This could be unfortunate for Saks Fifth Avenue if the data is found to be used for malicious purposes. In this case, even though it’s just a phone number and email address, this is prime info to perform a very targeted phishing attack with an SMS or voice followup, on some potentially elite (a.k.a. not broke) clientele.
My 2016 Unemployment Diaries Recap – Day 17 to Day 18. More to follow
Please note, this is a reposting of some previous entries made in 2016 when my position was eliminated and I found myself unexpectedly unemployed. This is being reposted here simply for the purpose of preservation as I am not maintaining the old site much. In any case, enjoy if you feel like reading it:
Day 17 and 18 of unemployment – Bathrooms and Suburban Gangs
Sorry about the lack of updates, but it’s been a busy couple of days folks. It all started with the crappy weather. Because it was crappy, I could not do the sawing I needed to finish up some kitchen trim pieces, so I decided to take on the simple task of re-caulking the bathtub/shower area in our downstairs bathroom. It had some mildew stains and did not look very nice.
Yeah, so I would like to share the following message with my fellow human beings…
If you don’t know how to properly caulk a tub, just don’t. Hire someone, please? Honestly, the amount of effort I had to put in to taking this old caulk out was ridiculous. I don’t know what they used, but it seemed to be part caulk, part Adamantium. I’m not even sure how many razor blades I broke, both straight edge and utility knife types. After about 2.5 hours, I finally got the major part of the silicone removed.
During this time, I started to notice how bad the grout was. Dangit! I should have just focused on the super-caulk, but once seen, something cannot be unseen. Suffice it to say that this generated multiple conversations about replacing the tile vs regrouting, changing colors, 6 or 12 tiles, etc. This led in to the inevitable, “I really don’t like the counter top or cabinet” conversation. Here I am a day later, with a new countertop/sink, lighting fixture, a new dremel tool and a plan to regrout.
I also removed the shower doors and frame (so 1990’s, sheesh). Now I have been working on removing the white grout with the dremel. Let me tell you, this is dusty, dirty work. Jen got me some dust masks, but I had already started working before she got home from the store. Let me tell you, I’m going to have white-grout boogers for a month. I also looked like a coke head with all the powder around my nose and have a feeling if I had gone somewhere and been pulled over, some rubber gloves and close inspections would have followed. Bad boys, bad boys, whatcha gonna do?
While I was working, the mandrel for the grout removal wheel broke off. There were diamond coated wheel parts flying around everywhere. Smacked me square in the arm. I’ve taken a break for the night and will regroup after church in the morning. Enough is enough.
While we were out looking at sink tops and other bathroom stuff, I noticed something odd happening in our little part of suburbia. The children seem to no longer walk anywhere. They only move by hoverboard. You see them in small wheeled mobs and I even saw one kid playing basketball while riding one. I have my suspicions that hover-gangs are forming in the hood. I won’t be surprised to see tweens sporting 3-patch colors on their “My Little Pony” backpacks saying things like, “Flow-Rida’ in the hizzouse ya’ll, better step off or you gonna get whacked wit my Scooby-Doo lunchbox. BTW, you wanna buy some Girl Scout cookies? I got ‘yer fix, yo!”
Ah, the youth of America. It’s a disturbing trend. I’ll admit, I have not been a fan of those since almost getting run down by a hipster riding one while pulling his back behind him in the Houston airport. I wanted to smack the venti salted-caramel-Frappuccino-with-an-extra-shot-and-soy right out of this hand and feed him that board instead. He was lucky violence is frowned upon in airports. It was a while ago now and I know the airlines have banned them. I’m not bitter at all though. Really.
Another thing I learned while shopping is to stay in the car when your wife and mom go in to Hobby Lobby. No good can come of following them in. I swear at one point I was standing there talking to them, looked down and when I looked up, they were gone in a puff of glitter and yarn fragments. Took me like 20 minutes to regroup with them. I found a seat and got comfy. I had their purses in the cart, so I knew they wouldn’t get far. Next time, I stay in the car and listen to the radio.
On the job front, I am still hoping to hear back soon from the two places I have been interviewing with. I did apply to about 5 or 6 new opportunities last week and today I got a message on LinkedIn from a person I had dealt with while at my last job. He saw that I was between jobs and wants to see about having a talk on Monday. I’m excited because I’ve always been a big fan of their product and them as a whole, so I want to hear what he has to say. I really hope we get to chat.
So, that’s what I’ve been up to. I’ll keep you all posted as things progress.
