http://www.securityweek.com/hackers-steal-details-verizon-enterprise-customers

By Eduard Kovacs on March 25, 2016

Eduard Kovacs from Security Week at SecurityWeek.com reports that hackers steal details of Verizon Enterprise Customers.

Verizon Enterprise Solutions is a division of Verizon Communications that specializes in designing, building and operating networks, IT systems and mobile technologies for businesses and governments.

This is a prominent member of an exclusive underground forum that has been offering to sell a database storing the contact information of roughly 1.5 million Verizon Enterprise customers.

The complete database is offered for $100,000, but interested parties can also acquire sets of 100,000 records for $10,000. The seller has also offered information on vulnerabilities in Verizon’s website.

The database is available in multiple formats, including MongoDB. There have been many incidents over the past period where misconfigured MongoDB databases exposed a large number of records of sensitive information.

Verizon Enterprise representatives have confirmed that their website had been plagued by a vulnerability that allowed hackers to steal customer contact information, but has not specified how many are affected. The company noted that the attackers have not gained access to customer proprietary network information or other data. Affected clients will be notified.

“Most companies have a very difficult time managing this issue as it generally falls somewhere between the web team, marketing, regional teams and the security team … and that basically means no one is looking after it. This really is an area where expertise is required and often comes in the form of partnering with experts to manage,”

http://www.securityweek.com/amazon-changes-stance-encryption-fire-tablets

Amazon originally said the move to weaken data security on its Fire devices was because customers weren’t using certain features.

“In the fall when we released Fire OS 5, we removed some enterprise features that we found customers weren’t using,” an Amazon spokesperson told SecurityWeek on March 4.

Amazon has changed its stance on full disk encryption, and says that it will bring back the data protection measure in the near future, after significant backlash and bad press.

Amazon’s flip-flop on encryption for its Fire devices comes amid avid discussions regarding the security and privacy of smartphones and similar devices after Apple refused to help the FBI unlock the iPhone belonging to the San Bernardino Islamic terrorist.

Amazon FireOS is an Android-based mobile operating system produced by Amazon for its Fire Phone and Kindle Fire range of EReaders, and other content delivery devices like Fire TV; the tablet-version of the Kindle Fire is the Amazon Fire HDX. It is forked from Android. Fire OS primarily centers on content consumption, with a customized user interface and heavy ties to content available from Amazon’s own storefronts and services. https://en.wikipedia.org/wiki/Fire_OS

http://www.securityweek.com/romanian-court-approves-extradition-hacker-guccifer-us

Using the online nickname “Guccifer,” Marcel Lazar Lehel is said to have hacked into the email accounts of several people in the United States between December 2012 and January 2014, including members of the Bush family, former Secretary of State Colin Powell, venture capitalist John Doerr, journalists, actors, and military officials. He also targeted at least two Romanian officials.

The hacker said he breached their accounts by guessing the answers to security questions.

Romanian authorities arrested Lazar in January 2014 with the aid of U.S. authorities. In June 2014, he pleaded guilty and was sentenced to seven years in prison for hacking the accounts of Romanian politician Corina Cretu and George Maior, the head of the Romanian Intelligence Service (SRI).

Lazar, known by Romanian authorities as “Little Fume,” had previously received a three-year suspended sentence for hacking into the online accounts of many celebrities in Romania.

http://www.securityweek.com/top-reasons-pay-attention-dark-web

Top Reason To Pay Attention To The Dark Web

Tim Layton offers a great perspective regarding content in the Deep Web or as he refers to it “Dark Web”

His inside information breaks down what a new user can expect once Tor is open and simple searches are done throughout the special Firefox browser.

There are good reasons for taking advantage of Dark Web intelligence but we should also explore the challenges of collecting it says Layton but also he offers the other side of the story due to kegal and unknown reasons why not to surf in the dark web.

http://www.technewsworld.com/story/83023.html

I found this article very interesting because new technology cellphones will be able to contain unbreakable encryption or will include the ability to be unlocked by their manufactures or OS provided according to Jim Cooper, California State Assemblyman.

The bill would help to fight human traffickers, who use smartphones as tools and for other security and technical reasons.

Thank you,

Roberto Nogueda.

http://www.infosecurity-magazine.com/opinions/why-security-professional-nosql/

“A NoSQL database provides a mechanism for storage and retrieval of data that is modeled in means other than the tabular relations used in relational databases.”