May 31, 2016 
A federal appeals court find that just labeling a clause “mandatory arbitration” does not make it “legal”. Class action ability for wage-and-hour violation was preserved in one district. Story Tweet
May 31, 2016 The laws regarding privacy, breach reporting and more for many countries around the world via an excellent web interface. Also downloadable for one country or all to PDF. Great stuff. Story Tweet
May 30, 2016 
Answers to the questions you really want answered, presented in an attractive format, call to you. Is it real or a siren song leading to malware? Story Tweet
May 30, 2016 Almost 80% of the US owns a smartphone. Story Tweet
May 30, 2016 Tumblr/Yahoo management say its no big deal, but some of your accounts were hacked in 2013. The data is out there and we just won’t mention how many. Other cyber security people found over 65 million accounts were exposed for years! Story Tweet
May 29, 2016 
MySpace hacked exposing 360 million records taking 2016 exposures to date to 1.2 billion. Previous high was 2014 with 1.4– billion for the whole year. (chart). Story Tweet
May 29, 2016 Pakistan’s #1 real estate web site hacked exposing an unknown number of registered users. Hacker reported weakness to them, but they didn’t “take it seriously”. Story Tweet
May 29, 2016 
Multiple grabs for power (or reducing consumer protections) that are pretty much missing from today’s “news”
Your email getting grabbed without a warrant. Story Tweet
FCC ability to enforce net neutrality rules, gutted. Story Tweet
Your cell phone hacked by public charging stations. Story Tweet
Cybersecurity: wireless hack #1 … in 1903. Story Tweet
May 29, 2016 Bad enough having an account hacked, but being turned into a PornBot? Story Tweet
May 28, 2016 
Bitcoin exchange Mt. Gox bankruptcy reveals numbers that just don’t add up by trillions of US dollars. Even reducing the difference by an order of magnitude the vanished value makes Madoff look like a rounding error. This Update Start of Story Tweet
May 27, 2016 Another bank heist via SWIFT in 2013 not disseminated to the public or the banking community. This Update Start of Story Tweet
May 27, 2016 AES-256 encrypted drives can be brute-forced. Surprise! Story Tweet
May 27, 2016 You highlight something on a web page and copy it, but is what wound up in your copy buffer only what you think you saw? Ah, maybe not so much. Story Tweet
May 27, 2016 USB charger is more than meets the eye. Not a Transformer, but a wireless snooper. Story Tweet
May 27, 2016 Cookies are so yesterday. How about tracking how your computer processes a sound to create a fingerprint and track you over 800,000 of the most commonly used domains including Google, Facebook, Yahoo and Twitter? Story Tweet
May 26, 2016 Cars getting ransomware via the computer-based equipment at the mechanic and entire fleets of cars being held for ransom. This Update Start of the Story Tweet
May 26, 2016 When do you get told your information has been exposed? The EU gives companies 72 hours to make a disclosure or face stiff (very stiff) fines. The US has two draft bills, both out of committee, which are pale imitations and are unlikely to reach the House floor anytime soon let alone pass the Senate. This Update Start of the Story Tweet
May 26, 2016 Using gestures as security has been successfully spoofed with a Lego robot continuing to make biometric security questionable. This Update Start of Spoofing Biometrics Tweet
May 25, 2016 New point of sale skimmers are overlaid in seconds. Could you spot one as it clones your card information? Story Tweet
May 24, 2016 
The CEO of SWIFT bank transfer system is expected to announce the apparent: More banks were victims of theft via the SWIFT system than previously acknowledged. Well, uh-DUH! This Update Start of the Story Tweet
May 24, 2016 
Not convicted, not even charged, one man remains in jail for an eight month. Perhaps improperly, a judge used the All Writs Act to compel him to unlock storage devices using his passcode. In those drives there may be evidence he committed a crime. There was no evidence in three other devices. One judge ruled the 5th Amendment protects him from proving the passcode. Three days later another didn’t. Could this happen to you? Why you should turn off fingerprint=passcode functions. The Whole Story Tweet1 Tweet2