Wishbone Quiz And Social Networking App Breached. 2 Million Email Addresses Exposed
Hackers were able to get in to an unsecured database and get about 2.3 million names, 2.4 million email addresses and about 290,000 phone numbers, birthdates, etc. Many of the users are teens and the app is in the top 10 apps for iPhone, so it certainly has a following.
Association of British Travel Agents (ABTA) Breach May Impact 43,000 People
The Association of British Travel Agents (ABTA) suffered a breach of records for up to 43,000 people. Record details vary depending on the individual, but most are email address, encrypted password and basic contact information. The source of the breach is not mentioned.
San Marcos, Texas Scammed Out Of City Employee W2s
And again with the W2s. This time it was the city of San Marcos that got scammed out of W2s. This impacts every city employee, about 800 of them and was only discovered after city employees found that their taxes had already been filed. As usual this was due to a phishing scam similar to the CEO Fraud emails (a.k.a. Business Email Compromise) which targets money transfers. Unfortunately, when a W2 is lost, it impacts the employee for a long time afterword.
To counter this, you need to train folks that have access to, or work with this sort of data to be very cautious what they send and to whom. When dealing with large amounts of money or sensitive data, it’s a good idea to implement a policy that requires a phone conversation (not recorded call) before sending anything.
Star Trek Getting Dragged In To The Ransomware Game
Now this is a just a low blow. A new strain of ransomware called “Kirk” is in the wild. Unlike most strains, this one uses Monero instead of Bitcoin for payment. Once you do pay, it provides a decryptor called “Spock”. The bad news, it doesn’t look like the ransomware can actually do the decryption at this point, so they are effectively dragging poor Spock’s name through the mud. That’s just wrong! It does have a cool ASCI art ransom screen though
The good news? It looks like it’s being spread by passing itself along as a copy of LOIC (Low Orbit Ion Cannon), so if you aren’t dorking around with tools like that, you should be ok.
So help me, if they do something like this based on a Firefly theme, I’m going to hunt them down and smack them up side the melon by myself.
800K vBulletin accounts compromised with SQL injection attack
A hacker claims to have hacked some outdated vBulletin sites, resulting in about 800k accounts being collected. This was done by exploiting a SQL injection flaw in out-of-date vBulletin installs. While the data includes hashed passwords, and probably aren’t for super important stuff, the concern here is password reuse and the ability to use this data to get in to other accounts, or use it to socially engineer the folks on the list.
Imagine getting a phishing email from one of the domains, linking to the hack and asking for a password reset, but sending you to a credential phishing site. This is one scenario where the info could be used to collect reused passwords.
I strongly recommend using a password vault, like Lastpass or something similar to generate and store random passwords for websites. Protect this with a strong passphrase and 2-factor authentication, and you can go far in securing your online accounts.
FWIW, the domains that are claimed to be hacked are:
2ndfloor.org
aippm.com
aosts.net
atheistfoundation.org.au
aussievapers.com
backcountrytalk.earnyourturns.com
barcaforum.com
bdsmfap.com
birdphotographers.net
blacklistedsociety.com
blaze-gaming.net
bleachmyasylum.com
bluepark.co.uk
bluepearl-skins.com
board.uscho.com
breezesysforum.co.uk
callofduty-community.com
calltermination.com
campgroundmaster.com
canwatchco.ca
clan-gameover.com
clubdbsa.org
community.freebord.com
community.playkot.com
darkmills.cc
darkstar-gaming.com
devil-group.com
divxup.com
doublefinish.com
downloadpolitics.com
edmlife.com
eirtakon.com
elluel.net
ewebdiscussion.com
filmleaf.net
fishingboard.net
foilforum.com
forum.atlasti.com
forum.diversitynursing.com
forum.epygi.com
forum.jdmstyletuning.com
forum.pitofwar.com
forum.rompvp.com
forum.zenstudios.com
forums.augi.com
forums.bandainamcogames.com
forums.cashisonline.com
forums.kingsoftherealm.com
forums.mra-racing.org
forums.prowrestling.com
forums.superbetter.com
forums.supertrapp.com
forums.zarafa.com
fpvlab.com
free-dc.org
ftxgames.com
gaijingamers.com
gonegambling.com
gossamerblue.com
greenstandardsltd.com
gtsportstalk.com
hawkeshealth.net
hindudharmaforums.com
italianhax.com
joyheat.com
kirupa.com
koboxingforum.com
leakninja.com
ludoria.net
maiestas.org
marijuanagrowing.com
mernetwork.com
mixbizz.com
mtsboard.com
narc.net
new-smoke.com
nflfans.com
nifgaming.eu
nsxprime.com
ozzmodz.com
pascalgamedevelopment.com
pashnit.com
pathfinder-airsoft.com
pixelentity.com
pixelgoose.com
progressiveears.org
psychonaut.com
rangevideo.com
reasonforums.com
ridetherock.com
righttorebel.net
riseofchampions.com
roaddevils.com
safeskyhacks.com
scenesat.com
sectionseven.net
sedona.com
sledderforums.com
smallblockposse.com
smallworlds.com
spurstalk.com
supermensa.org
swgreckoning.com
systemtools.com
techimo.com
tequila.net
tetongravity.com
texasguntalk.com
the420room.com
thefobl.com
thehousebreakingbible.com
thewalkingdeadgaming.co.uk
torrent-invites.com
tropicalflowersforums.com
tupacfanbase.com
ulfencing.net
va-outdoors.com
vapersforum.com
vigilantgaming.net
vill.ee
vrtalk.com
wildraiderz.com
xboxforum.com
xsyon.com
yojoe.com
zonehacks.com
Eddie Bauer sued for failing to prevent data breach by enabling EMV chip readers
Just a reminder to businesses that there can be more cost to a data breach than your own recovery. In this case, Veridian Credit Union is suing Eddie Bauer for the cost of reissuing cards and other costs related to the breach. This is a class action suit, so others are likely to join in the party as well. The premise is that Eddie Bauer failed miserably in their security practices, took too long to notify those impacted and that they also failed to implement EMV chip technology.
