iPhone 6 fingerprint scanner still vulnerable

http://www.cnet.com/news/apples-touch-id-still-vulnerable-to-hack-security-researcher-finds/
CNET found that Apple had not increased its security with the latest iteration of the iPhone 6’s fingerprint scanner. They were able to use fake finger prints to get into the iPhone just like they did with the iPhone 5. The technique ot create these fingerprints is very simple and anyone could do it in an afternoon with a single print of the target.

 

-John O’Brien

Advertisements

Jimmy John’s Data Breach

On September 24 the restaurant chain Jimmy John’s released a statement confirming a credit card breach that affected stores all over the states. Jimmy John’s estimates that about 324 stores where affected. Information exposed is believed to be card numbers, cardholder names, verification codes, and the cards expiration date.

It is believed that card an intruder stole log in information from point of sail vendors  and used their credentials to remotely install malware onto the point of sale systems. When costumers used their cards on purchases in the store the malware would capture data from the cards magnetic strip.  This malware has been removed from most of the afflicted systems.

-Kyle Slifer

http://www.databreachtoday.com/jimmy-johns-confirms-data-breach-a-7356

http://www.databreachtoday.com/vendor-100-restaurants-breached-a-7364

The “Shellshock” Bug

This past week a new bug has been discovered. It has been nicknamed the “Shellshock”. The bug is a glitch within bash in the Unix command shell. Basically, the command line will run a function but after the function is over it can continue to run code.

shellshock_bash

 

This is an issue that has gone unnoticed for almost 25 years. There are few issues. if a hacker get to your home computer, can simply run a function and some some malicious code and infect your system. However, if you are using a firewall it is not as big of a concern. Servers though are a little bit different. They are easier to infect since they aren’t protected by firewall and little complex to fix.

Good news is there are many patches already released since the discoverer, so fixing the bug will require a system update.

 

http://www.engadget.com/2014/09/25/what-is-the-shellshock/