Wednesday, November 19, 2014

First reported by Krebs ( http://krebsonsecurity.com/2014/10/banks-credit-card-breach-at-staples-stores/ ) back in October. If it takes this long to investigate and correct, it may be HUGE!
Mathew J. Schwartz reports:
Staples is now confirming that there was a malware-related breach, although it’s offering scant additional information. “We are continuing to investigate a data security incident involving an intrusion into some of our retail point-of-sale and computer systems,” Staples spokesman Mark Cautela tells Information Security Media Group. “We believe we have eradicated the malware used in the intrusion and have taken steps to further enhance the security of our network.”
To date, however, Staples has declined to say how many of its more than 2,000 stores in 26 countries – including 1,800 across the United States and Canada – may have been affected by the breaches. “The company is working with law enforcement and is investigating whether any retail transaction data may have been compromised,” Cautela says.
Read more on BankInfoSecurity.com.


If we offered this class, we would need to limit the number of police/DHS/NSA students or we'd never have room for my Ethical Hackers!
Cyber-Criminal Training Services for Sale in Brazilian Underground: Trend Micro
In a new report, Trend Micro describes a thriving marketplace where service providers offer to train customers to create remote access tools and commit bank fraud.
"What distinguishes the Brazilian underground from others is the fact that it also offers training services for cybercriminal wannabes," according to the whitepaper. "Cybercriminals in Brazil particularly offer FUD (fully undetectable) crypter programming and fraud training by selling how-to videos and providing support services via Skype. Anyone who is Internet savvy and has basic computing knowledge and skill can avail of training services to become cybercriminals. How-to videos and forums where they can exchange information with peers abound underground. Several trainers offer services as well. They even offer support when training ends."
The most popular course among aspiring cyber-criminals is related to bank fraud, the report notes. Beginners start by learning the fraud workflow and are then taught how to obtain the requisite tools and knowledge to start stealing for R$1,499 (US$579). The report also highlighted another 10-module fraud training course on "practically everything cybercriminal wannabes need to know to start their digital fraud career with the aid of interactive guides and practical exercises (e.g., simulating attacks) is also offered for R$1,200 (US$468).support and lifetime updates and can be contacted via Skype."
The paper can be viewed here.


Interesting reasoning.
Matt Reynolds reports:
Attorneys for the hunting group Safari Club International faced an uphill battle Monday in persuading the 9th Circuit to suppress a video that its former president used to support defamation claims against the group.
Read more on Courthouse News.
[From the article:
Noting that interruptions to the conversation by waiting staff reflected "usual" pauses in conversation, Judge Selna said there was "nothing in Whipple's body language to suggest he was attempting to maintain privacy."
"There is no indication that either Rudolph or Whipple regarded the conversation as confidential or took steps to conceal or limit the hearing of the conversation," Selna wrote in his Jan. 16, 2014 ruling.


This article from the digest looks at managing really Big Data that is not logically organized.
Twitter Completes Indexing All Tweets
Twitter has completed indexing all public tweets made since 2006. Twitter has published a long blog post detailing how they accomplished this, but all the average user needs to know is that search results will now contain tweets dating all the way back to the beginning of Twitter.
[From the Blog:
  • Scalability: The full index is more than 100 times larger than our real-time index and grows by several billion Tweets a week. Our fixed-size real-time index clusters are non-trivial to expand; adding capacity requires re-partitioning and significant operational overhead. We needed a system that expands in place gracefully.


Something to play with.
Apple's new WatchKit SDK hints at the future of Apple Watch's apps
Apple released a bevy of developer resources for the upcoming Apple Watch Tuesday.
The company released a WatchKit, documentation and guidelines for developers alongside the new iOS 8.2 SDK. The WatchKit page includes a Getting Started with WatchKit video outlining the new tools and how developers can build apps.
… You need to be a registered developer to download the tools, but anyone can read the Apple Watch Human Interface Guidelines, which outline the basics for designing for the Apple Watch.


Interesting, but for rookies – real winos drink all the whites, then all the reds.
Next Glass App Helps you Select the Perfect Drink
Ever wondered if there was a way to work out if you would like that particular bottle of red or white wine before you take a sip?
Well, the Next Glass app takes all the guess work out of it as it uses science to predict whether you will like a certain bottle of alcohol or not.
[My favorite: http://nextglass.co/beer-census/ I'm hoping for a “Send me a case” purchase option.


For the Gaming club. (and no, I don't think “Pummel the Professor” is a good game idea)
Learn To Develop Video Games For $49, 99% Off Regular Price
Have you always dreamed of building your own video games? With the rise of the indie game development scene, it’s easier than ever for a single person working on a game to actually get noticed, but of course, you need knowledge and skill to actually make your game ideas a reality.
That’s where this fantastic course bundle comes into play. It will allow you to go from zero to hero in game development, and for a limited time, you can get this massive bundle of game development tutorials for $49, which is 99% off the regular price of $989. Read on to find out exactly what you get in this crazy deal.
Intro To Game Design w/ Unity3D
Create Your First Computer Game with Stencyl
HTML5 Mobile Game Development for Beginners
Learn to Code by Building A Simplified Flappy Game for iOS 7
Create Your Own Match 3 Puzzle Game
Creating iOS Games For Beginners
Learn Android App Development From Scratch


As long as we're on the game theme...
Six Fun Games for Geography Awareness Week - And Tools To Make Your Own
This week is Geography Awareness Week. As always, National Geographic offers a collection of educational activities for the week.
Spacehopper is a game based on Google Maps Street View imagery
Smarty Pins is a Google Maps game develop by Google.
Where is...? the name of a city is presented to the players and they have to click the map to guess where the city is located.
GeoGuessr. GeoGuessr shows you a Google Street View image and a clue to try to guess where in the world the imagery was captured.
Capital Toss is a free geography game from ABCya.
Math Trail provides a nice blend of geography questions and math questions
You can create your own GeoGuessr games by using GeoSettr.
Mission Map Quest, developed by Russel Tarr, is a map-based tool for creating virtual treasure hunts.


Dilbert explains “trickle down” economics.

No comments: