McDonald's had an applicant data leak, for a ridiculous Spaceballs reason

Jul. 18th, 2025 10:22 am
thewayne: (Default)
McD's hired a company called Paradox.AI to run an "AI" chatbot to conduct hiring interviews for its restaurants. Pretty basic stuff. I'm a little unclear as to how much of the application/interview/hiring process Paradox was responsible for, but it at least conducted an online interview with the applicants.

There was a recent data spill from Paradox that exposed "64 million records, including applicants’ names, email addresses and phone numbers." That's a lot of records. Then again, McDonald's has a lot of locations and high turnover.

Security researchers were able to get in to McDonald's access portal by guessing their password. Said password?

1
2
3
4
5
6.

I guess I'd better change the combination on my luggage.

https://krebsonsecurity.com/2025/07/poor-passwords-tattle-on-ai-hiring-bot-maker-paradox-ai/


The most common passwords for 2025, thus far, are:

123456
123456789
qwerty
password
12345
12345678
111111
1234567
123123
1234567890

https://www.passwordmanager.com/most-common-passwords-latest-statistics/


Now, here's the ridiculous part: it would be pretty trivial for the programmers at Paradox to BLOCK THE USE OF PASSWORDS LIKE THIS! These are common patterns, and it would be easy to test the password and say "NO! You have to use a good password!" There are APIs that enforce good password measures, and clearly they are not using them.

Paradox should be black-listed as a company not to do business with if they allow passwords like this.

Oh, and other Paradox clients? Several Fortune 500 corps including Aramark, Lockheed Martin, Lowes, and Pepsi.
Tags:
  • Add Memory
  • Share This Entry

PATCH WINDOWS 10 COMPUTERS NOW!!!!

Sep. 11th, 2024 08:49 am
thewayne: (Default)
So first a little talk about version numbers. Programs are written with version numbers, which lets the company keep track of the source code that produced it. This lets them patch specific versions and proceed from known good points and also bring problematic code into the known good version. These numbers are incremented as the code continues to be written. I'm not going to provide examples of what version numbers look like as they vary from company to company.

I don't understand it completely, but something got screwed up with Microsoft's version numbers, some sort of crossover happened and the net result is that several programs went unpatched for several months this year. Thus, today's patch dump updates a lot of stuff going back literal months. And this stuff has been exploited, so this is important! The Krebs article has more information as to what programs were affected by this problem.

There are also updates for Windows 11, Krebs does not mention any exploits going on for that OS.

Also, Adobe patched their core products, but say that there were no known exploits going on.

https://krebsonsecurity.com/2024/09/bug-left-some-windows-pcs-dangerously-unpatched/
Tags:
  • Add Memory
  • Share This Entry

Sextortion spam emails now include a pic of what might be your house

Sep. 4th, 2024 09:41 am
thewayne: (Default)
*sigh*

Sextortion spam isn't new. "I've implanted spyware on your device and I have video of you watching dirty videos and doing unspeakable things! Pay me a bitcoin or I'll send it to everyone on your contact list!" sort of stuff.

Well, they've upped their game a bit with the recent massive data leaks. They're now correlating email addresses to leaked passwords - which are sometimes included - and tying to Google Street View for a photo of your house, cropped with AI to remove watermarks.

According to the comments, they're not very accurate with the geolocation and frequently get a neighbor's house, or in the case of Mike Rowe's parents (the dude from Dirty Jobs), trying to target a 91-y/o.

You can report incidents of this if you're repeatedly targeted to the FBI.

https://krebsonsecurity.com/2024/09/sextortion-scams-now-include-photos-of-your-home/
Tags:
  • Add Memory
  • Share This Entry

Man who hacked Finish psychotherapy center then extorted patients sentenced to 6+ years in prison

May. 1st, 2024 10:24 pm
thewayne: (Default)
I've posted about this guy before. When he wasn't able to get a good enough return from the therapy center for hacking them and stealing the files, he started trying to extort the patients to prevent their therapy records from being made public. He was finally convicted and received six years, three months in prison. Prosecution wanted a minimum of seven years, however he will be paying restitution and he will be held in prison while he goes through the appeals process, so they're satisfied.

https://krebsonsecurity.com/2024/04/man-who-mass-extorted-psychotherapy-patients-gets-six-years/
Tags:
  • Add Memory
  • Share This Entry

The Big Three Wireless Carriers slapped with $140 million in fines for selling location data

Apr. 30th, 2024 09:55 am
thewayne: (Default)
They were caught selling, without permission, the constant location data of you, me, everyone in the USA with a mobile phone to aggregators who then sold it on to more people, again, without our permission.

