go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: Home [0]

Go to contents or to navigation menu

Neiman Marcus is now the next victim in the snowflake fiasco!

Neiman Marcus is confirming that they have been pilfered as part of Snowflake. They also claim that there are only 64 thousand plus while Troy Hunt at haveibeenpwned is putting the number close to 32 million.

A May 2024 data breach disclosed by American luxury retailer and department store chain Neiman Marcus last month has exposed more than 31 million customer email addresses, according to Have I Been Pwned founder Troy Hunt, who analyzed the stolen data.

In a separate incident notification published on its website, Neiman Marcus revealed that the data exposed in the attack included names, contact information (e.g., email and postal addresses, and phone numbers), dates of birth, gift card info, transaction data, partial credit card (without expiration dates or CVVs) and Social Security numbers, and employee identification numbers.

While analyzing the data stolen in the breach, Hunt found 30 million unique email addresses and told BleepingComputer that he also confirmed with multiple people whose data was in the stolen database that the information was legitimate.

“That’s obviously a substantial number and I do want to get notifications out to them promptly. The total unique number of addresses I’ll be referring to is 31,152,842,” Hunt told BleepingComputer.

When BleepingComputer contacted a Neiman Marcus spokesperson to confirm Hunt’s findings, they declined to comment. Instead, they pointed us to the data security notification published on the company’s website and said that the 64,472 people mentioned in the Maine filing are those who have received data breach notifications.
Data stolen in Snowflake data theft attack

The disclosure and the data breach notifications came after a threat actor using the “Sp1d3r” handle put Neiman Marcus’ data up for sale on a hacking forum, asking $150,000 for 12 million gift card numbers, 70 million transactions with full customer details, and 6 billion rows of customer shopping records, store information, and employee data.

A joint investigation by SnowFlake, Mandiant, and CrowdStrike revealed that a financially motivated threat actor tracked as UNC5537 used stolen customer credentials to target at least 165 organizations that failed to configure multi-factor authentication (MFA) protection on their SnowFlake accounts.

Recent breaches linked to these attacks, which started in May 2024, include Ticketmaster, Santander, Pure Storage, QuoteWizard/LendingTree, Advance Auto Parts, and Los Angeles Unified.

These are some of the important paragraphs we can take out of this article. If you want to read the entire article, Neiman Marcus data breach: 31 million email addresses found exposed is going to be your article.

Just another one as part of the Snowflake fiasco which is going to get worse before it gets better.

Comments (0)

Patch Up! Patch Tuesday for July 2024

Bleeping Computer’s Lawrence Abrams has an article out about patch Tuesday.

This is the day and there are 142 different vulnerabilities that are fixed.

So far, this may be the only article out there.

There are 5 critical vulnerabilities, all leading to remote code execution or RCE problems.

There are 2 actively exploited zero-days. These are bugs that are out in the wild that have no fixes until the vender pushes them out.

Read more:

Microsoft July 2024 Patch Tuesday fixes 142 flaws, 4 zero-days

Patch up!

Comments (0)

The Security box, podcast 198: Week 2 of the 2 week open forum

Hello folks, this is our second week of our two weeks of open forum.

This program is a little over 4 hours, with the ending of the show being music and can be cut off if needed by our people who simulcast.

Here is the 225.1mb file if you don’t have RSS and want a copy.

See you soon!

Comments (0)

Roblox attendies pilfered from 2022-2024 conferences

Roblox is an online gaming site that also has yearly conferences. This recent breach has developers names, email addresses and IP addresses pilfered while a separate incident pilfered 2017-2020 data.

The vender responsible for registrations for the conferences is named FNTech. They notified Roblox as they should be.

HIBP says that 10,386 unique addresses were found and 6500 are brand new to exposure. That’s 63% of the addresses.

To read the entire article, read Roblox vendor data breach exposes dev conference attendee info for complete details.

Comments (0)

Evolve now comes out, claims 7.6m people affected

We’re finally learning more about Evolve and the fact they’re now coming out with details of their alleged breach or attack.

In this article titled Evolve Bank says data breach impacts 7.6 million Americans they claim that 7.6 million people are affected. While others have come out and said they were breached, none claim that it was LockBit who breached them.

Shopify is also claiming that they were not breached after actors came out claiming to have 180,000 people’s info.

We know some of the companies have come forward, and there is probably still many more companies we don’t know about.

Read the article for more.

Comments (0)

The CDK massive ransomware attack is mostly now over

Hello folks,

The massive car problem of dealerships being able to sell cars is mostly over. By now, most if not all dealers are inputing data frompen, paper, and excel spreadsheets to work around the issue.

