Shaws and Star Market Data Breach – What You Need To Know

So yes yet again we are faced with another data breach of a major chain of retail stores. This time it is Shaws and Star Market. These companies are owned by Albertsons.

At this point the details have not been released. It would appear that the Point of Sale (POS) system was probably targeted to steal the customer information.

So what did they get? Allegedly they have Names,Expiration Dates, Card Numbers, Pin Numbers (Unclear), and 3 digit security codes. Customers that shopped at Shaws and Star Markets between June 22 and July 17 should keep a close eye on their bank accounts and report any discrepancies to their financial institutions.

TrueCrypt is dead…

Yes the rumors are true…  TrueCrypt after a decade has been retired.  The developers are urging people to switch to their native OS encryption (BitLocker, LVM, FileVault).  You can read more from them here –> http://truecrypt.sourceforge.net/

I am not going to get to far into this as I feel Steve Gibson at GRC has done a great job, and I will link you to his blog post about TrueCrypt.

Yes… TrueCrypt is still safe to use.

https://www.grc.com/misc/truecrypt/truecrypt.htm

-JT

IE Zero Day? Lets not Over React!

So yes there is another zero day bug in IE 8.  So what does this mean?  Well for those still using IE 8 there is a good chance you are still running Windows XP which is EOL (End of Life).  So one consideration would be to move to a newer operating system such as Windows 7 or Windows 8.1.  More info can be found here –> http://www.v3.co.uk/v3-uk/news/2346530/microsoft-promises-fix-for-internet-explorer-zero-day-flaw

 

My advice is as follows:

Create Obscure Wordlist’s in John

Create Mangled Password Lists with John

Ok so I made this video because I had a need to create such a list, and I figued if I was doing it I might as well make a video in case anybody else could also use some help with this.  There are many ways to do this I am just showing you the one I used.  Thanks for watching!

Notes:

The opinions and thoughts on this blog are those of Overflow Security members, and do not reflect those of our members employers.