May 24, 2016 Update Noodles & Company may have been hacked for months before consumers were notified. This Update Start of the Story Tweet
May 23, 2016 The Great Swiss Bank Heist that itself stayed secret for years. How a bank siphoned funds representing a considerable amount of other nation’s tax base and either caused, or exacerbated, the collapse of national economies. Story Tweet
May 23, 2016 In under 3 hours, 1,600 cards made from stolen data, were used by 100+ crooks to obtain yen equivalent of $13M from ATMs in Japan. Story Tweet
May 23, 2016 Network problems plague Yahoo for three days. Comcast east coast is all red from DC north to Maine. Story Tweet
May 23, 2016 Update to GPS and misadventures: This one involves the driving of a car into the Great Lakes by a sober driver whose actions didn’t quite mesh with the GPS. This Update Start of the Story Tweet
May 23, 2016 Update: Data from 5 more banks posted on line. This Update Start of the Story Tweet
May 23, 2016 UK orders banks to review SWIFT security following more reports of bank theft. This Update Start of the Story Tweet
May 23, 2016 Find government bug? Report, don’t hack. No response? Contact bigger voices. Don’t hack. You’ll lose. Story Tweet
May 23, 2016 InstaGram account validation email could be spoofed, but researcher figured it out, they fixed it quickly, and paid a bug bounty. Better than being convicted. Story Tweet
May 23, 2016 New Counter Drone Technology commands them to land using directed energy weapon. Story Tweet
May 23, 2016 Does Uber use your call phone’s battery level to apply surge pricing for their profit? Story Tweet
May 22, 2016 
TeslaCrypt leaves the ransomware business and breaks the lock allowing ESET to create a no-charge utility to unlock files. Wow! Story Tweet
May 22, 2016 Weather satellites attacked by hackers. GPS next? Story Tweet
May 22, 2016 New notification rules with heavy fines for non-compliance with 72-hour notification window. Does this apply to US companies doing business in the EU? Story Tweet
May 21, 2016 RunKeeper app tracks your exercise. Good. RunKeeper tracks you others times without telling you. Not so good. Story Tweet
May 20, 2016 
Social scientists scrape data from dating web site and submit it for publication with personally identifiable information (PII) on 70,000 people. Story Tweet
May 20, 2016 Another unreported bank theft via SWIFT. 12 transfers in 10 days. The victim bank is suing, but why did neither bank report it to SWIFT? This Update Start of Story Tweet
May 20, 2016 3,000+ exposed by Australian taxi booking and payment service whose database was on the internet without login requirements. Story Tweet
May 19, 2016 Update regarding the fetish porn website that exposed 100,000 accounts including emails ending in GOV and MIL. This Update Start of the Story Tweet
May 19, 2016 Update to “Coin Counting – Their Way” About a month after the story broke that coin counters were not counting accurately TD Bank closes all coin counters nationwide. This Update Start of the Story Tweet
May 19, 2016 Noodles & Company get outside help to investigate possible card breaches at its hundreds of restaurants in over 30 states. Number exposed? Unknown! Story Tweet
May 18, 2016 dot-GOV and dot-MIL email addresses found in hacked fetish web site. Yes, really. Story Tweet
May 18, 2016 
Update to 2012 LinkedIn breach: Reported at 6.5M four years ago and now confirmed at almost 170M. What the company is doing and what you should do … NOW! This Update Start of the Story Tweet
May 18, 2016 Update SWIFT banking weakness known before Bangladesh, but not sharing cybersecurity information helps crooks, not cops. This Update Start of the Story Tweet
May 17, 2016 iOS 9.3.2 security update has a bad relationship with some iPad Pros leaving users with only bad choices. Story Tweet
May 17, 2016 A ‘botnet of 1M computers performing major click-fraud on advertisers including AdSense. Story Tweet
