or 2 Blackhat or Defcon presentations on this a few years back.

  17. #97
    BG Content
    Join Date
    Oct 2005
    Posts
    62,818
    BG Level
    10
    FFXIV Character
    Six Souls
    FFXIV Server
    Gilgamesh
    FFXI Server
    Quetzalcoatl
    WoW Realm
    Malorne
    Blog Entries
    9

    The White House
    The unclassified Executive Office of the President network was attacked, according to the Washington Post.

    US authorities are reported to be investigating the breach, which was reported to officials by an ally of the US, sources said.

    White House officials believe the attack was state-sponsored but are not saying what - if any - data was taken.

    In a statement to the AFP news agency, the White House said "some elements of the unclassified network" had been affected.

    A White House official, speaking on condition of anonymity, told the Washington Post: "In the course of assessing recent threats, we identified activity of concern on the unclassified EOP network.

    "Any such activity is something we take very seriously. In this case, we took immediate measures to evaluate and mitigate the activity.
    http://www.bbc.com/news/technology-29817644
    http://www.washingtonpost.com/world/...251_story.html

  18. #98
    BG Content
    Join Date
    Oct 2005
    Posts
    62,818
    BG Level
    10
    FFXIV Character
    Six Souls
    FFXIV Server
    Gilgamesh
    FFXI Server
    Quetzalcoatl
    WoW Realm
    Malorne
    Blog Entries
    9

    Drupal - If you didn't patch this within the first 7 hours of it being discovered on Oct 15th, you're probably compromised (they announced it on Oct 29th)
    Up to 12 million websites affected


    https://www.drupal.org/PSA-2014-003

  19. #99
    Member since 2006 and still can't think of a title.
    Join Date
    Oct 2006
    Posts
    25,287
    BG Level
    10
    FFXIV Character
    Acanis Lindri
    FFXIV Server
    Midgardsormr
    FFXI Server
    Bismarck
    WoW Realm
    Kil'jaeden

    USPS: We deliver security breaches to you

    http://www.cnn.com/2014/11/10/politi...html?hpt=hp_t2

  20. #100
    True skill only comes from macro switching all your e-peen gear thru 10 pages
    Join Date
    Sep 2007
    Posts
    5,039
    BG Level
    8
    FFXI Server
    Quetzalcoatl

    Sony Pictures



    Reports that Sony Pictures has been hacked have been trickling in this morning, after a thread appeared on Reddit claiming all computers at the company were offline due to a hack.

    According to the Reddit thread, an image appeared on all employee’s computers reading “Hacked by #GOP” and demanding their “requests be met” along with links to leaked data.

    The Reddit user that posted the thread posted a year ago that they worked at Sony Pictures...
    http://thenextweb.com/insider/2014/1...uters-offline/

    http://www.reddit.com/r/hacking/comm..._friend_still/

+ Reply to Thread
Page 5 of 34 FirstFirst ... 3 4 5 6 7 15 ... LastLast

Quick Reply Quick Reply

  • Decrease Size
    Increase Size
  • Remove Text Formatting
  • Insert Link Insert Image Insert Video
  • Wrap [QUOTE] tags around selected text
  • Insert NSFW Tag
  • Insert Spoiler Tag