MCX’s CurrentC payment system, the alternative to Apple Pay backed by Walmart, Best Buy, CVS, Rite Aid, Gap, and others, was hacked today. Reports indicate the data breach involves the theft of email addresses of early beta participants and others who expressed interest in testing the new mobile payment system. No word yet on how the email addresses were stolen but you have to assume it was a backend-database penetration. If the culprits don’t already have the unencrypted login information, they soon will as soon as their phishing campaign begins targeting these users.
Practically every comic book character has an alternate identity. Many have more than one. Here’s a list of well-known comic book characters, both superheroes and villains, and their real-life identities.
National Geographic reported this unbelievably terrifying photo of a Great White Shark lunging for bait dangling from shark cage. The photo was taken by 26-year-old Amanda Brewer who acts as a courageous cage diver by night and a, wait for it… New Jersey school teacher by day! She took the photo of the female great white shark off Seal Island in Mossel Bay, South Africa.
JPMorgan Chase security breach not what you think – military attack against key financial institutions turns over keys to the kingdom// October 4th, 2014 // No Comments » // Hacking and Security
Although I’m disappointed that JPMorgan Chase delayed the disclosure of the breach that touched more than 83 million U.S. households (they knew about it at least four months ago), I’m even more upset at what they disclosed – that key customer financial data was not stolen. JPMorgan may tout the expertise of their security team who bravely stopped the attack before the hackers could get their mitts on customer accounts and passwords, I see a pretty good indication that this was *not* what the attackers were after. At this point, there’s a pretty good clue that the attack was a government or military-sponsored endeavor, likely originating from Russia.
An Israeli security firm has discovered evidence of a cross-platform (iOS and Android) malware attack targeting the Operation Central (Umbrella Revolution) protestors in Hong Kong. The spyware, Xsser mRAT (or Xsser.0day), exposes information on the devices such as SMS and email messages, instant messages (e.g. Tencent Archive), GPS location data, phone call logs, contact information, and of course, usernames and passwords.
Spike DDoS toolkit details – frightening new DDoS botnet could potentially utilize Linux, Windows, and ARM IoT devices// September 26th, 2014 // No Comments » // Hacking and Security
Security researchers have discovered an unusual, and frightening, new toolkit capable of infecting not only Windows and Linux computers, but also routers and IoTs. Dubbed Spike, it has demonstrated DDoS attacks as high as 215 gigabit/second against targets in Asia and the United States. Spike toolkit interfaces discovered by Akamai used Mandarin and thus, it is believed the kit originates out of China.
Shellshock (Bash bug) vulnerability – critical security vulnerability discovered in Bash (Bourne-Again Shell)// September 25th, 2014 // No Comments » // Hacking and Security
If your Linux/Unix (or Apple Mac OS X) applications are running with root permissions and call on the shell, this vulnerability (called “Bash Bug” or “$hellshock”) is huge as it allows an attacker to remotely execute shell commands by attaching malicious code into environment variables used by the OS. The flaw is present in GNU Bash versions 1.14 through 4.3 (yup, this bug’s been around for 22 years now). Basically the flaw allows the attacker to create environment variables that contain trailing code – and the code gets executed as soon as the bash shell is invoked. And yes, it’s exploitable over the network.
The new Galaxy Note 4 is a nice upgrade from your Galaxy Note 3. The new sensors (heart rate sensor, fingerprint scanner, UV sensor) are cool and might prompt some interesting new apps. The CPU is a tad bit faster and the 16MB camera is a step up from the Note 3. But what really shines on the Note 4 is the new retina-searing 2,560 x 1,600 Super AMOLED screen (515 PPI) combined with the Adreno 420 GPU which should enable high-end 3D games at super HD resolutions without dropping too many effects. And these eyeball-popping graphic hardware upgrades are what will allow the Gear VR to drop people to their knees.
If a recent DOJ proposal to amend Rule 41 of the Federal Rules of Criminal Procedure passes, granting the FBI the legal right to crack your Tor or VPN connection, you might have to be even more cautious – to the point of keeping up with file checksum/hashes to determine if you’ve been compromised, routinely wiping your machine, or running your OS off of a read-only medium.
I’ve written about Mr. Brown several times before. Barrett Brown is the guy that the government tagged as the “voice of Anonymous”, the young man that suffered a tragedy of injustice from charges that most feel were laughable at best and fragrantly unjust and illegal at worst. Lest we forget (and history repeat itself), let’s review the saga.
Check out ten more cool street art murals that create an interesting, and unique, take on their environment. The art featured here use various methods – stencil graffiti, wheatpasted poster art or sticker art – to add a bit of flare to their otherwise mundane surroundings.
Check out more hot cosplay action from this year’s Comic-Con 2014 in San Diego.
Although we cannot confirm that their presentation make them taste any better, here is part 2 of cool art made out of food.
If you are suspicious of Tor, tired of the laggy connection, or simply want a more stable means to ensure your connection is encrypted and secure, you can easily create a VPN connection through a VPN connection which ensures anonymity and hard-core encryption of your network stream (with kill switches to protect your identity if the VPN connection is dropped).
Every year it gets better and better. Check out the best hot cosplay from San Diego Comic-Con 2014.