From the article: "The FCC’s findings against AT&T, for example, show that AT&T sold customer location data directly or indirectly to at least 88 third-party entities. The FCC found Verizon sold access to customer location data (indirectly or directly) to 67 third-party entities. Location data for Sprint customers found its way to 86 third-party entities, and to 75 third-parties in the case of T-Mobile customers." Note that the discovery and scope of the investigation was before and during the T-Mobile/Sprint merger.

SO. Let's break this down. Krebs provides a link to the FCC web site that lists the formal announcement of the fines. In which, it includes the specific breakdown per carrier. In this case, Verizon, my carrier, was fined almost $47 million dollars US.

I asked Microsoft's Bing AI Co-Pilot to do a little math for me.

In 2023, Verizon Wireless reported net profit of $76.7 billion dollars US. I wanted to know how long it would take, in seconds, for Verizon to make that much money. Now, this is net profit. Here's Bing's response:

... it would take Verizon Wireless approximately 18,879 seconds (or about 5 hours and 14 minutes) to earn $46 million from their annual revenue of $76.7 billion

Five and a quarter hours. That's 1/32nd of a WEEK. An utterly insignificant rounding error.

The percentage of the fine versus 2023 gross profit? 0.058% One-seventeenth of ONE PERCENT of their profit. There's a reason why it's called gross profit.

Oh, and just how much was their gross profit? $79.087 billion USD. So it cost them $3 billion in people, equipment, trucks, tower rentals, FCC airwave licenses, etc. to generate $76bUSD in net profit. I should take a look at their stock ticker over the last few years, I expect it ain't going down.

I'm in the wrong line of work.

https://krebsonsecurity.com/2024/04/fcc-fines-major-u-s-wireless-carriers-for-selling-customer-location-data/
Tags:
  • Add Memory
  • Share This Entry

"MFA Bombing" Attack in active use against iPhone users

Mar. 27th, 2024 08:28 am
thewayne: (Default)
This is being thrown against high-value targets: AI startup owners, cryptocurrency fund managers, computer security consultants, etc. The odds of this being targeted against average shlubs is quite low as it requires some resources to be deployed, but that doesn't mean it can't happen. Regardless, it's always good to be aware.

In this case, MFA stands for multi-factor authentication. When you sign on to iCloud on a PC and it sends a six-digit number to your phone to authenticate in your PC browser, that's MFA.

What this attack is doing is flooding the target with dozens and dozens of Reset Password notification messages, exploiting a rate limit flaw. By rate limit, we mean limiting how many messages of a specific type that can be sent within a certain time frame. Normally if you (the account owner) request a password reset, a reasonable rate limit would be a message every 15-30 seconds, not more often than that. You wouldn't allow a flood of messages. These particular crooks have found a way to induce a flood.

The result is the classic Allow/Deny result. Clicking Deny gets you another message. Clicking Allow is not catastrophic, it pops up the MFA number entry screen. Eventually you get a call from "Apple Support" with the correct (spoofed) phone number, and they'll be able to verify pretty much all your information, because they've bought it from a data broker - one of the resources they have to deploy, which is why it's more of a targeted attack than a wide-spread one.

And this is the biggest giveaway - Apple Support will NEVER call you, unless YOU initiate a support call for them to call you back!

The only way to truly block this attack at the moment is to change the phone number, and we all know what a PITA that would be! I suppose you could temporarily buy a burner phone, change the outgoing message on your prime phone to say 'This number is temporarily out of service, if you need to contact me, drop me an email and I'll call you back' and notify your true emergency contacts and employment contacts.

