Monthly Archives: December 2010

Immediate Vault

A Weekend of Hacker Attacks

Posted on by

Over the weekend, pharmacy giant Walgreens fell victim to a computer criminal that stole its email marketing list from a third party. The hacker then sent out realistic looking spam that asked people to enter their personal information into a web page controlled by hackers. Even worse, those customers that had opted out of receiving marketing emails from the drug store had their information stolen as well.

McDonald’s also experienced a data breach via a third party attack. Arc Worldwide is a company hired by McDonald’s to manage its promotional email campaigns. Arc Worldwide hired another company to actually send these promotional emails. It is that company, the name of which remains anonymous, that was the target of hackers. Though the stolen data did not contain sensitive information such as Social Security numbers or credit card information, it did contain names, phone numbers and physical addresses.

And lastly, Gawker media sites were targeted this weekend with hackers going after their more than one million commenters’ usernames and passwords. Those responsible for the attack, a group of hackers known as Gnosis, had a few words for Gawker.

buy finasteride online www.gcbhllc.org/scripts/html/finasteride.html no prescription pharmacy

“We went after Gawker because of their outright arrogance”—possibly towards the hacker community—”It took us a few hours to find a way to dump all their source code and a bit longer to find a way into their database. We have had access to all of their emails for a long time as well as most of their infrastructure powering the site. Gawkmedia has possibly the worst security I have ever seen. It is scary how poor it is. Their servers run horribly outdated kernel versions, their site is filled with numerous exploitable code and their database is publicly accessible.

buy proscar online www.gcbhllc.org/scripts/html/proscar.html no prescription pharmacy

It’s hard to believe that in 2010 we are still seeing major corporations and media outlets continuously, though unintentionally for the most part, exposing sensitive information. Yes, many blame hackers for disrupting business, stealing personal information and even shutting down websites entirely.

buy ciprodex online www.gcbhllc.org/scripts/html/ciprodex.html no prescription pharmacy

But one thing these hackers are not credited with is how they force these companies to adopt stricter web security. It would be tough to find a well-known company whose system was hacked and yet they did nothing to prevent such incidents in the future.

There’s a good and a bad to everything.

Recap of the IICF Benefit Dinner

Posted on by

Last night I was fortunate enough to attend the 4th annual Insurance Industry Charitable Foundation (IICF) benefit dinner at the Waldorf-Astoria here in New York. It was a packed house with more than 800 in attendance. The speakers and the atmosphere (not to mention the food) were amazing!

The lineup for speakers included Ken Griffey, Jr., Mark Messier, Rudy Giuliani, Greg Case of Aon Corporation, Marice Greenberg of C.V Starr and David Brinkman of Aon Benfield. The sports stars were there to speak on behalf of the charitable organizations with which they are associated (The Boys & Girls Club of America for Griffey and the Christopher and Dana Reeve Foundation for Messier).

The 2010 dinner honoree was Maurice “Hank” Greenberg, who applauded the IICF and all companies within the insurance industry for donating so much time, effort and money to great causes. Guiliani kept the crowd in stitches with sports jabs at Griffey and Messier and NYC borough trash talk. But he also thanked the industry for its generosity.

“The insurance industry is an enormous part of the city,” Guiliani said. “The fact that you want to reach out and help so many people is what America is about.”

Last night’s event raised $1.1 million for charity from the more than 130 major insurance companies that support IICF. A great night for a good cause.

Supporters of WikiLeaks Launch Attack

Posted on by

It was just last week that our own Jared Wade wrote a post about how WikiLeaks’ next target may not be military or government affiliated at all; it could be your company.

Early next year, Julian Assange says, a major American bank will suddenly find itself turned inside out. Tens of thousands of its internal documents will be exposed on Wikileaks.org with no polite requests for executives’ response or other forewarnings. The data dump will lay bare the finance firm’s secrets on the Web for every customer, every competitor, every regulator to examine and pass judgment on.

The website that relies on truth in everything has gained a massive following of fanatic supporters. So fanatic, it seems, that they have retaliated against those who have recently wronged WikiLeaks or its founder, Julian Assange. Here’s a list of those companies or individuals who have fallen victim to cyberattacks launched by WikiLeaks supporters:

  • Mastercard.com — WikiLeaks relies on donations to keep running and it was Mastercard who processed such donations. Well, with the media firestorm around the website and Assange lately, the card company severed ties with the site.
  • Amazon.com — The giant online retailer decided to revoke server space it had once granted to WikiLeaks.
  • PayPal — The online payment service chose to cut off its commercial cooperation with WikiLeaks.

Other targets include the lawyer representing two women who have accused Assange of sexual abuse and PostFinance, Assange’s bank, which closed his account. The attacks have been organized and launch by a group of hackers called Anonymous. One of the members granted an interview to the New York Times.

That activist, Gregg Housh, said in a telephone interview that 1,500 activists were on online forums and chatrooms including Anonops.net, mounting mass and repeated “denial of service” attacks on sites that have moved against Mr. Assange and WikiLeaks in recent days. The hacker army has rallied around the theory that all the actions against the organization and against Mr. Assange, including the rape accusations, are politically motivated efforts to silence those challenging authority. “To all of us,” Mr. Housh said, “there is no distinction. He is a political prisoner and the two things are completely entwined.”

The group has been successful; the websites for Mastercard, PayPal and PostFinance were all experiencing difficulties. Even more frightening, Anonymous claims to be planning further attacks on company websites. So it is true then, WikiLeaks’ next target, either directly or indirectly, could be your company.

Attention Walmart Shoppers: The DHS Needs Your Help

Posted on by

The Department of Homeland Security has teamed up with the world’s largest retailer in an attempt to reach millions of shoppers this holiday season (and beyond) to remind them to report suspicious activity to law enforcement. The program is dubbed “If You See Something, Say Something” (a familiar slogan to NYC transit riders) and is currently operating in 320 Walmart stores across the nation.

“Homeland security starts with hometown security, and each of us plays a critical role in keeping our country and communities safe,” [DHS] Secretary Janet Napolitano said. “This partnership will help millions of shoppers across the nation identify and report indicators of terrorism, crime and other threats to law enforcement authorities.”

The initiative will focus on informing customers in checkout lines via a short video message by Napolitano herself. Eventually, the program hopes to have close to 600 stores participating from 27 states. And it’s not only Walmart that has been selected for this campaign. The program has already partnered with the Mall of America, the American Hotel & Lodging Association, Amtrak, the Washington Metroplitan Area Transit Authority, the New York City Metropolitan Transit Authority, sports and general aviation. Here’s the video that some Walmart shoppers will see: