Cyber Security Blog

Myspace Breach

My first friend on social media was named Tom and if you ever had Myspace, he was probably your first friend too. It’s always interesting to hear about Myspace. For me it’s like hearing about an old friend from high school that you lost contact with; you remember them, you had great memories, but now you’re in different places. Myspace is making news now because of mega data breach it suffered. In their blog they write,

“Shortly before the Memorial Day weekend (late May 2016), we became aware that stolen Myspace user login data was being made available in an online hacker forum.

Information is Beautiful

There are so many breaches that occur throughout the course of the year that it becomes hard to keep up. Late last year, I came across a website which I thought provided a very insightful visual into the breaches we are familiar with but also those we are not familiar with. In the interest of being a diverse blog, I wanted to make sure this blog shares sources of knowledge as well as news. While many of you may be familiar with the, I really wanted this post to reach those who might not know about it.

LinkedIn Hack

My, oh my how the past can haunt us and this is especially true for professional networking site LinkedIn.  In 2012, cyber-criminals breached the site due to LinkedIn’s poor security policy. At that time LinkedIn was not encrypting customer passwords, making it easy for hackers to decode them. Fast forward to 2016, these same login credentials (all 117 million of them) were posted on the dark web for $2,200 (in Bitcoin, naturally) according to Motherboard, a tech website managed by Vice. As a result, LinkedIn’s CISO wrote on the company blog,

Wendy’s Update

The breaching of POS systems has been really interesting this year. Between Landry’s and Wendy’s, it is increasingly more evident that small breaches are trending. They are more difficult to detect because of the small footprint that they leave. Updates about the Wendy’s breach have surfaced and there are few interesting factors I wanted to share. It was disclosed that less than 5 percent of Wendy’s restaurants were affected. In a press release, Wendy’s said, “Based on the preliminary findings of the investigation and other information, the Company believes that malware,

Ransomware on the Rise

Ransomware is causing a stir, so much so, that the FBI has taken a stance. In late April, they published an informational article which discusses the rise in incidents and ways to protect yourself from an attack. Ransomware attacks aim to infect PCs with malware which allows cyber criminals to hijack computer files. The malware then encrypts the files and folders on the computer and any attached drives. The only way the files are retrievable after they have been infected is with a decryption key. Cyber criminals hold the key until you pay the ransom (usually in bitcoin due to the anonymity it provides).


While tax season has come to a close, many people are still dealing with a nightmare: tax filing fraud. Greenshades is an online payroll management firm who, according to its blog, had been seeing an increase in “fraudulent login attempts to some client GreenEmployee portals”. Hackers gained authentication information through other sources and were then able to use them when logging into customer accounts due to Greenshades’ SSN/DOB authentication login. As a result, thousands of customers had their 2015 taxes filed fraudulently. In the case of Lower Platte North Natural Resource District,

Comelec Hack

Since it is election year in the United States, I thought it was important to write about the recent data breach at Comelec (Commission of Elections) in the Philippines. The PII of 55 million registered Filipino voters was compromised after the hacking of the Comelec website on March 27th. Reports are suggesting that all registered Filipino voters are now vulnerable to fraud and other risks due to the sensitivity of the information leaked.

The group responsible is thought to be the hacktivist group Anonymous Philippines. Shortly after the hack,

Verizon Breach

As Verizon published its “Verizon Data Breach Investigations Report” this year, it too was recently involved in a data breach resulting in the theft and resale of enterprise customer data.

Here are some of the interesting details: On an underground cybercrime forum, a thread was posted advertising the sale of a database that contains the contact information on approximately 1.5 million customers. The database information was available for purchase at the bargain price of $100,000 but chunks of 100,000 records were also for sale at $10,000 apiece. In addition,

Wendy’s Data Breach

So a Jr. Bacon Cheeseburger might be costing you more than $1.99. Recently, many credit unions have been experiencing an unusually high level of debit card fraud from the breach at Wendy’s, the American fast food chain. The losses are reportedly in excess of those seen during the breaches at Target and Home Depot. While Wendy’s does not yet know the extent of the breach or the number of impacted customers, it did confirm that malware designed to steal card data was found on some of their systems.

Dan Berger,

Update: FBI vs Apple

My my how the tables have turned!

After a month long and heated court battle with Apple, the FBI was able to unlock the iPhone used by San Bernardino attacker Syed Farook, with the assistance of an unnamed outside party. Apple was able to maintain its stance on opposing assistance to the FBI when asked to circumvent its own security technology to hack into the attacker’s iPhone in early March. The FBI requested that Apple rewrite its operating system with leaner security in order to make it accessible.