It's believed Apple will be looking at fixing the rate limit that's allowing this bombing attack to take place, but Apple is typically pretty tight-lipped about these things.

The article is an interesting read to see what people are going through right now.

In a way, what this is is a moderately sophisticated social engineering attack with a good amount of resources behind it. And if the victim falls for it and enters the reset code, they've surrendered the keys to their iCloud account to the criminals and potentially can see ALL their devices wiped and reset: phone, watch, iPad, laptops. But not before the information is sucked out of them.

https://krebsonsecurity.com/2024/03/recent-mfa-bombing-attacks-targeting-apple-users/
Tags:
  • Add Memory
  • Share This Entry

A Canadian man get sucked into an ecommerce triangle of fraud

Jan. 20th, 2024 11:13 am
thewayne: (Default)
I had never heard of this, apparently it's been going on for some time.

The man, Tim, worked for a First Nations tribe in Alberta as a buyer. It was almost the end of the fiscal year and they needed to spend some money before the year was out, so he and another work partner ordered $2,000 worth of children's playground stuff off of Amazon.

Then things got weird.

Shortly after placing the order, he gets contacted by a woman in Ontario, accusing him of hacking her Walmart card and ordering this gear. Which he had not done.

Then the Royal Canadian Mounted Police get involved and tell him he needs to come down to the station and answer some questions pertaining to an investigation. Which he says he'd be happy to do. He provides printouts of the orders in question, showing HIS credit cards, etc. And then he's threatened with arrest, his wife is harassed by the RCMP, and he is ultimately arrested. Because of the arrest, he loses his job.

The equipment arrives at his house with an additional oddity: a phone number in Mexico.

Here's what happened. An expert in "search engine optimization" in Turkey apparently stole the woman's credit card, or may have bought it from one of the numerous black market exchanges where you can buy such. He placed an ad on Amazon, where Tim bought the gear from him. The Turkey turkey never owned the equipment. He buys the gear from Walmart, using the stolen credit card, has it shipped to Tim. I have no idea where the Mexico phone number came into play, perhaps another layer of money laundering?

And Tim gets charged with a money fraud charge and can't get a job. Apparently in Canada, being charged with a crime - but not having been convicted - is enough to really mess with your employment opportunities.

Tim had a court date, but the Crown prosecution services decided to issue a stay on the case and defer prosecution, saying we're not going to prosecute at this time, but might at a later date. Apparently they have one year to bring the case back to trial, during which Tim is left hanging in limbo. Commentors on the Krebs article said it is likely that the case will be dismissed at the end of the year period, I don't know if this will erase the arrest mark on Tim's record.

Tim did nothing wrong, except getting caught in a fraud scheme. So be very careful buying things on Amazon if it is not 'Shipped by Amazon'.

*sigh*

https://krebsonsecurity.com/2024/01/canadian-man-stuck-in-triangle-of-e-commerce-fraud/
Tags:
  • Add Memory
  • Share This Entry

Trial commences in Finland for 26 y/o who allegedly blackmailed psychotherapy patients

Nov. 26th, 2023 01:38 am
thewayne: (Default)
The twerp hacked Vastaamo Psychotherapy Center and stole all their patient files, which included notes taken during therapy sessions. The center refused to pay a six-figure ransom, so he switched to trying to extort the individual patients for 500 Euro each. That didn't prove a revenue generator either, so he dumped all the files on a dark web site. This was October 2020.

In February 2023 he was arrested by French police when the man, 6'3" and green-eyed, presented Romanian identification which proved false. His attorneys asked for his release during the trial as he had already been jailed for eight months. The judge declared that he was still a flight risk and ordered him held for the duration of the trial.

https://krebsonsecurity.com/2023/11/alleged-extortioner-of-psychotherapy-patients-faces-trial/
Tags:
  • Add Memory
  • Share This Entry

Sacramento, California sheriff is sharing license plate data with states that ban abortion

Nov. 1st, 2023 08:59 pm
thewayne: (Default)
Sacramento is probably not the only one doing this, but it's one that we know about. Several law enforcement agencies sell ALPR information (automatic license plate readers) to most anyone who wants it, and in some cases, it goes to states who claim it's illegal to travel out of state for an abortion!

