Forensic Examination of Chip card Fraud

Published by French security researchers in 2015, the paper details a forensic analysis of cards and chips utilized in a very high-tech case of fraud.   The article contains X-rays scans detailing the sophisticated nature of the forgery.

The original article is first followed by a 10/2015 Wired magazine interview with the researchers.

Forged PIN

Wired magazine story


Even the best can get fooled – be alert.

‘cuz we need lerts.  Lotsa lerts.  These days even the best can get fooled by the bad guys.   Brian Krebs provides details on how he and others got scammed by a hacked Amazon account.  Krebs also shows you screen shots from a darkweb crime site selling hacked Amazon accounts:

“But it’s likely to have been from a site like SLILPP, a crime shop which specializes in selling hacked Amazon accounts. Currently, the site advertises more than 340,000 Amazon account usernames and passwords for sale.”

Read the entire story here on Brian’s site

Then go forth and be a lert.


VPN Primer

privacyBrian Krebs: FCC Privacy and VPNs


S.J.Res.34 –  read the text and summary here – will be signed by the President in the coming days.  Certain corners describe S.J.Res.34 as a death knell for privacy,  a guaranteed downward greed spiral which, channeling George Carlin, will lose the war for the Allies.

Except, the FCC rules Res.34 rolls back were never in effect.  The FCC issued the rules but court proceedings kept them from ever taking effect.

As Brian Krebs points out, the privacy discuss has thrown light on the use of VPNs for privacy.  Unfamiliar with VPNS?  Read Brian’s article.  I also recommend visiting to compare and contrast the various VPN providers.


From the “We Got This” Department


Our “We Got This” Department recently came across a first-class example of “oops.”  Defense Point Security (DPI) –  big claim “the choice provider of cyber security services to the Federal Government” – announced that the personal information of every 2016 DPI employee was stolen in a spear phishing email.  The info included W-2 forms.

Let that sink in.

Read the complete story along with some good, solid common-sense advice on how to protect yourself here:  Krebs on Security

Speaking of Home Depot


An excellent case study of the Home Depot data breach by the SANS folks:

SANS Home Depot Case Study

SANS is an internet security training and research organization that, besides offering well received courses on cyber security (motto:  “No fee is too high”), provides several free research tools.

If you need background on the 2014, 56-million card Home Depot breach, Brian Krebs’ site contains all you need to know.  Start here:


Krebs On Security – Home Depot