It is possible that June will see a record low in sales of cars, and photos on the article indicate cars lined up on lots not being sold.

We do understand that a ransom has been paid to Blacksuit, who has been responsible for at least 95 other ransom breaches around the world.

As we indicated, Black Suit is a new name in this field, but it was probably revamped from an older name.

blog post

Read more. Massive car dealer ransom attack is mostly over after 2 weeks of work-arounds

Comments (0)

10 billion passwords

Think about this. Roughly 10 billion passwords have been pilfered, some new and some old. Its all been combined in to one massive text file, says Kim Komando in today’s newsletter.

I would really urge people to read the credential stuffing portion of the article as this type of attack is mainly used in all kinds of attacks to try and gain access to accounts. This was used many times and it’ll continue to be used.
The full article is titled Hackers just stole 10 billion unique passwords and I would urge every single person to read it.
I would go on a diatribe about this, but honestly, I just don’t know what I can say. I know I’m owned and I know there isn’t anything I can do.

Comments (0)

Temu sued by the state of Arkansas

I’m not going to sit heere and pick sides. This MalwareBytes article is definitely interesting though as it talks about Arkansas suing Temu.

Maybe he has read and listened to Kim talking about how Temu and TikTok has been known in circles to just get things it doesn’t need.

To be fair, TikTok is more known for this, but Kim has said that the stuff Temu sells may be knockoffs.

While I’m not picking sides because I’ve never used the app, I’m curious on what other people say; because I know I have sighted counterparts that might come across this.

Have you seen knockoffs on there when browsing?

TEMU sued for being “dangerous malware” by Arkansas Attorney General is the article.

Comments (0)

This was quite interesting, how to avoid scams

This is coming from Hadley at Hadley Helps.

They have a segment of their podcast talking about scams and some of them we’ve talked about. Just select play on the page or download the audio file.

Kay: Boosting David Goldfield (DavidGoldfield): From Hadley: How to Avoid Phone and Online Scams When Living with Vision Loss https://groups.io/g/tech-vi/message/7283

The link goes to the podcast episode and you can copy and paste it.

We’ll have this played on a future throwback.

Comments (0)

Something to laugh at

This may be containing some strong language here but this is good.

From time to time, we find things that may not necessarily be tech related, but could be funny. This is one of those, written as a letter.

This comes from one of my people on Mastodon.

Wil James: TO: All Employees
From: Management
Subject: Special High Intensity Training

In order to assure the highest levels of quality work and productivity from employees, it will be our policy to keep all employees well trained through our program of Special High Intensity Training (S.H.I.T.). We are trying to give employees more S.H.I.T. than anyone else.

If you feel that you do not receive your share of S.H.I.T. on the job, please see your manager. You will be immediately placed at the top of the S.H.I.T. list, and our managers are especially skilled at seeing that you get all the S.H.I.T. you can handle.

Employees who don’t take their S.H.I.T. will be placed in Departmental Employee Evaluation Programs (D.E.E.P S.H.I.T.). Those who fail to take D.E.E.P. S.H.I.T. seriously will have to go to Employee Attitude Training (E.A.T. S.H.I.T.). Since our managers took S.H.I.T. before they were promoted, they don’t have to do S.H.I.T. anymore, and are all full of S.H.I.T. already.

If you are full of S.H.I.T., you may be interested in a job training others. We can add your name to our Basic Understanding Lecture List. (B.U.L.L. S.H.I.T.).

Those who are full of B.U.L.L. S.H.I.T. will get the S.H.I.T.jobs, and can apply for promotion to Director Of Intensity Programming (D.I.P. S.H.I.T.).

If you have further questions, please direct them to our Head Of Training, Special High Intensity Training (H.O.T.S.H.I.T.).

Thank you,
Boss In General, Special High Intensity Training (B.I.G. S.H.I.T.)

Have a laugh with this one.

We’ll read it on our show this coming week.

Comments (1)

We have a Lurie Childrens update for you and this is not good

In a timeline based article which i finally got to read, we present you an update that just shouldn’t be.

Per one of the paragraphs, we learn what exactly was taken.

Per an online notice, the information that may have been compromised could include an individual’s: name, address, date of birth, dates of service, driver’s license number, email address, health claims information, health plan, health plan beneficiary number, medical condition or diagnosis, medical record number, medical treatment, prescription information, Social Security number and telephone number.

Do you really need all of this information to do your job? Maybe in some cases, the answer could be yes, like submitting claims for care where insurance may need an SSN for verification as an example. But do you need a driver’s license to do your job? Probably not. In this case, I’m saddned to report that most if not all could be needed in some way, but medical stuff is a lot different than your regular business which may collect some of the same info as above.

Lurie Children’s Hospital says nearly 800K patients’ data compromised in cyberattack is the article which you need to read.

It gives a timeline of restoration after the attack.

Glad to hear that things are now back up and they didn’t pay a ransom.

We did report that Rhysida supposedly took and sold the data, but we haven’t heard anything from them since. Maybe that’s a good thing.

The number of patients that could’ve been affected by this is around 800 thousand. That’s not something to sneeze at.

Comments (0)

More news coming out of evolve

While there have been some errors which were corrected and documented, several more companies are coming out.

Its OK to make mistakes in writing, and the documentation at the end shows that corrections were made.

Yieldstreet says some of its customers were affected by the Evolve Bank data breach is the latest we find on this ongoing saga.

Within this article, several other companies are mentioned, but Evolve continues to indicate that they don’t know who else is affected by their carlessness.

Comments (0)

Affirm says cardholders are impacted by Evolve

We continue to try and catch up and we’re now learning that Affirm is now confirming that cardholders may be inpacted by the ever evolving evolve breach.

Affirm uses Evolve as a card issuer to their services and have started notifying those that may be impacted by this ordeal.

To read more, please read the bleeping computer article that is titled Affirm says cardholders impacted by Evolve Bank data breach as we continue to learn more.

Comments (0)

FinTech company Wise says they’re impacted by Evolve

Fintech company Wise says some customers affected by Evolve Bank data breach says that another company is affected.

I don’t know if I covered this one, and Evolve continues to state that they have no idea how many potential customers are affected.

Comments (0)

Man clones WIFI, asks for credentials

Brian Krebs posts on Mastodon:

BrianKrebs: This has to be the dumbest, riskiest, least effective and most expensive way to steal credentials. If you’re going to commit multiple federal offenses, maybe don’t do them in a confined space of <300 people whose names are on a manifest.

“Australia’s Federal Police (AFP) has charged a man with running a fake Wi-Fi networks on at least one commercial flight and using it to harvest fliers’ credentials for email and social media services.”


The link, is to an article titled Police allege ‘evil twin’ of in-flight Wi-Fi used to steal passenger’s credentials goes in to detail on what the gentleman did and what he’s charged with.

While he may not have used the data collected, people were duped in to handing over creds he could’ve used at any time.

No free WIFI should ask for a password unless its configured to do so and the password is known.

But most free WIFI don’t require a password.

I know Hotels protect with a password which they do provide you like your room number as an example, because of the page you land on when you first connect.

Comments (0)

LockBit still at it, Infosys McCamish next on its list

Infosys McCamish seems to be a business oriented company who recently fell victim to an attack this past year. While the initial alert went out in February for an attack November of last year, this is an update to that initial report.

Seems like over 6 million people in varying situations were pilfered. Info includes but not limited to name, SSN, dates of birth, medical information including treatments, biometric data, email and password combination, any usernames and their passwords, drivers license or state identifible ID, financial account number, payment info, passport, payment card info, tribal and millitary ID info.

This is a hell of a lot of info for a company to have to conduct business. Again, I ask whether all of this information is necessary. I could see things like username and password, payment info for getting paid if they got paid by this company, payment information if they were billed by the company, mailing address for communication but this is about it.

Why the hell do these fucking companies don’t learn that half of the fucking shit, including SSN info, should not be kept past their time of need?

This is fucking rediculous that we’re continuing to see the misuse of our data.

In a recent call taat Kim played on her show as part of the minute she puts out each day, she stresses that we should come with another form of ID besides the social security number. I completely agree with this. Even though the caller, like me, shuttered on giving yet another company my SSN, we really don’t have a choice. Kim says, if you went there on your own, and you have a working relationship with them, then in theory it “should be safe.” (quoted)

I know that other parts of the country have different names for this, but it is the same thing.

This time, read the article titled Infosys McCamish says LockBit stole data of 6 million people if you want to see more of what kinds of stupid shit is going on with companies like this.

Have fun.

Comments (0)

Here’s more information falling out of Evolve Bank’s fiasco

I recently blogged a diatribe about LockBit and the fact they lied about who they potentially breached.

Now we’re learning that companies, including affirm, are also affected.

According to the article we’ll be linking to, several different companies are affected.

Can you name them? Send your guesses in and don’t read past this point unless you’ve guessed first.

The paragraph with the answer says:

Evolve lists a series of companies on its site as partners that rely on the banking giant to offer some of their financial and lending services. To understand the impact of the Evolve breach on these companies, TechCrunch reached out to Affirm, Airwallex, Alloy, Bond, Branch, Dave, EarnIn, Marqeta, Mastercard, Melio, Mercury, PrizePool, Step, Stripe, TabaPay and Visa.

