jump to navigation

Dear OPM – Thanks for exposing my data!…”Clean up your own backyard!” (Elvis) October 20, 2015

Posted by Chris Mark in Uncategorized.
Tags: , , , , , , , , , , ,
add a comment

Let me start with Elvis’ “Clean up your own Backyard”

“Back porch preacher preaching at me
Acting like he wrote the golden rules
Shaking his fist and speeching at me
Shouting from his soap box like a fool
Come Sunday morning he’s lying in bed
With his eye all red, with the wine in his head
Wishing he was dead when he oughta be
Heading for Sunday school

Clean up your own backyard
Oh don’t you hand me none of your lines
Clean up your own backyard
You tend to your business, I’ll tend to mine”

menendezToday I received a letter from the United States Office of Personnel Management or OPM informing me that my personal data had been stolen in a data breach.  As a quick reminder the OPM was the victim of a major data breach in which over 22.4 million current and former federal workers and military members’ personal information was stolen by the Chinese Government although the Obama administration did not formally accuse Beijing.

The breach was finally disclosed by the OPM in June 2015 but started in March 2014. So what was stolen?  According to the report I received today…it included (ready for this)…1) Social Security Number 2) Full Name 3) Address 4) Education History 5) Employment History 6) Information on my dependents and close family and 7) my SF86 from when I applied for my security clearance…among other data. For those who are unaware..the SF86 is a 127 page document titled “Questionnaire for National Security Positions” that asks questions about every aspect of a person’s life to include 1) Friends’ names, 2) Emotional and Psychological health, 3) use of alcohol and drugs 4) financial issues 5) affiliations with groups and more!  This information is much more personal and sensitive than just a social security administration.

I find it amusing that within 2 days of Target notifying that they had been victimized by criminals who stole millions of credit card numbers that the “Honorable” Senator Menendez (D NJ) a sitting US Senator (and “back porch preacher” who is now under criminal indictment) would deride Target and ask whether the: “…FTC has the teeth to hold retailers who failed to protect consumers’ information accountable,” He then continued: “if a company doesn’t invest in security to ensure customer data can’t be stolen, “then you have to question why a company would not do that.” The Target CFO would be forced to APOLOGIZE to the US Congress for security ‘failures’ yet when the OPM is breached the US Government distances itself from any liability.  This is sine qua non for any action in which the Federal Government fails..they simply deny that they failed.  According to OPM spokesperson Samuel Shumach:  (more…)

Hillary Clinton’s Private Email Server Confirmed Hacked by the Chinese! (yes that was clickbait) September 30, 2015

Posted by Chris Mark in Uncategorized.
Tags: , , , , , , , ,
add a comment

HackedUPDATE– Yesterday I posted this “article” to demonstrate just how easy it is to convince people to click on malicious links.  Even with the end of the article saying that it was a spoof, there were still ~25% of readers (24 out of the first 95) who clicked on the link.   The point was simply to demonstrate that social engineering is alive and well and very easy to conduct.  The idea that Hillary’s private email was ‘secure’ is a preposterous claim.  Thanks for everyone who read this.

While denying that there is any evidence of her private email server being hacked…The Secret Service just released a report that proves Hillary Clinton’s private email server was hacked repeatedly by China, Russia and Iran using a common “spear fishing method’ known as a ‘drive by infection’. This is a common method used by the Chinese, Russians, Iranians and others to initiate an Advanced Persistent Threat (APT) attack. Click here to read the official government report! (more…)

Lenovo caught (again) installing SpyWare and Malware on Computers! September 27, 2015

Posted by Chris Mark in Uncategorized.
Tags: , , , , , , , , ,
add a comment

LenovoI just saw on TheHackerNews Security Blog on a link I picked up on LinkedIn.  If true (no reason to think it is not), this is truly bad business and shameful practices by Lenovo..AGAIN. Keep in mind that two years ago Lenovo (a Chinese company, BTW) was banned (Again..) from providing computers to the US Intelligence and defense services of  over spying issues.  They were first banned in 2006!  Then, in January 2015, Lenovo was caught…ONCE AGAIN..installing SuperFish malware onto refurbished laptops.  SuperFish has a serious vulnerability which makes it vulnerable to Man in The Middle Attacks (MitM).  Now, according to TheHackerNews Lenovo  was caught in August installing a rootkit into their computers.  This rootkit, known as the Lenovo Sevice Engine (LSE) installs into the BIOS on the computer.  According to TheHackerNews:

So what does this really mean for you…the consumer?  If you want to buy a Lenovo I would only ask that you email me as I have a great bridge for sale in Utah and would love to introduce you to some Ukrainian friends who love to give high interest loans.  Honestly, if you are going to buy a Lenovo after reading this, you probably deserve what you get.  I can tell you that I would never own a Lenovo again (had one in the 1990’s).  Fool me once…shame on you…fool me twice shame on me…fool me a third time?  Seriously?

%d bloggers like this: