Category: Current Events

A Summary of the Equifax Hack and What to Do Next

What Happened? Last Thursday, Equifax disclosed an information security breach that compromised personal information on approximately 143 million people in Canada, the United Kingdom, and the United States. The compromised data included: Social Security Number (SSN) Date of Birth (DoB) Address Driver’s License (DL) Number The breach also disclosed the Credit Card (CC) Primary Account […]

Read More…

Thoughts on Fiat Chrysler’s Patching Dilemma

Hi, my name is Aaron and I’m an INFOSEC hipster.  I was worried about the security of our increasingly connected cars back in 2013, which is way before it was cool to be worried about such things.  Someone fetch me some thick, black framed glasses and a PBR while I configure my retro NFR IDS.  […]

Read More…

Thoughts on the CurrentC Hack and Active Defense

According to this article, it looks like CurrentC has suffered a compromise of some sort during its testing phase.  From the article: MCX spokeswoman Linda Walsh said the CurrentC application itself was not impacted, and many of the email addresses were for dummy accounts. An investigation is underway and merchants in the consortium with compromised email […]

Read More…

The Week That Was – 2013.11.25

I’m trying a slightly different format this week.  The article titles I’m discussing are hyperlinked titles introducing the commentary.  I think this breaks it up a little better and lets you pick and choose more easily.  Let me know if you have an opinion one way or the other. This week we discuss Cryptolocker and […]

Read More…

The Week That Was – 2013.11.15

This week we have a wide spectrum of topics.  Facebook subtly calls out Adobe.  We discuss the nuance of malicious code on the International Space Station (ISS), which includes our first ever Bonus Link at no additional cost!  We briefly mention some new published research papers and take a trip in the Way Back Machine […]

Read More…

The Week That Was – 2013-11-05

I’ll get this regular publication thing down yet.  I’m shooting for every Friday.  One of you data nerds out there find a good over/under number for the days past Friday I post a Week That Was article. Now for the content. Last week I talked about the fact that LinkedIn’s new application called “Intro” included […]

Read More…

The Week that Was – 10/28/2013

Last week had a number of interesting developments.  Two of them involved the law, privacy, and security implications. First, the Third Circuit Court ruled that GPS tracking devices attached to vehicles require a probable cause warrant. [9]   I think this is an important ruling for privacy and the 4th Amendment.  I’m a proponent for […]

Read More…

The Week That Was – 10/18/2013

I’m getting back in the saddle this week.  Sorry for the long break. I have a bit of a mix this week.  Some are security-related and others aren’t, but they are still worth looking at.  Here are some items of note: There is big news from Oracle. The have issued a Patch-a-lanche™ for Java.  [8]  […]

Read More…

How to React to the NSA Attack on Standard Cryptosystems

I found an article asking With crypto being insecure, whom do you trust? while reading through the news this morning.  It referenced the joint article from The New York Times and Pro Publica, Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security.  The question is a good one: Who can you trust?  I have […]

Read More…

The Week That Was – 2013-05-13

I have a decent sized batch of links for you all this week.  As a warning, I’ll occasionally wander out of the purely INFOSEC or risk realms.  There are a couple of those items thrown in this week.  It’s important to look around at other subjects to give us perspective and insight.  Part of that […]

Read More…
%d bloggers like this: