1 of 1
Security Class » Security Class Article #6 - Due Monday December 3rd » 11/27/2018 10:49 am |
Rosa:
The United States Postal Service has patched a critical security vulnerability that exposed the data of more than 60 million customers to anyone who has an account at the USPS.com website. The attacker could have pulled off email addresses, usernames, user IDs, account numbers, street addresses, phone numbers, authorized users and mailing campaign data from as many as 60 million USPS customer accounts. The Postal Service ignored the report for a year until recently. The Postal Service is further investigating.
Security Class » Security Class Article #5 - Due 11/19/18 » 11/16/2018 9:58 am |
Rosa Perez
White hat hackers competition held Nov 13-14 in Tokyo found that Iphone X with IOS 12.1, Samsung Galaxy 9, Xiaomi Mi6 running the latest version of software from popular smartphone manufacturers can be hacked. A team of two researchers, Richard Zhu and Amat Cama, who named themselves Fluoroacetate, discovered and managed to exploit a pair of vulnerabilities in a fully patched Apple Iphone X over WiFi. For their target they chose to retrieve a photo that had recently been deleted from the Iphone. They also hacked in the Samsung Galaxy S9 by exploiting a memory heap overflow vulnerability in the phone's baseband component and obtaining code execution. Xiaomi Mi6 handset via NFC(near-field communications) which is using the touch-to-connect feature, they forced the phone to open the web browser and navigate to their specially crafted webpage. With the highest of 45 points and a total of $215,000 prize money, Fluoroacetate researchers Cama and Zhu earned the title "Master of Pwn, logging five out of six successful demonstrations of exploits against Iphone X, Galaxy S9, & Xiaomi Mi6. The vulnerabilities will be available in 90 days and they will remain open until the affected vendors issue security patches to address them.
Security Class » Security Discussion Article #3 - Due Monday the 29th.... » 10/29/2018 10:17 am |
British Airways[/url] has revealed that another 185,000 customers may have had personal details stolen in a data breach. Customers who made reward bookings using a payment card between 21 April and 28 July this year may be at risk. On top of that, hackers may have stolen names, addresses, email addresses, card numbers, expiry dates, and card verification value (CVV) numbers for another 77,000 customers, British Airways said, [url= ]potentially allowing purchases to be made. Another 108,000 may have had details stolen not including the CVV, the three-digit code which acts as an extra layer of protection for online transactions. All affected customers will be contacted via email before 5pm on Friday, a spokesperson for British Airways said.
[url= ]
-Rosa[/url]
Security Class » Security Discussion Topic #2 Due Monday the 15th » 10/12/2018 10:17 am |
Google says a bug in an API for its Google+ social networking service exposed personal details for about 500,000 accounts, but it believes the data wasn't misused. Google patched the bug in March but chose to not publicly disclose the problem, based on a recommendation made by its privacy and data protection office. Google's decision to not disclose the data leak is likely to raise eyebrows because technology companies have faced increasing pressure and regulatory scrutiny over their data handling and privacy practices.
Security Class » Security Discussion Article #1 - Post reply to this article » 10/03/2018 10:29 am |
1 of 1