Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2007-08-03 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

FTC wants your comments on SSN usage by the private sector.

Published: 2007-08-03
Last Updated: 2007-08-04 15:32:11 UTC
by donald smith (Version: 1)
0 comment(s)

From: https://secure.commentworks.com/ftc-SSNPrivateSector/

The Task Force recommended that these agencies gather information from stakeholders – including the financial services industry, law enforcement agencies, the consumer reporting agencies, academics and consumer advocates – in making this assessment.

When commenting you should realize that they are planning to publish the comments and contact information associated with those comments. But the only required fields are last name, state and country.

Keywords:
0 comment(s)

Vonage account hacking?

Published: 2007-08-03
Last Updated: 2007-08-03 22:46:54 UTC
by donald smith (Version: 1)
0 comment(s)

We received one report of a Vonage customer who received an email saying their password was changed. They typed the correct url directly into their browser and attempted to login with their “very difficult to guess random key password” but that failed. He tried the password that was provided via the email he and was able to access his account. He discovered that his last name was changed to something rather derogatory and that his phone numbers had been detached from the system.

If anyone else is seeing similar issues please let us know.

UPDATE:

This came from Ben:
“Not even authorized users (account-holders) of the Vonage service can remove a line from the account without having to call into Vonage customer care.“

 

Keywords:
0 comment(s)
Diary Archives