Jump to content

David H. Lipman

Experts
  • Content Count

    16,009
  • Joined

  • Days Won

    1

Everything posted by David H. Lipman

  1. Malwarebytes software for MS Windows does not target nor detect Apple MAC or Android malware. Malwarebytes software for MAC OS does not target nor detect Windows or Android malware. Malwarebytes software for Android devices does not target nor detect Windows or Apple MAC malware. The Malwarebytes' Engine and Signatures on Virus Total only target MS Windows malware and is a subset of what MBAM for Windows will detect on a PC.
  2. Windows Malware and/or suspected Windows Malware are submitted in; Newest Malware Threats after reading; Malware Hunters group Purpose of this forum
  3. https://www.wawa.com/alerts/data-security "An Open Letter from Wawa CEO Chris Gheysens to Our Customers December 19, 2019 NOTICE OF DATA BREACH Dear Wawa Customers, At Wawa, the people who come through our doors every day are not just customers, you are our friends and neighbors, and nothing is more important than honoring and protecting your trust. Today, I am very sorry to share with you that Wawa has experienced a data security incident. Our information security team discovered malware on Wawa payment processing servers on December 10, 2019, and contained it by December 12, 2019. This malware affected customer payment card information used at potentially all Wawa locations beginning at different points in time after March 4, 2019 and until it was contained. At this time, we believe this malware no longer poses a risk to Wawa customers using payment cards at Wawa, and this malware never posed a risk to our ATM cash machines. I want to reassure you that you will not be responsible for any fraudulent charges on your payment cards related to this incident, as described in the detailed information below. Please review this entire letter carefully to learn about the resources Wawa is providing and the steps you should take now to protect your information. I apologize deeply to all of you, our friends and neighbors, for this incident. You are my top priority and are critically important to all of the nearly 37,000 associates at Wawa. We take this special relationship with you and the protection of your information very seriously. I can assure you that throughout this process, everyone at Wawa has followed our longstanding values and has worked quickly and diligently to address this issue and inform our customers as quickly as possible. What Happened? Based on our investigation to date, we understand that at different points in time after March 4, 2019, malware began running on in-store payment processing systems at potentially all Wawa locations. Although the dates may vary and some Wawa locations may not have been affected at all, this malware was present on most store systems by approximately April 22, 2019. Our information security team identified this malware on December 10, 2019, and by December 12, 2019, they had blocked and contained this malware. We also immediately initiated an investigation, notified law enforcement and payment card companies, and engaged a leading external forensics firm to support our response efforts. Because of the immediate steps we took after discovering this malware, we believe that as of December 12, 2019, this malware no longer poses a risk to customers using payment cards at Wawa. What Information Was Involved? Based on our investigation to date, this malware affected payment card information, including credit and debit card numbers, expiration dates, and cardholder names on payment cards used at potentially all Wawa in-store payment terminals and fuel dispensers beginning at different points in time after March 4, 2019 and ending on December 12, 2019. Most locations were affected as of April 22, 2019, however, some locations may not have been affected at all. No other personal information was accessed by this malware. Debit card PIN numbers, credit card CVV2 numbers (the three or four-digit security code printed on the card), other PIN numbers, and driver’s license information used to verify age-restricted purchases were not affected by this malware. If you did not use a payment card at a Wawa in-store payment terminal or fuel dispenser during the relevant time frame, your information was not affected by this malware. At this time, we are not aware of any unauthorized use of any payment card information as a result of this incident. The ATM cash machines in our stores were not involved in this incident. What We Are Doing As soon as we discovered this malware on December 10, 2019, we took immediate steps to contain it, and by December 12, 2019, we had blocked and contained it. We believe this malware no longer poses a risk to customers using payment cards at Wawa. As indicated above, we engaged a leading external forensics firm to conduct an investigation, which has allowed us to provide the information that we are now able to share in this letter. We are also working with law enforcement to support their ongoing criminal investigation. We continue to take steps to enhance the security of our systems. We have also arranged for a dedicated toll-free call center (1-844-386-9559) to answer customer questions and offer credit monitoring and identity theft protection without charge to anyone whose information may have been involved, which you can sign up for as described below. " Wawa says malware may have collected customer card info "New York (CNN Business)If you bought something with a credit or debit card from a Wawa convenience store in the last nine months, your personal information might have been swiped. On December 10, the company found malware on the servers it uses to process payments at "potentially all Wawa locations," said Wawa CEO Chris Gheysens in a letter Thursday to customers. He added that the company was able to get rid of the malware within two days, and that the firm believes it