It is entirely possible that due to the EMV chip liability shift, effective October of 2015, that they will have a good leg to stand on in the case of this lawsuit, especially if these were charges at POS systems in-store and the customers used an EMV-enabled card, but Eddie Bauer had not implemented EMV readers. That could get pretty expensive for them.
Keep this in mind if you operate a business and have not enable EMV chip processing. It could prove very costly in the long run.
Welsh NHS Contractor Loses Data For 1000+ NHS Staff
Data such as names, dates of birth, National Insurance numbers and radiation doses for over a thousand people working for the Welsh NHS was stolen from a private contractor. While the breach was discovered back in October, it was not reported until January. Frankly, long delays like this in reporting is unacceptable. People need to know if their data is exposed so they can protect themselves.
Let this also be a lesson about the importance of 3rd party security and the risk you take when allowing data to be stored/used/collected by contractors or other 3rd parties.
Pre-infected Android Phones Now Available
Don’t have time to go out and find some mobile malware for that new phone of yours? Now you don’t have to! As a bonus, it can be installed with “System” permissions so you can’t get rid of it even if you wanted to! How cool is that? It kind of takes the fun out of poking around seedy internet sites while trying to get infected, but thanks to the supply chain injecting malware in to your pristine ROM, you don’t have to waste any time.
Check Point found that phones by Samsung, Google, Xiaomi, ZTE, Oppo, Vivo, Asus, and Lenovo have been sold with malware such as Loki (advertising) or Slocker (ransomware) already installed. Note, this does not mean that all phones are infected, but rather that somewhere in the supply chain, this has happened. A good reason to only buy from reputable sources and go ahead and run a malware check on any new phone.
This is the list of infections spotted so far by Check Point
| com.fone.player1 | Galaxy Note 2 |
| LG G4 | |
| com.lu.compass | Galaxy S7 |
| Galaxy S4 | |
| com.kandian.hdtogoapp | Galaxy Note 4 |
| Galaxy Note 8.0 | |
| com.sds.android.ttpod | Galaxy Note 2 |
| Xiaomi Mi 4i | |
| com.baycode.mop | Galaxy A5 |
| com.kandian.hdtogoapp | Galaxy S4 |
| com.iflytek.ringdiyclient | ZTE x500 |
| com.android.deketv | Galaxy A5 |
| com.changba | Galaxy S4 |
| Galaxy Note 3 | |
| Galaxy S4 | |
| Galaxy Note Edge | |
| Galaxy Note 4 | |
| com.example.loader | Galaxy Tab S2 |
| com.armorforandroid.security | Galaxy Tab 2 |
| com.android.ys.services | Oppo N3 |
| vivo X6 plus | |
| com.mobogenie.daemon | Galaxy S4 |
| com.google.googlesearch | 5 Asus Zenfone 2 |
| LenovoS90 | |
| com.skymobi.mopoplay.appstore | LenovoS90 |
| com.example.loader | OppoR7 plus |
| com.yongfu.wenjianjiaguanli | Xiaomi Redmi |
| air.fyzb3 | Galaxy Note 4 |
| com.ddev.downloader.v2 | Galaxy Note 5 |
| com.mojang.minecraftpe | Galaxy Note Edge |
| com.androidhelper.sdk | Lenovo A850 |