Of course, if you fly, you won't be driving your car. Or if you do drive, spend the night at a hotel and take a cab. Don't drive your own car to the clinic.

I hate ALPRs. I first saw one in Texas at a mall. A police car was doing a very slow crawl through the parking lot, and when he passed, I saw the cameras mounted on his car. Makes me want to install some infrared LEDs in my license plate frame that will bloom-out the ALPR cameras. It's one thing when they're "looking for stolen vehicles", but when that information is being kept pretty much indefinitely - as it usually is - stitching a car's whereabouts by time stamp can reveal a HUGE amount of information about a person.

https://news.yahoo.com/sacramento-sheriff-sharing-license-plate-133000119.html
Tags:
  • Add Memory
  • Share This Entry

If you receive any emails or texts with links ending in .US, BEWARE!

Nov. 1st, 2023 08:36 pm
thewayne: (Default)
Nominally, the .US top level domain is owned by the U.S. government. However, they contracted out the management of it. And it was then subcontracted out, etc. And now it's being controlled by a bunch of crooks who are doing domain shortening for a bunch of low-lifes who are using it for pfishing, credential theft, etc.

Domain shortening is when you see something like goo.gl/xyzabc. Google takes xyzabc and expands it to a much longer domain, the problem is that you can't see if it's a safe domain in the shortened version! Can you say security risk? I knew you could! The .US is pretty much not at all in use by the U.S. government, and anything critical sent to you by the government, such as an IRS notice, is going to come by the U.S. mail anyway.

https://krebsonsecurity.com/2023/10/us-harbors-prolific-malicious-link-shortening-service/
Tags:
  • Add Memory
  • Share This Entry

NJ man gets 13 years in prison in Violence-as-a-service scheme

Oct. 23rd, 2023 08:25 am
thewayne: (Default)
Along the lines of third-party SWATting or calling in bomb threats for friends to get people out of tests, a year ago we saw a few incidents of Violence-as-a-Service. In this particular case, this asshole hired himself out to go to people's homes and literally crash a car into them, throw Molotov cocktails at them, or discharge firearms into them. For money. Then post videos of him doing these acts on to Telegram channels and brag about the acts.

In the words of Jay and Silent Bob, 'Bunch of savages in this town, Silent Bob.'

At least this guy will have a long time to reflect on how much of an idiot he is.

https://krebsonsecurity.com/2023/10/nj-man-hired-online-to-firebomb-shoot-at-homes-gets-13-years-in-prison/
Tags:
  • Add Memory
  • Share This Entry

Network security device maker tells customers to REPLACE their devices after malware attack!

Jun. 9th, 2023 09:18 am
thewayne: (Default)
It was noticed that Barracuda Email Security Gateways (ESGs) were spewing forth a lot of malware. And Barracuda says the devices CANNOT BE PATCHED AND MUST BE DECOMMISIONED AND REMOVED FROM SERVICE.

A little technical lesson. Company/corporate networks have a single point of contact (for the sake of discussion) with the internet. At this point there is a firewall, which is a security device that scans all traffic coming in for attacks and going out for attempts to exfiltrate corporate secrets (well, at big companies they look for exfiltration attempts). There are also ESGs which try to block attempts from bag guys to send malware through corrupted email attachments and again, prevent exfiltration of corporate secrets through sending out cost sheets through email, etc.

Somehow bad guys have compromised Barracuda's ESG to such a level that they have no confidence that this malware can be removed! Now things get interesting. If you read the Krebs article linked below, one security professional believes this is the work of a 'State Actor', meaning a nation. Common computer criminals want fast results, and have the software exploits to get those results. State actors want long-term results without detection. This malware has been in place since OCTOBER OF LAST YEAR.

I've previously posted about the UEFI hack where an exploit goes into the boot system of a computer. Well, an ESG is a computer, though not a general purpose computer like I'm writing on or you're reading this with. But it has a boot system and a CPU and it's programmable, it's just programmed to do a specific task and it's updateable. Thing is, it probably uses bog-standard CPUs since it's easy to find engineers who know how to write code for them, even if the code is quite specialized - these things don't run Windows! But they do have a CPU and they do have to boot up, so there's an opportunity to exploit, and someone found a way.

