I hope everyone had a great Thanksgiving weekend, US peeps or not. I’ve been a bit busy working on my Raspberry Pi powered music-synced Christmas light project and have made some headway in that department. It’s going to be fun seeing if I can muster the time to get that up and running. That being said, let’s move on to events of the last week or so:
San Francisco’s SFMTA (San Francisco Municipal Transportation Agency) Popped with Mamba Ransomware
Sucks to be them. Word is over 2112 machines were impacted by the MBR encrypting ransomware. Customers got free rides since the ticketing system was offline and they couldn’t just shut down the system. On a another note, the uber-cool Javvad Malik was quoted in the article as well.
Santa (well, the Russian version) got hacked
It looks like a bunch of kiddo’s that just wanted new toys, or food, or heat, or whatever in Russia have had their info (name, address, phone#, etc.) posted online thanks to 55 compromised websites. Oops. Just a friendly reminder to be careful what info you put out there. I’m not sure why the sites would need all this info as Santa already knows where everyone is (perhaps the Russian version is behind the times?) and what they want. The dude is kind of creepy and looks like he belongs in a windowless van with “Free Candy” written on the side of you ask me, but I’m just one guy.
Homeland Security Chief Cites Phishing as Top Hacking Threat
Looks like my message got through to Jeh Johnson as he stated that phishing is the top hacking threat. Not groundbreaking I know, but it’s nice to see the leadership acknowledging it. I’m sure he heard it from me and I’m available for interviews if you need me. 😉
Madison Square Garden Was Breached… For a Flippin Year.
So, yeah, “Cards used to purchase merchandise and food and beverage items at Madison Square Garden, the Theater at Madison Square Garden, Radio City Music Hall, Beacon Theater and Chicago Theater between Nov. 9, 2015, and Oct. 24, 2016, may have been affected“. C’mon man! SMH
So, I figured I’d put this out there as a shameless plug for my, myself and I. These are the things I’m up to in the next week or 2:
- Nov 29th – I’ll be on the Cyber Security panel at the FLAIA Global Macro Perspective conference in Miami
- Nov 30th – I’m a speaker on the SecureWorld “2016 Breaches: Lesson Learned” webinar. It’s free, join us.
- December 5th – I’ll be leading a MasterClass at the “2016 Cyber Security Exchange” in West Palm Beach. Check out the link for more info and to request an invite
As always, if you have an event and need a speaker that can talk about ransomware, phishing and other similar fraud, let me know.
Have a great week
Erich Kron, Security Awareness Advocate at KnowBe4, is a veteran information security professional with over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the 2nd Regional Cyber Center-Western Hemisphere and holds CISSP, CISSP-ISSAP, MCITP and ITIL v3 certifications, among others. Erich has worked with information security professionals around the world to provide the tools, training and educational opportunities to succeed in InfoSec