May 17, 2016 Mobile banking app so flawed all you need is an account number to transfer funds anywhere you want. Bank took 12 days to reply to notification from security researcher. Another researcher: There is much worse. Story Tweet
May 17, 2016 Cybersecurity software is supposed to end vulnerabilities, not create them. CyberSecurity FAIL!!! Story Tweet
May 17, 2016 Would you like on line voting? Do you want your vote to count or be stolen undetected? Cybersecurity isn’t there yet. Story Tweet
May 16, 2016 Apple pulls cybersecurity app from AppStore despite its excellent functionality. Why? Story Tweet
May 16, 2016 Thousands of compromised computers on the “Dark Cloud” host criminal web sites, send spam and more. DNS changes rapidly so tracing the IP address can’t actually find the system. Is yours one of these? Story Tweet
May 16, 2016 Samsung Pay tokens have a weakness to be revealed at Black Hat in Las Vegas. Story Tweet
May 14, 2016 
Twitter cuts off intelligence services from alerts based on datamining the tweet feed. Story Tweet
May 14, 2016 US House of Representatives blocks Google Apps and Yahoo email as ransomware comes calling at our nation’s capitol. Story Tweet
May 14, 2016 Eight good reasons why not to migrate to Windows10. Story Tweet
May 14, 2016 A processing chip in Android devices has a back door that is powerful and not really concealed. It might have been for development, but it made it into production worldwide. ooops! Story Tweet
May 13, 2016 
Wendy’s breach started in late 2015, first reported by independent security researcher (not the company) and half a year later they can not, or will not, report the exact number of stores infected with malware? This Update Start of the Story Tweet
May 13, 2016 
SWIFT bank fund transfer system hacked again. This Update Start of the Story Tweet
May 13, 2016 In 2014 FBI writes to police chief: Don’t use evidence provided by StingRay and create something else for trial use. Story Tweet
May 13, 2016 
The delay in making the breach public cost credit unions considerably and a class action complaint was filed. This Update Start of the Story Tweet
[ Sorry to have missed two days. Storms in Central US damaged computer equipment despite uninterruptable power supplies and surge protectors. Replacing equipment and reconfiguration took a long day and we’re still catching up. -ed ]
May 10, 2016 Bank hack exposes 100,000+ Visa and MasterCard accounts, bank statements and more. Story Tweet
May 10, 2016 Expose a vulnerability in an election database, post a video, get interviewed by the police months later and even later get arrested based on the evidence you provided. Or, avail yourself of the right to remain silent and get arrested for “obstruction of justice”. Story Tweet
May 10, 2016 Apparently whatever you are doing is less important than when Windows 10 decides to do an update. Didn’t even ask before interrupting a live presentation. Story Tweet
May 10, 2016 Android users BEWARE! Some apps on the play store come with a little extra, a malware infection that not only swipes your data, but turns your phone into an evil ‘botnet minion. Story Tweet
May 09, 2016 
Panama Papers names trustees of a university, a medical school and more. What a web. This Update Start of Story Tweet
May 08, 2016 One Ring Scam – the cell phone rings once. Do you call back? Maybe not if the call came from these locations. Story Tweet
May 08, 2016 FBI ransomware payment guidance made clear: Don’t pay. So what are you to do? Story Tweet
May 08, 2016 HTTPS maybe not so “S”. Multiple patches available for OpenSSL. Without updating, the contents can be duplicated and decrypted. Story Tweet
May 08, 2016 Why is the lodging industry such a frequent target of charge card thieves? Turns out Sutton’s Law (that is where the money is) is only one reason. Story Tweet
May 08, 2016 April 2016 Summary: A third of the way through 2016 we have 399 breaches exposing 696.1 million records. That is more exposures than all of 2015. 2016 summary Tweet
May 07, 2016 
Ever feel like your W2 has all the protection of a bag of peanuts at a baseball game? 400K+ exposed at W2 portal. Story Tweet
