Security – Page 2 – Ian's blog

Advanced Auto Parts Loose 56,000 credit cards

So I wonder if this means I will have my other credit card reissued.
Advanced Auto Parts Loose 56,000 credit cards. I found this, it looks like I am ok, the only VA store listed in in Richmond.

This explains why we just got new credit cards

Hannaford loose 4.2 Million credit cards. We stopped there on the way back from Killington to grab some beer. I think every credit card I have has been replaced with a new number in the last 2 years.

Hacking memory after a reboot

Cnet has a very interesting story about being able to reboot a computer, extract the memory and then find the encryption key for apples file vault.

I heard on the radio this morning that two servers were found by the trash and was kind of shocked. My first reaction is how can anyone miss to servers, if they contain current information then they are probably in use so someone would notice them going offline. Then I read the Washington Post Article. According to the DC Tax office the machines haven’t been used for 5 years, which makes me feel a little better, but it will be interesting to see what is currently on the servers, my guess is that they were sold off as surplus and have been used somewhere else for the last 5 years until the current owners decided they weren’t worth the power to keep them running and junked them. What I am really hoping is that the machines were truly wiped before being retired by the DC tax office. I know that very few companies have a good asset retirement policies.

Loose lithium batteries can nolonger be checked

This is a new one on me, According to the Washington Post you can no longer pack loose lithium batteries in checked luggage.

To help reduce the risk of fires, air travelers will no longer be able to pack loose lithium batteries in checked luggage beginning Jan. 1, the Transportation Department said Friday.

If packed in plastic bags, batteries may be in carryon baggage. The limit is two batteries per passenger.

Mmm so does this mean I am allowed to check a lithium if it is still in its original packaging?

The more they make it more difficult to fly the more I wish the US had a reasonable train system or god forbid actually wanting to drive instead.

How to capture a machine, while powered on

Ever wanted to move a computer with the power still on.

https://www.wiebetech.com/products/HotPlug.php

This allows you to plug the box into a power strip, unplug the power strip from the wall, then move the computer while it is still on.

Input Validation

Should ISPs be policing their users

Interesting article in the register about the need for ISPs to police their users in the light of the number of people infected with malware and botnet clients.

Monster.com Compromised

The Register is reporting on a blog entry at Symantec about a host they found logging into monster.com using stolen recruiter credentials. The application then dumps presonal data such as name, surname, email address, home address, phone numbers to a report server controlled by the attackers.

I saw new spam today that is asking you to log into a recruiting database. I deleted them before investigating further. Perhaps they are realted?

Security Video

This was featured on Bruce’s blog. It talks about why you need defense in depth in an IT Security world. They also have some second life footage to illustrate the examples.

I think I like the dancing kilt guy the best.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
PHPSESSID	session	This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Category: Security