As reported by Techradar, hackers related to MageCart compromised Macy’s online payment system early last month. MageCart consists of a loose group of hackers around the world that compromise primarily magneto payment systems. By inserting malicious code into Macy’s online payment page, they captured all payment card information needed to comprise user credit cards. They data … [Read more...]
Public VPNs Don’t Always Make You Any More Secure
Recent news on a compromised NordVPN server highlights a concern that when you want to use a public VPN, it doesn’t necessarily add any additional security. Some VPN providers want you to think that simply using a public VPN will make your connection perfectly secure, but this doesn’t hold true. While a compromised VPN connection allows hackers access to your Internet traffic, … [Read more...]
Statistical Analysis for Security and Elections
In a press release earlier this month, the Pennsylvania Department of State is adding additional security to their voting systems as part of a test, but not what you might expect. The program will use statistical analysis to review election results as a part of a “risk-limiting” audit . While normal election audits take significant time and money, a risk-limiting audit provides … [Read more...]
Russian Hackers Use Steganography to Bypass Antivirus
A recent article by zdnet explains how hackers have started using steganography to hide malicious code inside of audio .wav files. We know this type of evasion well, but there were other reports of this type of antivirus evasion published in the last few months, indicating increase use. The files can pass through many firewalls undetected since audio files aren't normally … [Read more...]
Big Healthcare Provider Unprepared For Ransomware Hit
As reported by Tuscaloosa News, the three hospitals in Alabama recently hit with ransomware failed in their security and their response to the incident. While we don't know about the surrounding circumstances, the hospitals did receive a decryption key to recover their data – a decryption key they likely received by paying the attacker’s ransom. Based off what we know, these … [Read more...]
