What The Hell Just Happened Here?

I never could keep my mouth shut. When a conversation is going on, I can't just mind my business and focus on the work at hand. I have to be the man at the table who injects quips into the discussion; the guy who thinks he's not contributing properly unless he pontificates, no matter how ridiculous his words are. That was the scenario Friday when some of us Akamites (Akamai ...

Continue reading

Bill Brenner Is Joining Liquidmatrix

Fresh from the “why the hell didn’t I think of this years ago” files we have some news. Bill Brenner is joining Liquidmatrix! It will be nice to actually have someone writing again. Hint hint. (looking at the crew…myself included) Nothing like a comment made in passing to develop into a cool idea. Years ago Bill was the first media person to interview me for…well, any publication. ...

Continue reading

NSA Proof? $2 Million In Backing

The company Protonet is sitting in the right place at the right time. With the Snowden docs continuing to cause churn and the edition of Condoleezza Rice, former US Secretary of State, to the board at Dropbox, more people are looking for secure alternatives. Protonet was launched a year ago and on the heels of the Reset the Net movement decided to launch a courdsourcing initiative. From The Inquirer: The ...

Continue reading

Hershey Medical Center Data Breach

It seems that some 1,800 patients of the Hershey Medical Center may possibly have had their personal information breached. A staffer with the hospital had uploaded patient data to his home computer in order to work on it without having authorization to do so. From Lancaster Online: Officials at the hospital said in a press release Friday afternoon that results of an extensive internal investigation give no indication that any unauthorized ...

Continue reading

Mt. Gox “Found” Some Missing Bitcoins

Exactly how does this happen? Sheer incompetence, that's how. Today I read that Mt. Gox discovered an "old" wallet with 200,000 bitcoins in it. What the ever living...are you kidding me? From CNN: "On March 7, 2014, Mt.Gox Co., Ltd. confirmed that an old-format wallet which was used prior to June 2011 held a balance of approximately 200,000 BTC," the statement said. Karpeles said that the discovery was reported to lawyers on March 8. ...

Continue reading

Spy Satellites Backdoored

Oh this just keeps getting better. Apparently some back doored parts made in the US were discovered in a couple of brand new spy satellites. From Defense News: A United Arab Emirates (UAE) deal to purchase two intelligence satellites from France worth almost 3.4 billion dirhams (US $930 million) is in jeopardy after the discovery of what was described as “security compromising components.” A high-level UAE source said the two high-resolution Pleiades-type ...

Continue reading

Mailbag: A package from Jericho

On September 7, I received a small package from Jericho (@attritionorg) as a "prize" for submitting a picture of Lazlo near SCADA gear.  I finally got to meet him in Las Vegas this summer at BSidesLV and DEF CON.  We must have trolled each other for at least a year on twitter about CyberSCADASquirrels.  One day we'll probably publish a whitepaper on the correlation between the population density of squirrels and ...

Continue reading

Liquidmatrix Security Digest Podcast – Episode 30

Episode 0x30 Getting the band back together... Because you know, it *IS* a weekly podcast afterall. Upcoming this week... Lots of News Kittens SCADA / Cyber, cyber... etc. finishing it off with DERPs/Mailbag And there are weekly Briefs - no arguing or discussion allowed And if you've got commentary, please sent it to [email protected] for us to check out. DISCLAIMER: It's not that explicit, but you may want ...

Continue reading

Have SCADAs — will travel!

Hi everyone! Long time listener, first time blogger.  First, I want to thank Cap'n Dave for inviting shoving me aboard the Black Pearl and making me a part of the Liquidmatrix band of pirates.  I am honored! I wanted to go to Hacker Summer Camp last year, but I wasn't sure how to make it work...since I am just a SCADA Engineer, not a pentester or infosec rockstar.  This ...

Continue reading

NASDAQ Forum Site Was Hacked

Not entirely sure how I managed to miss this one but, it seems that a NASDAQ forum site was hacked. Specifically a community forum site for NASDAQ was in fact compromised on Tuesday of last week. From Huffington Post: Cyber-criminals targeted Nasdaq OMX Group's community forum website and gained access to the email usernames and passwords of the members of the site, which took two days to come back online ...

Continue reading