no longer poses a risk to customers. Cards used at Wawa stores between March 4 and December 12 could have been compromised. Gheysens said the malware could have affected credit and debit card numbers, expiration dates and cardholder names on cards used at in-store cash registers or gas pumps. Wawa's ATMs were not affected. Debit card PIN numbers, credit card CVV2 numbers (the three or four-digit security code printed on the card), other PIN numbers, and driver's license information used to verify age-restricted items were not exposed, according to Gheysens. At this time, the chain said it wasn't aware of any unauthorized use of payment card information. Gheysens said customers will not be responsible for fraudulent charges on their cards. Wawa is offering free identity theft protection and credit monitoring at no charge to its customers. The Philadephia-based chain has more than 850 convenience retail stores in Pennsylvania, New Jersey, Delaware, Maryland, Virginia, Florida, and Washington, DC, according to its website."
  4. A little too slow and needs a tabla to get a beat going. I believe the Sitar is the most complex of all string instruments.
  5. I did as well. I just loved the Dance scene to David Bowie's music and the joust scene with the music of Queen's We Will Rock You. I don't think the two tales compare. Kevin Costner and Morgan Freeman's Robin Hood: Prince of Thieves set the gold standard. RIP Heath Ledger and Alan Rickman .
  6. Me thinks thou gentleman plays too kind with his words.
  7. I've been enjoying Michael Winslow since Cheech and Chong !
  8. Robin Hood with Jamie Fox, 2018 What a piece of crap ! The costumes are more modern that 15th century. The dialogue sucked as they spoke using modern styling with modern linguistic pros, just with most actors using a British accent and dialect, there were even American style dialects. "He had it coming" she said... Are you kidding me ? That's not 15th century linguistics. A modern glass bottle ? Really ???? I saw a character with modern glasses. Are you kidding me ? Glasses with milled metal and machined micro-screws in the hinges. Optics were in their infancy in the 17th century, Galileo was early 1600's. WTF ! On a 0 ~ 10 scale -- 0 ! Can you you say Crap ? Sure, I knew you could.
  9. Malwarebytes is for physical disk files that can be used to do all sorts of malicious and/or nefarious acts. As in MALicious softWARE or malware. The email is a confidence game or simply a "con". The email is an example of Social Engineering which is the Human Exploit. It is exploiting a fear of infection or private data release or embarrassing content and is attempting to exploit human vulnerabilities to gain a monetary ( BitCoin ) gain with out having to extended much energy and at a relatively low cost.
  10. That's not ransomware. That's Blackmail. This is purely a scam and they send those emails out en masse hoping one or two bite at the bait. Just delete the email and then change your email password to a new Strong Password just to make sure. Additionally, you can enter your email address(es) in the following site and it will check to see if that email address was part of a known breach. https://haveibeenpwned.com/ Please reference: ----------------- US FBI PSA - Extortionists Increasingly Using Recipients' Personal Information To Intimidate Victims US FTC Consumer Information - How to avoid a Bitcoin blackmail scam MyOnlinesecurity - attempted-blackmail-scam-watching-porn BleepingComputer - Beware of Extortion Scams Stating They Have Video of You on Adult Sites Malwarebytes' Blog - Sextortion emails: They’re probably not watching you Malwarebytes Forum sample thread - Got strange threating email. Malwarebytes Forum FYI thread - FYI: Email Blackmail Scam still current
  11. MBAM is a desktop anti malware solution and is not designed for a web server ( HTTP/HTTPS ) on a hosting service such as BlueHost.
  12. So A Batch file could be... @Echo off schtasks /Delete /F /TN “Microsoft\Windows\End Of Support\Notify” schtasks /Delete /F /TN “Microsoft\Windows\End Of Support\Notify2” schtasks /Delete /F /TN “Microsoft\Windows\Setup\EOSnotify” schtasks /Delete /F /TN “Microsoft\Windows\Setup\EOSnotify2” Reg File... Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\SipNotify] "DateModified"=hex(b):80,aa,b1,1c,0d,aa,d5,01 "LastShown"=hex(b):80,aa,b1,1c,0d,aa,d5,01 "DontRemindMe"=dword:00000001
  13. Oh boy -- Thanx for the update ! Any notes on additional Registry modifications ?
  14. "Who" or "what" is being declared as "they" ? Is there a script, PE binary or web site that is causing this ? Before we can draw conclusions, we have to have a basis of facts and evidence.
  15. That's a loaded question that infers nefarious intent. Since I don't see such behaviour I'd say zero monetary remunerations,
  16. Just breathing the air Today increases a cancer risk. Don't worry -- be happy !
  17. Not too long ago, a very smart sage had suggested I try Systinternals Process Monitor. At that time I had indicated I would but, not at the time. However subsequently I did but no cogent information was gleamed. At some future time I may try again or use some other Sysinternals utility or other tool and approach it from another angle of approach. Yes, I have an image made by SeaGate's OEM of Acronis True Image performed on a regular basis. This is done regardless of how many time I use my KiXtart backup script to just backup data.
  18. Too many user configurations to move to a new Profile. Just not worth it. I use Devices and Printers as a Front End to "Eject" removable media after running a KiXTart Script that uses RoboCopy to make a data backup to said removable media. It was easier when the Devices and Printers used text and an Icon to identify the USB or eSATA device Now I have to determine with that "Device" is and then I can choose the correct one, choose Eject.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.