Twitter September 2016

Return to Index page.  Like this? Please click LIKE / SHARE etc —->

We were off line for the last week of September due to federal bureaucracy, illness, more bureaucracy, a power problem, and … more bureaucracy.

September 25, 2016  Is your internet-of-things sex toy reporting to the manufacturer?  Story  Tweet

September 25, 2016  Win10 improvement? Passwords can be cracked much, much faster!   Story  Tweet

September 24, 2016  Old school crime with a new twist.   Story  Tweet

September 24, 2016  What does it take to crash 9-1-1?  Story  Tweet

September 23, 2016   300,000+ charge cards with card verification values (CVV which are not supposed to be stored at all) show up in an unencrypted file that was downloaded many times before the host deleted it. How did it get there? How did a denial quasi-admission quas-denial bring ever more attention to the company that actually placed information it wasn’t supposed to have on a public facing server where it got swiped?   This Update  Start of the Story  Tweet

September 23, 2016  How were NSA hacking tools placed in the hands of hackers? When? Why were manufacturers not told until after the political hacks?   Story  Tweet

September 22, 2016  Want to secure your Apple HomeKit smart house? Be careful, Siri can unlock the door … for anyone talking. Apple’s response? Ignore advertising, use a PIN.   Story  Tweet

September 22, 2016  20160922-yahoo500Yahoo confirms 2014 breach of … ready? 500 MILLION accounts. What took so long? Who would benefit from a two year reporting delay? The CEO trying to sell the company?  This Update  Start of the Story  Tweet

September 21, 2016  Multiple Tesla models have multiple cyber vulnerabilities. Tesla auto-deploys update in less than two weeks of being informed.   This Update  Start of the Story  Tweet

September 19, 2016  9-1-1 for a city could subject to a DDoS attack with as few as 6,000 phones. Real callers could not get the help they need. To deny service for the majority of US population needs just 200,000 phones. It isn’t a flaw. It was a design element.   Story  Tweet

September 18, 2016  What do you call it when two taxpayer funded agencies are working at diametrically opposed goals? Waste? Left hand vs right hand? Earlier in September the right hand issued an alert on somethings the left hand had been doing for years that perpetuated and extended our cyber-vulnerabilities. Hardly protecting and defending.   Story  Tweet

September 16, 2016  Would you believe a hotel operated with compromised point-of-sale (POS) terminals for THREE YEARS despite all the recent well-publicized breaches? Clueless? Negligent? Worse?   Story  Tweet

September 15, 2016  Zero-Day exploits act on undisclosed vulnerabilities. So is there a special name for a vulnerability undisclosed for TWO YEARS and effects all current Microsoft browsers?   Story  Tweet

September 14, 2016  ClixSense hacked exposing 6.6 million more and plaintext passwords.   Story  Tweet

September 14, 2016  McAfee Threat Report for September has a lot of sour information that points to cyber-IN-security as the new standard.  Story  Tweet

September 12, 2016  August summary information now on line. 11 additional breaches over 10,000 each exposing over 11.6 million more. 35 more breaches under 10,000 per incident exposed 108,328. 52 more breaches that exposed an unknown, or undisclosed, number, Summary 2016 to date  Tweet

September 10, 2016Update:   World’s largest known identity thief gets sweetheart plea deal and zero jail time.   This Update  Start of the Story  Tweet

September 10, 2016   Nuclear monitoring web site knocked off line. Who benefits from this?  Story  Tweet

September 8, 2016 Update:  How to protect your computer from a USB drive attack to gain credentials even when locked.   This Update  Start of the Story  Tweet

September 8, 2016  Take a picture and post it. Maybe add “review” in between? Some posted images contain security information exposing access credentials and design elements. Ooops might not cover it.   Story  Tweet

September 8, 2016  New rules in February of 2015 for UK police regarding journalists and their sources. Watchdog found a few violations including one labeled “reckless”.
  Story  Tweet

September 8, 2016  US intelligence personnel in the UK appear to be spying on UK residents and the rest of the world. Not from an intelligence facility, but a base of the Royal Air Force (RAF) where over half the residents are US intelligence personnel.   Story  Tweet

