Hacker Obtained Children’s Headshots and Chatlogs From Toymaker VTech

If storing the personal data of almost 5 million parents and more than 200,000 kids wasn’t bad enough, it turns out that hacked toymaker VTech also left thousands of pictures of parents and kids and a year’s worth of chat logs stored online in a way easily accessible to hackers. On Friday, Motherboard revealed that Read more about Hacker Obtained Children’s Headshots and Chatlogs From Toymaker VTech[…]

Let’s Encrypt is Trusted by browsers

Let’s Encrypt has received cross-signatures from IdenTrust, which means that our certificates are now trusted by all major browsers. This is a significant milestone since it means that visitors to websites using Let’s Encrypt certificates can enjoy a secure browsing experience with no special configuration required. Source: Let’s Encrypt is Trusted Let’s Encrypt wants to Read more about Let’s Encrypt is Trusted by browsers[…]

WifiWatch virus infects poorly defended routers and then hardens them for you

Wifatch’s code does not ship any payloads used for malicious activities, such as carrying out DDoS attacks, in fact all the hardcoded routines seem to have been implemented in order to harden compromised devices. We’ve been monitoring Wifatch’s peer-to-peer network for a number of months and have yet to observe any malicious actions being carried Read more about WifiWatch virus infects poorly defended routers and then hardens them for you[…]

Experian hacked, loses 15m U.S. T-Mobile customer records, offerts 2 years of credit monitoring

The data included some personally identifiable information for approximately 15 million consumers in the US, including those who applied for T-Mobile USA postpaid services or device financing from September 1, 2013 through September 16, 2015, based on Experian’s investigation to date. This incident did not impact Experian’s consumer credit database Source: Experian Notifies Consumers In Read more about Experian hacked, loses 15m U.S. T-Mobile customer records, offerts 2 years of credit monitoring[…]

Let’s Encrypt – free, browser trusted, automatically renewable SSL certificate authority signs first certificate.

Let’s Encrypt is a free, automated, and open certificate authority brought to you by the Internet Security Research Group (ISRG). ISRG is a California public benefit corporation, and is recognized by the IRS as a tax-exempt organization under Section 501(c)(3) of the Internal Revenue Code. Source: Blog It will hopefully be live in about a month.

Minority Report Predictive Policing hits US

The strategy, known as predictive policing, combines elements of traditional policing, like increased attention to crime “hot spots” and close monitoring of recent parolees. But it often also uses other data, including information about friendships, social media activity and drug use, to identify “hot people” and aid the authorities in forecasting crime. Source: Police Program Read more about Minority Report Predictive Policing hits US[…]

5.6m, not 1.1m fingerprint images of us gov security cleared people stolen

WASHINGTON — The number of people applying for or receiving security clearances whose fingerprint images were stolen in one of the worst U.S. government data breaches is now believed to be 5.6 million, not 1.1 million as first thought, the Office of Personnel Management announced Wednesday. The agency was the victim of what the U.S. Read more about 5.6m, not 1.1m fingerprint images of us gov security cleared people stolen[…]

Ex-Secret Service agent who siphoned almost $1m worth of Bitcoin from Silk Road takes plea deal

The US Department of Justice (DoJ) said Bridges admitted to using a seized administrator account on Silk Road in order to lift Bitcoin from various accounts and deposit them into his own wallet. He then sold off the Bitcoin on the Mt Gox exchange between March and May of 2013 and came away with $820,000 Read more about Ex-Secret Service agent who siphoned almost $1m worth of Bitcoin from Silk Road takes plea deal[…]

The LaZagnen – recover various passwords from within Windows

DescriptionThe LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases, etc.). This tool has been developed for the purpose of finding these password for the most commonly-used software. At this moment, it supports Read more about The LaZagnen – recover various passwords from within Windows[…]

Hackers fear arms control pact makes exporting flaws illegal

The Wassenaar Arrangement, signed by 42 nations, can be implemented differently by each of these nations. Hackers are worried that exploits are controlled by these arms controls and will be punishable. Leaving 0-day exploits in the wild or unpublished is not good for IT security, as only the people who have them can use them Read more about Hackers fear arms control pact makes exporting flaws illegal[…]