May 07, 2016 Liberty Reserve founder sentenced to 20 years. Cyber currency held to be massive money laundering system that processed over six billion dollars on behalf of crooks. This Update Start of the Story Tweet
May 07, 2016 Facebook’s repository of facial images created a biometric library collected in violation of Illinois Biometric Information Privacy Act (BIPA). A year into the lawsuit the judge refused to dismiss. More. This Update Start of the Story Tweet
May 06, 2016 
Dridex banking trojan arose January 2015, killed off in October 2015, rises again to target banking customers in the USA! Story Tweet
May 06, 2016 Your GPS can give you the most direct route through Death Valley, but will you live to get home again? Story Tweet
May 06, 2016 
New skimmers farther inside the ATM that insert skimmers. Story Tweet
May 06, 2016 Cell site emulators trick all cell phones into revealing identification and location. For “national security” and “serious crime” only. Yet these multi hundred-thousand dollar tools were used to chase the theft of $60 of chicken wings. That thief got away. Are we getting the facts? Story Tweet
May 05, 2016 Over one billion credentials for sale at $1.00. Eliminating duplicates, still over 150 million including Gmail, Microsoft/Hotmail and Yahoo. Story Tweet
May 05, 2016 US Marshal Scam Update: Some of the crooks making these calls are already in jail, but not because they were caught for this crime. This Update Start of the Story Tweet
May 05, 2016 What happens when a major web site that tracks exposed credentials is itself hacked and exposed? Nothing good. Story Tweet
May 05, 2016 Your face can’t hide anymore as recognition tools harvest millions of available images via social media. Intelligence services, security personnel, and sex workers are all vulnerable to exposure. Story Tweet
May 04, 2016 Samsung “SmartThings” interface can control thousands of internet-of-things devices. Unfortunately it isn’t well protected and control of those devices can be had by crooks. Your home security system, lights, thermostat, toaster … all under criminal control. Story Tweet
May 04, 2016 Instagram pays $10K to 10-year old for finding significant vulnerability. How secure is it when a 10-year old can hack it? Story Tweet
May 03, 2016 ADP portal weakness allows crooks to access unregistered (unused) accounts for employees of 640,000 companies using readily available information. Story Tweet
May 03, 2016 Theranos, a high flying company and a tech media darling, was supposed to revolutionize medical testing. So how did it fly so high before traditional investigation and journalism revealed The Emperor Has No Clothes? Story Tweet
May 03, 2016 FBI Alert on nation-state actors doing bad things via attachments. If you have these symptoms… Story Tweet
May 02, 2016 Involuntary manslaughter gets maybe a year in jail. Hacking a car, even if you cause no damage, gets life? Are we being heavy handed with crooks or discouraging the security researchers who are finding so many ways modern cars are vulnerable? Story Tweet
May 01, 2016 Update to “Qatar National Bank Hack”: The bank has admitted unauthorized access exposing … agents of MI5? This Update Start of the Story Tweet
May 01, 2016 Microsoft Office 365 was found to be massively vulnerable in December 2015 by two security researchers. At exposure risk were business Outlook, Skype, cloud storage and more. How long did this last? Story Tweet
May 01, 2016 Closing cost scam – scares people that their house won’t close unless they wire money to this account. Don’t do it! Someone’s email account was hacked and you are being scared to turn off your rational brain and become a victim. Story Tweet
May 01, 2016 Since 2014 Waze Navigation of Israel has a vulnerability that exposes users to stalking (there is a work around) and the system to ghost-car injection making for false traffic reporting. Story Tweet
May 01, 2016 Since 2015 Facebook “completely owned” by a hacker who found internal networks and installed keyloggers. Found by another hacker seeking bounty you’d think Facebook would be concerned. Their response was … something else. Story Tweet