September 8, 2016  Password Strength Meters are not keeping up with best practices. Read why and how to use passphrases instead.   Story  Tweet

September 8, 2016  Government bombed! Not with explosives or recreational chemicals, but with thousands of email subscriptions clogging up systems and people.  Story  Tweet

September 8, 2016  Tweets are coming from deactivated accounts … ZOMBIE TWEETING! Not exactly, but someone figured out how to resurrect accounts en masse.  Story  Tweet

September 8, 2016  Traffic sign hacking, some great humor, but still a crime
  Story  Tweet

September 7, 2016, breached in 2012, now reported 98+ million compromised.   Story  Tweet

September 7, 2016  Over a million devices on the internet of things compromised and turned into a ‘bot army mounting massive denial-of-service attacks.   Story  Tweet

September 7, 2016  Over 790k porn passwords compromised in 2012 and not reported until now.   Story  Tweet

September 6, 2016  Just who is driving around and recording your license plate? Not only the police, but private companies? Why? Who pays for that? Who owns the data they collect?   Story  Tweet

September 6, 2016  Would you know if law enforcement and intelligence agencies requested information about you from a company? What if those companies were forbidden to ever tell you they even asked?   Story  Tweet

September 6, 2016  Automatic update provides more than beneficial tweaks, some decidedly undesirable death to previously stable web cams.   Story  Tweet

September 6, 2016  Bitcoin users: Go on higher alert! Some updates are expected to be replaced by malware laden versions supplied by state-supported agents.   Story  Tweet

September 6, 2016  Wife makes e-friend. They never meet. Husband installed SpyWare, divorces wife. E-Friend sues husband and SpyWare maker for violation of federal wiretapping law and more. Settles with husband and Appeals Court rules suit vs maker can continue.
  Story  Tweet

September 6, 2016  USB drive device obtains credentials from locked Win (98 to Win10) and OS/X computers. Great summary and absolutely terrifying details.   Story  Tweet

September 6, 2016  Kimpton Hotel breach, finally acknowledged, but still no statement of how many were affected. Includes list of affected properties.   This Update  Start of Story  Tweet

September 6, 2016  Update to Social Security Administration requiring text messaging to access on line accounts. Tl;Dr: they dropped the requirement.  This Update  Start of the Story  Tweet

September 2, 2016  Update: remote & invisible Apple vulnerabilities were found and exploited by one company then offered for sale at a large price tag. Illegal to wiretap phones? Customers include governments so … maybe not.   This update  Start of the Story  Tweet

September 2, 2016  Another device placed on the internet of things can be hacked to read your mail and set fire to your home. Really.   Story  Tweet

September 2, 2016  Last.Fm breached in 2012. Data found on line. They used the MD5 hash known to be weak in 2004. So weak over 90% of all passwords were cracked in two hours. 42+ million more exposed.   Story  Tweet

With the Last.Fm breach we have over
TWO BILLION compromises
in 2016 to date.

September 2, 2016  New super-ATM that requires an EMV chip was hacked using malware delivered by … the EMV chip. Yes, a new attack plane from a security concept.   Story  Tweet

September 1, 2016  7 models of D-Link’s network accessible storage (NAS) come installed with a cross-site-scripting (XSS) vulnerability that can expose the contents. Not all are patched yet and some may not be.   Story  Tweet

September 1, 2016  Baltimore Maryland – residents look up! You are being watched. The city has a secret system. Machines that spy on you every hour of every day. Ok, not quite, it is a pilot program, not announced, not disclosed, and funded by private, not public funds. What? Yep, no public discussion. Is this a good thing?   Story  Tweet

September 1, 2016  Not connecting a computer to the internet (air-gap) used to protect it. Now a piece of software uses the USB bus to radiate information. What do we need to protect vital equipment?   Story  Tweet

September 1, 2016  20190901-usnDeath to USB devices! Literally, plug this USB drive into your computer, phone, television, refrigerator and say goodbye. Maybe next time you find a USB drive you won’t plug it in?   Story  Tweet

[ Some tweets tweaked for clarity
or revised URLs -ed ]
Return to Twitter Index page