MAC Getting Thier Share???

FireEye has reveiled a vunerabliltiy Masque attack for iOS and MAC OS x sytems.

In short a APP can be replaced by another APP allowing a local data breach.

iOS 9 does not allow details about the previously install APPs and could create more at

breaches.

Apple has yet to  respond!!

Still by leaps and bounds Apple products are more secure than Windows

More information can be located at:
http://www.technewsworld.com/story/81342.html

FBI demands new powers to hack into computers and carry out surveillance

FBI wants access and power to hack and carry out surveillance on computers throughout the world.

Civil protested have ensued to debate this effort .

Can you see that hacking comes with costs, what costs is the US willing to pay.

Rules and rights govern us, What happens when we are like the bad guys

fighting evil at the expense of being evil?

More information can be found at:

http://www.theguardian.com/us-news/2014/oct/29/fbi-powers-hacking-computers-surveillance

Chinese Officials Kick In Apple, MS Cloud Doors

"The Great Firewall of China implemented the MITM attack on iCloud using a self-signed certificate.

The attack targets only one IP address: 23.59.94.46, which means not all users in China would be affected."

This attack was focused on this one address and in the article it stated that it might of been a test for future attacks.

The cloud takes huge risks on publising data. Apple and Microsoft need to address the security of the cloud. For faith and trust the data will not be compromised users and compaines should take caution on using the cloud for major software applications.

More information at:

http://www.technewsworld.com/story/81229.html

China steals confidential data on the vulnerabilities of major U.S. dams

China steals confidential data on the vulnerabilities of major U.S. dams

National Inventory of Dams(NID) contains critical information on the vulnerabilities of the roughly 8,100 major dams in the United States.

How do you destroy a Nation? Bit by Bit, this venerability information can bring devistation to the nations infrastructure. These breaches need to be stopped and all dams and criticle infrastructure should have Top Secret clearances to stop infiltration from within.

My thoughts are wake up America!

 More at:

http://www.homelandsecuritynewswire.com/dr20141024-china-steals-confidential-data-on-the-vulnerabilities-of-major-u-s-dams

Poodle SSL 3.0 Attack

Poodle SSL 3.0 Attack

SSL 3.0 Has security holes according to the  Google team that affects all the major browsers.

The write up states "is really a critical threat because it is used by both websites and Web browsers and will remain critical as long as SSL 3.0 is supported."

How are they to fix this? this is yet to be seen.

The basic concept is that " in the decade old but still widely used Secure Sockets Layer (SSL) 3.0 cryptographic protocol that could allow an attacker to decrypt contents of encrypted connections to websites."

This could allow sensitive data to be exploited and used.

More information can be seen at:

http://thehackernews.com/2014/10/poodle-ssl-30-attack-exploits-widely_14.html

Kmart Says Card Data Stolen in Latest Retail Cyber Hack

“According to the security experts Kmart has been working with, the Kmart store payment data systems were infected with a form of malware that was undetectable by current anti-virus systems,” the company said. “Kmart was able to quickly remove the malware. However, Kmart believes certain debit and credit card numbers have been compromised.”

Kmart stated that they cant find evidence that personal data was stolen thus far. 

This kind of breach is new accourding to Kmart and the normal malware and anti-systems did not catch the breach.

Hackers are changing in my view and they know and anticipate security moves.

Kinda scary?

Read more at 

http://www.bloomberg.com/news/2014-10-10/sears-s-kmart-says-hackers-stole-payment-card-data-in-attack.html

JP Morgan reveals data breach affected 76 million households

Does the hacking ever stop? It would seem that JP Morgan was hacked and stated the nothing was stolen. The claim was the hackers had access to the root level of 90 server and nothing was stollen?

Simple hard to believe!!!!!!!

Have you ever heard of such a thing? I think JP is hiding something.

If you are a criminal you gain access for a reason,

JP might be telling the truth but I think something is missing.

Read the article at:
http://www.usatoday.com/story/tech/2014/10/02/jp-morgan-security-breach/16590689/

Jimmy Jones Hacked

This new report from Jimmy Jones states from

"Signature Systems Inc., the point-of-sale vendor blamed for a credit and debit card breach involving some 216 Jimmy John’s sandwich shop locations, now says the breach also may have jeopardized customer card numbers at nearly 100 other independent restaurants across the country that use its products."

Also said that
"That hackers had installed card-stealing malware on cash registers at some of its store locations. Jimmy John’s"

Most the problem in this breach could of been stopped if proper procedures and testing occurred be the installation of the product. Signature System will be facing fines for installing the product that was not approved.

More information can be found at http://krebsonsecurity.com/

US House Approves New Law to Discourage Trade Secret Theft

This move by the House is to help protect companies from IP attacks and allow them to seek civil penalties.

 It was stated, “They said that US trade secrets – worth $5 trillion in 2009 – have become more vulnerable to theft as a result of the globalized economy.”

These lawmakers are overwhelmed by the constant attack by the Chinese on use compies and governments. 

Laws like this are to help deter internal secret sharing

More can be read at:

http://www.infosecurity-magazine.com/news/us-house-approve-law-discourage-ip-1/

Entire database exposed at eBay

"eBay's database of names, phone numbers, encrypted passwords, email addresses, physical addresses, and dates of birth was compromised in late February and early March, 2014."

Is seems that EBay is gone asleep. This article says that he believe big corporation heads are all old or "White Heads" as he calls them. They live in the dark ages and don't take the threat serious enough.  This made me laugh!!

Here is the link
http://www.cnet.com/pictures/the-credit-card-data-breaches-retailers/7/

Home Depot Hacked

How many times can this happen? It would seem that hacking has become a full time job for some.

CNN has create a application that you can select and see what information has been share to the

hacker.  Take a look  http://money.cnn.com/interactive/technology/what-do-hackers-have-on-you/

My First Info Security Blog

Test Post for Information Security. This is my first post on a blog. Information Security is to me a big part of software. Without it our information would be scattered and used against us.