Now, here's my thought. The Krebs article says that there are 11,000 of Barracuda's ESG devices in use right now. If I am an IT manager, and I have one or more of these devices in use, and I'm suddenly told that I have to replace ALL of them RIGHT NOW, is Barracuda going to be my automatic first choice for another ESG? They just cost me a LOT of money, and caused me a lot of trouble because guaranteed most of the people are going to be caught having to replace this gear outside of their scheduled replacement cycle (when corps can, things like this are budgeted and scheduled on approx a 3-5 year replacement cycle).

This is really going to hurt Barracuda's long-term financials. It wouldn't surprise me if they take a serious dive and are gobbled up by Cisco or someone else within the next 3-5 years.

https://krebsonsecurity.com/2023/06/barracuda-urges-replacing-not-patching-its-email-security-gateways/
Tags:
  • Add Memory
  • Share This Entry

UK police set up fake DDoS sites!

Mar. 29th, 2023 10:16 am
thewayne: (Default)
Term: DDoS. Stands for Distributed Denial of Service, used to be the first D wasn't there. You get a bot net of compromised computers and servers (they've unknowingly downloaded malware that give the baddies remote control of the computer without the owner knowing it) to target one IP address or web site and bombard it with connection requests, which makes it unable to handle legitimate requests and proverbially crushes the target, making it unusable. Frequently used as a blackmail tool.

The UK National Crime Agency (NCA) has been setting up fake DDoS sites. These are also known as Booter or Stresser sites. Booter meaning it boots everyone off the site when the attack hits, Stresser because they try to claim they're providing a service for people to see how robust their hardware is under heavy load. When people register for the site, they receive a proverbial knock on the door of their email in the form of an email that says (my words) "Hello, we're the police. What you signed up to do is a crime, and we're collecting your information. If you're not in the UK, we're sending your information to the nation in which you live. Have a nice day."

Now, this isn't going to stop a serious jerk as they're going to be using disposable email addresses, a VPN and multiple proxy services to hide their identity and location. But it will stop casual tricksters trying to impress their friends and the like. And it will make it a bit more difficult for serious jerks to find new DDoS services.

https://krebsonsecurity.com/2023/03/uk-sets-up-fake-booter-sites-to-muddy-ddos-market/
Tags:
  • Add Memory
  • Share This Entry

Why you should opt out of sharing data with your mobile provider

Mar. 22nd, 2023 06:22 pm
thewayne: (Default)
An excellent article on how your private data gets shared and what you can do about it.

The WHY you should is pretty simple: 9 million AT&T customers were compromised in a hack at an advertising affiliate, T-Mobile has had 70 million accounts compromised in the last decade or so, etc.

These data breeches are so common as to be ridiculous. And that information can be used against you in possible fraud schemes. As an article that I posted recently said, Americans lost a record amount to fraud schemes in 2022, and breeches like these help fuel said schemes.

The article explains how to opt-OUT of data sharing for the Big Three: AT&T, Verizon, and T-Mobile.

https://krebsonsecurity.com/2023/03/why-you-should-opt-out-of-sharing-data-with-your-mobile-provider/
Tags:
  • Add Memory
  • Share This Entry

Finland's most wanted hacker arrested in France!

Feb. 7th, 2023 09:25 am
thewayne: (Default)
Amongst your first thoughts might have been along the line of 'Finnish hacker? Who cares!' Oh, just read on! Almost guaranteed laugh to come.

This is a great story. So this dweeb did all the usual horrible stuff: DDoSes, SWATting, breaking into corporate computers and such. His gang had an exploit that let them get into servers running Cold Fusion, and that got them into some places they probably shouldn't have gotten in to because it brought high level attention to his activities.. And then he did a VERY bad thing.

He broke into a Finnish psychotherapy practice and stole patient treatment records. Stuff that is considered utmost sacrosanct - notes between a therapist and their patients.

He threatened to dump them on the dark web if the practice didn't pay a ransom demand. They didn't pay. He actually went and published them. The ransom demand was in six figures. After the practice stopped talking to him, he tried extorting individual patients for 500 Euros. He apparently didn't have any luck with that, and then released the records.

