Category: hacks

Orvis data leak and the need to monitor ‘paste’ sites

Fishing retailer Orvis had a serious (and embarrassing) data breach recently. Independent security researchers found a posting on text snippet site Pastebin with what appeared…

Continue Reading

Something about (Japanese) foxes and hen houses

Not strictly a security story, but interesting and alarming… Japanese authorities have decided that: It is permissible to make contributions to politicians using cryptocurrencies like…

Continue Reading

Attack on encrypted PDFs exfiltrates clear text data

Here’s a quite clever hack… German security researchers have found a way to exfiltrate the contents of encrypted PDF files without breaking their encryption. Because…

Continue Reading

An example of a clear and concise incident report

This incident report from the Australian National University is definitely worth a read, both as an interesting look into the mechanics of a systems compromise…

Continue Reading

WordPress wants sites to eat their (patching) vegetables

Apparently. over a third of the web sites on the Internet (including this one) run the WordPress content management software package. Natch, this makes WordPress…

Continue Reading

So your third party has been breached…

Another day, another third party security compromise story… this time it is Indian outsourcing giant Wipro. The firm has confirmed that a small number of…

Continue Reading

Grindr and US national security

Here’s an interesting development…the US federal agency which reviews foreign investments in US companies has ordered a Chinese firm to sell its stake in gay…

Continue Reading

Bad biometrics: Samsung’s new S10 phone

When biometrics work properly, they can provide you with an easy to use security solution with a reasonable level of assurance for most types of…

Continue Reading

The (not paranoid enough) Android

The train wreck that is Android security continues… A new strain of malware by security firm Wandera found in China has the following charming characteristics,…

Continue Reading

Beware of mobile number port out scams!

I spend a lot of time telling people to use two factor authentication on their important web accounts.  This may explain why I don’t get…

Continue Reading