InfoSec News

Hacker

Pre-IPO online fashion marketplace Poshmark announces data breach

By

Pre-IPO online fashion marketplace Poshmark announces data breach

By William Knowles @c4i
Senior Editor
InfoSec News
August 1, 2019

Poshmark, the largest social commerce marketplace for fashion alerted users on Thursday via email and their blog that “data from some Poshmark users was acquired by an unauthorized third party.

“The data acquired does not include any financial or physical address information, and we do not believe your password was compromised.” Poshmark recommends that you change your password as a precaution and security best practice.”

According to Poshmark, Canadian users weren’t affected and this data breach was limited to U.S. users only.

The data that was stolen includes “certain user profile information specified for public use such as username, first and last name, gender, and city.” “Certain internal account information such as email address, user ID, size preferences, and one-way encrypted passwords salted uniquely per user (making it nearly impossible to use these passwords to access an account), as well as social media profile information collected when users connect social media accounts to Poshmark” and “Certain internal Poshmark preferences for email and push notifications”

The Poshmark security notice continues to say “We take the trust you have placed in us extremely seriously, and immediately upon learning of this incident, we expanded our security measures even further. We conducted an internal investigation and retained outside experts, including a  leading security forensics firm. The security forensics firm we retained ran extensive testing designed to find vulnerabilities in our software and systems. After the testing, the firm reported that it did not find any material vulnerabilities. While our security was already strong, we have implemented enhanced security measures across all systems to help prevent this type of incident from happening in the future.”

How this data breach will affect Poshmark’s reported fall IPO is unclear, Poshmark has tapped Goldman Sachs Group Inc. and Morgan Stanley as its underwriters, according to the WSJ.

The Redwood City-based company was founded in 2011 by Manish Chandra, Tracy Sun, Gautam Golwala and Chetan Pungaliya and has raised about $153 million since its inception in 2011. Its last funding round, an $87.5 million Series E announced in November 2017, gave it a valuation of $600 million, according to its Crunchbase profile. Backers include Mayfield Fund , Menlo VenturesTemasek Holdings, and GGV Capital.

 

 

 

 

U.S. Army Cyber Command releases the DoD Identity Awareness and Protection Management Guide

By

 

By William Knowles @c4i
Senior Editor
InfoSec News
August 1, 2019

U.S. Army Cyber Command has posted the DoD Identity Awareness and Protection Management Guide for easy downloading.

The Identity Awareness, Protection, and Management (IAPM) Guide is a comprehensive resource to help you protect your privacy and secure your identity data online.

The IAPM Guide is divided into two-page chapters detailing key privacy considerations on the most popular online services, mobile apps, and consumer devices available in the market today. Each chapter provides you with tools, recommendations, and step-by-step guides to implement settings that maximize your security. The guide is updated twice a year, in March and September.

While some of the chapters in the IAPM Guide deal with technical issues, they do not require a technical background to follow.

The US Department of Defense creates this guide as a public service and hopes this guide will help readers keep their identities private and secure.

The Weather Channel compromised by Malware Attack Trevor

By

By William Knowles @c4i
Senior Editor
InfoSec News
April 19, 2019

The Weather Channel’s normally quiet morning broadcast was suspended for a brief time on Thursday after what it said was a “malicious software attack on the network.”

America’s Morning Headquarters – “AMHQ” the Weather Channel’s morning show, was unable to air at 6 a.m. The Weather Channel showed “Heavy Rescue: 401” until 7:39 a.m. when “AMHQ” was back on the air.

“We experienced issues with this morning’s live broadcast following a malicious software attack on the network,” the Weather Channel said in a statement. “We were able to restore live programming quickly through backup mechanisms. Federal law enforcement is actively investigating the issue. We apologize for any inconvenience to viewers as we work to resolve the matter.”

pic.twitter.com/ovSgrgHxXY

— The Weather Channel (@weatherchannel) April 18, 2019

“The Weather Channel, sadly, has been the victim of a malicious software attack today,” said The Weather Channel anchor Jim Cantore. “Yes, and it has affected our ability to bring you your weather information,” added anchor Stephanie Abrams. “So we just wanted to say thank you again for your patience and we want to get right to today’s severe weather.”

The Weather Channel tweeted “We are experiencing technical difficulties with our live broadcast. We apologize for any inconvenience while we resolve this issue. We appreciate your patience.” — The Weather Channel (@weatherchannel) April 18, 2019

It’s too early to know if this was a targeted attack and what the vector was to upload malware to The Weather Channel. It could have been as simple as phishing the Weather Channel employees with a salacious email like “Reed Timmer and Ginger Zee vacation photos” but it was obvious The Weather Channel had learned inexpensive lessons about making regular backups and keeping copies offline to prevent future compromises like the $300 million ransomware attack on the Maersk Group.

Citrix compromised by international cybercriminals

By

By William Knowles @c4i
Senior Editor
InfoSec News
March 11, 2019

Late last week, Citrix announced in a statement by Chief Security and Information Officer, Stan Black that they were hit by hackers in attacks that potentially exposed terabytes of customer data and potentially internal Citrix corporate secrets.

“On March 6, 2019, the FBI contacted Citrix to advise they had reason to believe that international cybercriminals gained access to the internal Citrix network.”

“Citrix has taken action to contain this incident. We commenced a forensic investigation; engaged a leading cybersecurity firm to assist; took actions to secure our internal network; and continue to cooperate with the FBI.”

“Citrix is moving as quickly as possible, with the understanding that these investigations are complex, dynamic and require time to conduct properly. In investigations of cyber incidents, the details matter, and we are committed to communicating appropriately when we have what we believe is credible and actionable information.”

“While our investigation is ongoing, based on what we know to date, it appears that the hackers may have accessed and downloaded business documents. The specific documents that may have been accessed, however, are currently unknown. At this time, there is no indication that the security of any Citrix product or service was compromised.”

Hackers Deface Electronic Billboard Near Seattle Washington

By

By William Knowles @c4i
Senior Editor
InfoSec News
January 1, 2019
Updated: January 3, 2019

For 99.9999% of the world’s population, New Year’s Eve is a time to let your hair down and have a few drinks celebrating the passing of another year, but I suspect its just another day on the calendar for John McAfee when he shared this tweet (Very NSFW) to his 885K followers on Twitter.

So it comes to no surprise that billboard hackers @le_keksec shared McAfee’s tweet to hundreds of thousands more near Seattle Washington and was reposted posted to Twitter. (NSFW)

On Tuesday, a McAfee spokesperson confirmed that the billboard operator was hacked and as a result, the display has been shut down.  McAfee, a device to cloud cybersecurity company headquartered in Santa Clara, California, also noted that John McAfee has not been affiliated with the company in any capacity for over 25 years.