Latest Entries »

Another day, another huge leak of government information.

Last December, a whopping 3 terabytes of unprotected data from the Oklahoma Securities Commission was uncovered by Greg Pollock, a researcher with cybersecurity firm UpGuard. It amounted to millions of files, many on sensitive FBI investigations, all of which were left wide open on a server with no password, accessible to anyone with an internet connection, Forbes can reveal. View full article »

OIG recently released its yearly audit results for the Defense Department, which found it’s still slow to address cybersecurity recommendations – 36 of which are still open for DHA.

View full article »

More than a dozen computers at the Defense Business Administration, which oversee military procurement, have been exposed to hacking. There is a voice of concern about the government ‘s cyber security. 
View full article »

Many people will land on this page after learning that their email address has appeared in a data breach I’ve called “Collection #1”. Most of them won’t have a tech background or be familiar with the concept of credential stuffing so I’m going to write this post for the masses and link out to more detailed material for those who want to go deeper. View full article »


Kaspersky is one of the top names in security software… So why has the US government banned it, and retailers like Best Buy removed it from the store shelves for good? Is it those troubling reports of the company’s links to the Kremlin? The accusations that the developer aids state-sponsored hackers? The reports of data mining consumers’ information to send back to Mother Russia? View full article »

ESET researchers have discovered and analyzed advanced malware, previously undocumented, that has been used in targeted attacks against critical infrastructure organizations in Central and Eastern Europe. The malware, named GreyEnergy by ESET researchers, exhibits many conceptual similarities with BlackEnergy, the malware used in attacks against the Ukrainian energy industry in December 2015. Besides these similarities, there are links that suggest that the group behind GreyEnergy has been working together with the TeleBots group, known in connection with many destructive attacks. View full article »

Santiago, January 10, 2019 – There is no doubt that Chile is on the radar of cybercriminals, what happened at the Bank of Chile last year, was just a sample of the interest generated by national companies in cyber criminals. View full article »

Flashpoint analysts believe that the recently disclosed intrusion suffered in December 2018 by Chilean interbank network Redbanc involved PowerRatankba, a malware toolkit with ties to North Korea-linked advanced persistent threat (APT) group Lazarus. Redbanc confirmed that the malware was installed on the company’s corporate network without triggering antivirus detection, however the threat has since been mitigated and did not impact company operations, services, or infrastructure. View full article »

Hi Internet,

Summary: By using multi-gesture trackpad along with Safari browser in MacBook Pro, one can view sensitive data which is cached in your Safari browser. (Note: This is not a back button browsing vulnerability)
View full article »

Chapter 1 Evolution of the form of fraud

As various scams are reported and publicized by the news media, people’s awareness of fraud prevention is also increasing, but fraud incidents still occur from time to time. With the development of technology, the emergence and popularity of communication devices such as telephones and mobile phones, and the Internet, fraudulent means have also evolved from the traditional fraud between people in the early days to the use of telephones and network telecommunication network fraud. The liar’s tricks are constantly updated and upgraded. View full article »