Except he had one very major operational security fail. Somehow he screwed up and included his computer's HOME DIRECTORY IN THE DUMP!

Oops. Major faux pas.

This gave investigators all sorts of information on him concerning not only him personally, but additional crimes that he'd committed and the tools that he had used.

He was arrested Friday morning around 7am when "authorities in Courbevoie responded to a domestic violence report". He'd been out drinking, brought a woman home, they got into a fight, neighbors called the cops. A roommate or someone let the police in and found him sleeping. When they woke him and asked him for ID, he claimed to be Romanian. Police were "Yeah, pull the other one, it's got bells on it" and started pulling up photos of foreign criminals that were wanted, and found out who he was.

He had previously been convicted in court of FIFTY THOUSAND cybercrimes, but as he was 17 at the time, he was given a two year suspended sentence and had to pay 6500 Euros in restitution.

He's been on the run since October of last year after failing to show up for a court appearance and was charged in absentia. For some reason I don't think a two year suspended sentence is in his future, perhaps something a bit more stiff.

https://krebsonsecurity.com/2023/02/finlands-most-wanted-hacker-nabbed-in-france/
Tags:
  • Add Memory
  • Share This Entry

Two stains on society soon to be paying a debt to society: hack Ring doorbell cam to record Swatting

Dec. 20th, 2022 12:18 pm
thewayne: (Default)
Remember that Violence As A Service article that I posted a while back? This is a direct offshoot of that. One of these stains is a "L337 hax0r" who stole over $300,000 in crypto currency via cell phone sim swapping. These twits would hack Yahoo Mail accounts, then see if that same password would unlock a Ring account. If it did, they were gold - goes to show that it's important to use different passwords for different accounts, especially important ones, and critical when privacy issues are at stake!

Then these stains would SWAT the victims, recording and live-streaming the victims. Fortunately no physical injuries were reported from the incidents, though emotional trauma I'm sure was received.

Have fun in prison, ass-wipes!

https://krebsonsecurity.com/2022/12/hacked-ring-cams-used-to-record-swatting-victims/
Tags:
  • Add Memory
  • Share This Entry

Let's talk some more about the joy of cryptocurrency and cybercrime

Sep. 23rd, 2022 01:23 pm
thewayne: (Default)
Last month, Amazon lost control of 256 IP addresses for three hours due to BGP security flaws. This enabled cybercrooks to take over credentialing authentication and steal $234,000 in cryptocurrency from an exchange called Celer Bridge. 32 accounts were victimized.

https://arstechnica.com/information-technology/2022/09/how-3-hours-of-inaction-from-amazon-cost-cryptocurrency-holders-235000/


In the UK, three men were arrested after a community resident reported suspicious activity. Found in their car was a fake police uniform, an imitation firearm, a real taser and baseball bat. Their intent: "...pay a surprise visit to a 19-year-old hacker known by the handles “Discoli,” “Disco Dog,” and “Chinese.” In December 2020, Discoli took credit for hacking and leaking the user database for OGUsers, a forum overrun with people looking to buy, sell and trade access to compromised social media accounts."

Discoli happened to be not at home, and the thugs were so obvious about not being police that they fled and got the real police notified.

Impersonating police and that fake firearm is really going to ratchet up the sentencing.

https://krebsonsecurity.com/2022/09/botched-crypto-mugging-lands-three-u-k-men-in-jail/


"A Florida teenager who served as a lackey for a cybercriminal group that specializes in cryptocurrency thefts was beaten and kidnapped last week by a rival cybercrime gang. The teen’s captives held guns to his head while forcing him to record a video message pleading with his crew to fork over a $200,000 ransom in exchange for his life. The youth is now reportedly cooperating with U.S. federal investigators, who are responding to an alarming number of reports of physical violence tied to certain online crime communities."

