“Here I (we) go Again…”; GlobalCerts.net hacked August 27, 2012
Posted by Chris Mark in cybersecurity.Tags: anonymous, cyber war news, data breach, globalcert.net, hack, mark consulting group, PCI DSS, security
add a comment
On this lovely Monday morning on the opening week of College Football (WAR EAGLE!)…I open with some classic Whitesnake and their awesome song from 1987: “Here I go Again”. It seemed appropriate since here ‘we’ go again with another hack and data compromise. According to Cyber War News, GlobalCert.net was hacked and their data posted to Pastebin..according to the report, GlobalCert.net’s web database was hacked and over 1000 clients’ data posted online by Anonymous. GlobalCert.net’s website says the following about their website:
“GlobalCerts provides a comprehensive solution that meets a full range of secure messaging needs—including an automatic, transparent, inter-organizational secure messaging product, the SecureMail Gateway. GlobalCerts also offers a trusted, scalable, user friendly solution to overcome the hurdle obstructing many organizations from deploying a standards-based, secure messaging solution. SecureTier is a hands-off global, certificate management solution for key creation, discovery, and revocation. No other key distribution and discovery system is as effortless and efficient as GlobalCerts’ solution.”
Seems that GlobalCert.net should practice what they preach 😉
“Wanna Bet?..Yup…Straight8 I wanna CombatBet!”…Now You Are Asking What the Hell? August 15, 2012
Posted by Chris Mark in Uncategorized.Tags: challenge coin, combatbet, free fall, jason swarr, Marine, MFF, Recon, security, straight8
add a comment
So I just had an opportunity to catch up with an old Marine buddy named Jason. Jason owns Straight8 Photography. He is a retired
Recon Marine and was an instructor with me at the Basic Reconnaissance Course in late 1990’s. As I am talking, he mentions that his wife owns CombatBet. I couldn’t believe it! CombatBet is the “new” challenge coin. For those unfamiliar, ‘challenge coins” have been around for years and are coins carried by people in units that identify their membership etc. (too much history to explain). Long and short, it sucks to carry 10 coins to hand out. They are also expensive and not super customizable. I have been handed a half dozen of these over the last couple of years and didn’t know who was behind them! If you are looking for either a great photo or some kick ass poker chips, you have to take a spin by Straight8 Photography or CombatBet.com…BTW…if the pic looks familiar it is Jason with his daughter and was in the scrolling credits of Act of Valor…courtesy of Straight8…
“Bow-Chicka-Bow-Wow!” – Privacy Failure of Photobucket Can Make You a Porn Star! August 13, 2012
Posted by Chris Mark in cybersecurity, Data Breach.Tags: cybercrime, cybersecurity, data breach, fuscking, mark consulting group, Photobucket, privacy, security
add a comment
For those who like to use the popular photo sharing site Photobucket to share (ahem)..”private” pictures may want to take action immediately. According to an article on CNN, a privacy flaw in the way Photobucket allows users to share photos resulted in hackers gaining access to numerous R rated and even explicit photos of users. Photobucket allows users to share photos using direct links. This means that even if the user does not intend to share a photo, if a person can deduce the URL then the unencrypted file can be directly accessed. This is a hack known as “Fuscking” and it has been used to access numerous files. (more…)
“August 2012 TransactionWorld Magazine” – Chris & Heather Mark’s Articles August 13, 2012
Posted by Chris Mark in cybersecurity, Data Breach, Industry News.Tags: compliance, cybersecurity, data breach, data security, mark consulting group, mastercard, PCI DSS, security, visa
add a comment
Chris and Heather Mark both have articles in the August 2012 issue of TransactionWorld Magazine. Chris’ is titled: “The Impact of the Fortress Mentality & Today’s Compliance Strategies” while Heather’s is titled: “After the Compromise; Security Incident Response and Mitigating the Damage”
One note. I apparently forgot to update my bio with the Editor in Chief so the article erroneously references me as the Executive Vice President of Data Security and Compliance for a payment processor. You can visit Mark Consulting Group at the following: www.MarkConsultingGroup.com
“…our own policies were not followed…”; Apple and Amazon Hacks August 8, 2012
Posted by Chris Mark in Data Breach, InfoSec & Privacy.Tags: Amazon, Apple, authentication, cybercrime, cybersecurity, iCloud, mark consulting group, Matt Hanon, risk, security, social engineering
2 comments
This past week, tech writer Matt Honan (of Wired) had his Amazon and Apple accounts hacked and his “…digital life destroyed”. You can read his first hand account here. The hacker did not use any special technology rather was able to hack the accounts using a basic social engineering and knowledge of who the systems worked. Here is a description of the hack from CNN.com:
“At the heart of his story is a dangerous blind spot between the identity verification systems used by Amazon and Apple, two of the tech industry’s most popular vendors.
Like many people, Honan has a variety of email addresses. Several of them can be easily tracked down by anyone hunting around online. The hacker who went after Honan found his @me.com address — a tip-off that Honan had an AppleID account. (more…)
Global Security, Privacy, & Risk Management 