Several weeks ago, I reported that some researchers had contacted me anonymously to give me a slew of vulnerabilities they had uncovered in their research. As a result of the FBI’s over-the-top raid on Justin Shafer, they had become scared of trying to notify entities of what they had found. They left it up to me to decide…
Category: Business Sector
NJ financial advisor admits identity theft that cost clients $500k
Sergio Bichao reports: A Middletown financial advisor accused of bilking nearly 20 clients out of a half million dollars has pleaded guilty to the charges against him. Christopher D. Biello [aka Christopher Sherman], 43, is facing as many as 14 years in prison when he is sentenced Nov. 4, and may be ordered to pay…
GoToMyPC accounts hacked, all customer passwords reset
Graham Cluley reports: Experiencing a problem logging into GoToMyPC? There’s a reason for that. Your password has been reset by Citrix, the company which runs GoToMyPC.com, after hackers reportedly attacked the service. Read more on GrahamCluley.com. I wonder what the “very sophisticated password attack” was.
How Hired Hackers Got “Complete Control” Of Palantir
William Alden reports: Palantir Technologies has cultivated a reputation as perhaps the most formidable data analysis firm in Silicon Valley, doing secretive work for defense and intelligence agencies as well as Wall Street giants. But when Palantir hired professional hackers to test the security of its own information systems late last year, the hackers found…
Military families victimized by a McDonald’s employee taking orders
Margaret Kavanagh reports: Purchasing some fast food turned into a big problem for some people in Norfolk. Right now a former McDonald’s employee is facing 5 felony charges, accused of skimming credit cards from customers. Police said the vast majority of victims are either in the military or related to someone in the military because…
Screwing up the basics of incident response, Friday edition
For today’s object lesson (and maybe abject lesson), I give you FIS Global and Guaranty Bank and Trust. I’ve written up the incident in more detail over on the Daily Dot, but the short version is a hacker (@1×0123) found a vulnerability in FIS Global’s client portal login and tweeted about it. FIS didn’t respond to him directly. Instead, they…