Dec 312014
 

Krebs on Security has uncovered another hack that affects another major chain.  Chick-fil-A is now another victim.  Banks have notified Chick-fil-A of this breach and they are investigating with IT security firms, law enforcement, and payment processors for additional information.  This breach seems to be focused in Georgia, Pennsylvania, Maryland, Texas, and Virginia.  Here is the full story.

http://krebsonsecurity.com/2014/12/banks-card-breach-at-some-chick-fil-as/

Dec 302014
 

This is a look back at the first major hack of the year.  The Target hack of 2013 was argueably the biggest breach in history.  Here are a few stories.

http://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data#p1

Dec 292014
 

There is a group out of Russia and Ukraine that has alledgedly been stealing funds from banks since last year.  This group also was responsible for the Staples hack earlier on this year.  Here is the full story…

http://securityaffairs.co/wordpress/31405/cyber-crime/apt-anunak-steals-millions-from-banks.html

http://krebsonsecurity.com/2014/12/gang-hacked-atms-from-inside-banks/#more-29206

Dec 282014
 

LizardSquad is the next hacker group to attack Sony.  This group is responsible for also attacking KrebsonSecurity regularly.  However, in the 2nd article it appears that LizardSquad has made an enemy with Anonymous.

http://krebsonsecurity.com/2014/12/cowards-attack-sony-playstation-microsoft-xbox-networks/

http://thehackernews.com/2014/12/Lizard-Squad-Xbox-playstation.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+TheHackersNews+(The+Hackers+News+-+Security+Blog)&m=1

Dec 272014
 

Many doubt the FBI’s reasons for saying North Korea is behind the Sony attack.  Here is some of the information that the FBI used to determine that North Korea executed the attack.

http://krebsonsecurity.com/2014/12/the-case-for-n-koreas-role-in-sony-hack/

Dec 262014
 

Those of you who use GitHub for Windows or Mac please update your software as there is a remote execution risk.
http://www.scmagazine.com/github-for-windows-and-mac-vulnerable-to-bug/article/389352/

Dec 252014
 

NTP time protocol is everywhere in industrial systems.  A new flaw has been discovered allows for an attacker to execute code due to a weak encryption algorithm.  A patch is available for Redhat/Centos and Debian systems and should be applied ASAP. 

https://ics-cert.us-cert.gov/advisories/ICSA-14-353-01

WordPress Appliance - Powered by TurnKey Linux