In case you didn’t see this last month, it’s worth noting in light of current news stories about Chris Roberts’ research and claims. Public Intelligence writes: The following private industry notification was published online by RenderMan of RenderLab in late April. The notification concerns claims made by security researcher Chris Roberts about vulnerabilities in “commercial aircraft’s onboard avionics and wireless networks…
Category: Business Sector
Starbucks blaming passwords, victims doesn’t fix the problem; burning questions about attack remain
As I pointed out in reporting on Starbuck’s response to Bob Sullivan’s disclosure of a breach involving the mobile app accounts, not everyone would find their explanation and response satisfactory. Today, Bob Sullivan fired back: Since I broke news of the Starbucks mobile pay / gift card /credit card attack last Monday, there has been some confusion…
Meru Cabs was exposing customer data
I had missed this one, but DataBreachToday has a write-up about the exposure of Meru Cabs customer data due to logs from its mobile app not being secured. The exposed data in the logs “included customers’ personally identifiable information, including mobile numbers, email addresses, pickup and drop locations, masked credit-card numbers, payment notification logs, Meru booking…
Hanoi IT engineers arrested for stealing, selling credit card info
Thanh Nien News reports: The Hanoi police have arrested three young IT engineers who allegedly hacked into tens of thousands of credit cards and sold the information for more than VND400 million (US$18,380). Le Van Nguyen, Nguyen Trong Hong, and Dang Quang Thanh Thanh, all 25, graduated from a university in information technology and have…
How the Washington Post was hijacked by the Syrian Electronic Army (again)
Graham Cluley reports: The Syrian Electronic Army appears to have successfully scalped another high profile media outlet, briefly hijacking the mobile version of the Washington Post website to display pop-up messages claiming that the media is not telling the truth. […] In this latest incident, as Motherboard reports, the hackers claim that they broke into systems belonging to Instart…
Starbucks mobile app hacked? No, says Starbucks.
I had held off reporting a scam involving Starbucks mobile app, and I’m glad I did, because Starbucks says there’s been no compromise of their app or system. In a statement on their site, they write: Starbucks takes the obligation to protect customers’ information seriously. News reports that the Starbucks mobile app has been hacked are…