Kidnapped, beaten, and forced to record a video begging for $200,000 with two pistols pressed against his head. Florida.

https://krebsonsecurity.com/2022/09/sim-swapper-abducted-beaten-held-for-200k-ransom/
Tags:
  • Add Memory
  • Share This Entry

The latest on ATM card skimmer tech

Sep. 15th, 2022 08:56 am
thewayne: (Default)
Good ol' Brian Krebs. In New York City, NCR and an unnamed financial institution have uncovered the latest generation in card skimmers. A card skimmer is a custom-made device that credit card thieves insert into AMERICAN ATMs (this is almost 100% an American problem because we won't get rid of the stupid magnetic strip and go to entirely chip-based cards) that has a strip reader and is inserted into the card reading slot of the ATM, so that when you insert your card into the machine, it captures the data on your bank card. A very cleverly-disguised card then captures your PIN that you almost never cover when you enter it. It's all stored in memory, then the thieves come by later with a Bluetooth transceiver, beam a code to the device, and it spews all the captured data back to them and clears itself.

These have been around for years and are most commonly found at stand-alone ATMs and at gas pumps. So what is new about this?

IT IS 0.68 MILLIMETERS THICK!

That is some pretty impressive engineering and manufacturing to make a skimmer that thin! To give you a comparison, your bank card is approximately 0.54mm thick.

NCR has some countermeasures to improve detection of these skimmers, but the best thing as always is to simply cover your hand when entering your PIN.

https://krebsonsecurity.com/2022/09/say-hello-to-crazy-thin-deep-insert-atm-skimmers/
Tags:
  • Add Memory
  • Share This Entry

Remember the Norton Cryptominer I wrote about last week? The story continues....

Jan. 10th, 2022 09:12 am
thewayne: (Default)
Symantec 360, owned by the somewhat dubious NortonLifeLock installs a cryptominer for Ethereum and takes 15% off the top. Let's face it: that's a great business model for NLL! Free money for people who aren't smart enough to install their own miner or who just don't care!

Well, they didn't stop there.

There's a German anti-virus package called Avira that is or was available for free. They were acquired by NortonLifeLock. And now 500,000,000 Avira users are having a cryptominer being pushed on them by NLL to mine Ethereum - complete with the 15% shaved off the top back to their corporate overlord NortonLifeLock.

It's good to be the king! Or at least the corporation controlling your software!

Personally, for the PC I recommend Zone Alarm Pro. Very solid software that I've used for years, does a good job with firewall replacing Microsoft's and also with anti-virus and anti-malware. And they sell a package that lets you install it on multiple PCs for what I consider a reasonable price - I pay for my gaming laptop and my dad's rig in Phoenix.

https://krebsonsecurity.com/2022/01/500m-avira-antivirus-users-introduced-to-cryptomining/
Tags:
  • Add Memory
  • Share This Entry

Do you like Norton Utilities? Do you like your PC mining for crypto?

Jan. 7th, 2022 08:50 am
thewayne: (Default)
Norton bought LifeLock and is now Norton Lifelock, and now their Norton 360 product bundles an Ethereum cryptominer in their software!

And Norton takes 15% of what you mine.

So if you're not interested in mining ETH and use Norton, be very careful on your install to disable the mining aspect of the software. If you do want to mine ETH, install a proper miner and don't give Norton a cut unless you feel like contributing to a major corporation's profits. I'm sure they need the 15% more than you do.

Myself, I loved Norton Utilities when it first came out. Peter Norton was a genius. And when Symantec took it over, initially it was good. But it became bloatware and eventually worthless and I stopped using it and now won't touch it or recommend it. But to each their own.

LifeLock, for those not current on the company, claimed to be able to lock down your personal information online. They were so confident about their product that they drove advertising trucks around major cities across the USA with their CEO's Social Security Number prominently displayed. And his identity was stolen multiple times.

https://krebsonsecurity.com/2022/01/norton-360-now-comes-with-a-cryptominer/
Tags:
  • Add Memory
  • Share This Entry

Profile

thewayne: (Default)
The Wayne
Spare Brains Games

January 2026

S M T W T F S
    1 23
45678910
11121314151617
18192021222324
25262728293031

Syndicate

RSS Atom

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

No cut tags
Page generated Jan. 4th, 2026 09:09 am
Powered by Dreamwidth Studios