I’m actually surprised on two of these, Stripe and Visa. While most consumers don’t deal with Visa directly, this could actually be a bit of a concern, although they do issue cards to various banks like Capital One as an example. I have the same comment about mastercard too. The others I have not heard of, but affirm Terry has discussed at times so I know who they are.

Several companies weighed in, including several after press time as the article was updated since initial publication. I’m reading from that version.

Only Affirm, EarnIn, Marqeta and Melio responded to the request for comment.

Now, let’s see what each company said about themselves.

Affirm spokesperson Matt Gross told TechCrunch that the company is investigating the incident and “will communicate directly with any impacted consumers as we learn more.”

Affirm also alerted its customers in a post on X, writing that the Evolve breach “may have compromised some data and personal information” of Affirm customers. The company also said that it’s safe to use its card and Money Accounts, and that its investigation into the impact of the breach is still ongoing.

EarnIn spokesperson Stephanie Borman said that the company is “aware of this incident and monitoring it closely.”

Marqeta spokesperson Kelly Kraft told TechCrunch that the company is aware of the breach, and that “Evolve supports a small part of our overall business.”

“Our customers affected by this incident have been notified, and we are working closely with Evolve to understand their remediation effort and how our mutual customers may be impacted,” Kraft said in an email.

Melio co-founder and CEO Matan Bar told TechCrunch that the company is aware of the breach and “diligently working with them to determine if Melio or any of our customers were impacted by it. We will keep our customers informed with any relevant information as we learn more. There have been no disruptions to Melio’s operations as a result of this incident.”

Another Evolve partner, the fintech startup Mercury, said on X that the Evolve breach impacted records associated with the company, “including some account numbers, deposit balances, business owner names, and emails.”

As for evolve, I don’t understand why they haven’t just been shut down because of how ignorant they are.

If you’ve not read from the LockBit article, take this pill and swallow it whole.

Evolve has made headlines recently for other matters related to its fintech partnerships. On June 14, the Federal Reserve ordered Evolve Bank “to bolster its risk management programs around fintech partnerships as well as anti-money laundering laws.”

According to a statement by the Fed, examinations conducted in 2023 found that Evolve “engaged in unsafe and unsound banking practices by failing to have in place an effective risk management framework for those partnerships” with financial technology companies.

The bank has also been associated with the meltdown of banking-as-a-service startup Synapse, which provided a service that allowed others — mainly fintechs — to embed banking services into their offerings. When Synapse filed for bankruptcy this year and an attempted rescue acquisition of its assets by TabaPay fell through, the company pointed blame at its partner bank, Evolve — a saga that continues to play out.

I bet we’re going to learn more about these stupid jackasses, in due time. I tell you what, if I had a relationship with this bank, I’d be cutting my ties with them.

“Until you show me you care about cybersecurity, fuck you.”

Comments (0)

Hubspot had a breach, contained it

Deva On Breaches put this on my radar, but I didn’t get a chance to read it till recently.

The good news is that they didn’t have a huge breach, only a slight one.

The account holders were contacted by the company, and full details are available through the article.

It is titled HubSpot says it’s investigating customer account hacks if you want to read more.

Thanks for reading!

Comments (0)

TSB 197, intermediate a: Learning the business

This is the 48.2mb download of this intermediate program with J.

While I caught this in my feed, I haven’t listened to this all the way through but found the title very interesting. Maybe this group could take something out of it.

A link to the video will follow.

Welcome to podcast 197, intermediate A. J Wolfgang Goerlich is along with a very interesting talk. While I’ve not listened to it in full, I did think of putting this out as it talks about risk. Maybe its a risk you don’t know much about, so let’s learn together.

J Wolfgang Goerlich: My RSA talk is up. Join me in dismantling the myth of the weakest link, and building human-centric and human-first security programs.

The Language of the Business: Applying Behavior Science for Risk Management https://www.youtube.com/watch?v=BFkM9FxTP8g

link to the video

The show is less than an hour. Thanks for listening!

Comments (0)

Diatribes of the month: June 2024

Hello folks,

I usually post this on the first, and I’m glad I waited. I definitely needed the rest and I saw a message about one of the items in the list. The following are the diatribes of the month that were posted and agreed upon from the team.

One, which I liked, I can see the point that I didn’t go off enough so it didn’t make the cut.

Comments (0)

« Newer PostsOlder Posts »

go to sections menu

navigation menu

go to sections menu