List of data breaches and cyber attacks in October

30 Oct

By 3 October, I knew this month was going to be a bad one. Before the month had even kicked off, 76 million customers of JPMorgan Chase had been affected by a massive data breach. October just went downhill from that point.  IT Governance

Makaseh Identity vs New Email Ownership Header

28 Oct

Working with Yahoo, Facebook engineers developed an SMTP extension called Require-Recipient-Valid-Since (RRVS) which inserts a time-stamp in the header of an email message that indicates when Facebook last confirmed ownership of the Yahoo account.  “If the account changed hands since our last confirmation, Yahoo can just drop the message, preventing delivery of sensitive messages to the wrong hands,” said Murray Kucherawy, a software engineer at Facebook.

Makaseh Identity is a recognition tool that would positively identify a person, at any point of time and from any location. Recognition can be shared with third party web apps such as Face book, Hotmail etc and other apps installed in a PC or Tab or  Monitoring/Control systems. It would make the Cyber space secure and reliable for Users. Service providers can  operate with the knowledge that their customers will not be harmed by cyber-space delinquents.  Please check the links below for more information.

Makaseh Identity is Free for users without any time limit and can be used for any number of applications. 

Phone-In Protection

Your Own Secure Cloud Suite

Hacking ATMs: The New Wave of Malware

25 Oct

Kaspersky Lab have observed several attacks on Automated Teller Machines (ATMs) which were infected by malware dubbed Tyupkin. Tyupkin is one of the most popular malwares used by criminals to compromise ATMs and force these machines to release cash on demand.  INFOSEC


21 Oct

“We took a hacker to a café and, in 20 minutes, he knew where everyone else was born, what schools they attended, and the last five things they googled.”  Hackinsight

Makaseh Identity is for your Cyber Protection

Millions vulnerable UPnP devices vulnerable to attack

19 Oct

Researchers at Akamai firm have observed an increase of new reflection and amplification DDoS attacks exploiting Internet of Things devices (e.g. SOHO devices, routers, media servers, web cams, smart TVs and printers), which that misuses communications protocols.     Security Affairs

Makaseh Identity will prevent unidentified requests for software and hardware applications.

How To Talk To Spooked Customers About Cyber Security

15 Oct

The high-profile security-breaches of the last two years have made consumers much more aware of the risk to their financial and personal safety when a company they do business with is hacked.  –  Forbes

Encryption or Recognition?

13 Oct


Systems are always good tools designed and developed with good intentions.  They are designed for a purpose and as long as the conditions for which they are designed exists, it would generate a proper result.  The weakness in  systems are the conditions that is supposed to activate it; if one could override the conditions by concealing, imitating or falsifying it, the system could be made to work the way it should not.  Hackers and code breakers employ tactics that would make a system accept a condition that does or does not exist, at their will.  Recognition works differently.  When a house is burgled, the burglar has complete unmitigated access to the assets within the premises.  Access is only limited till the time the owners or neighbors recognize them as intruders, having no legitimate access. On the other hand, if the owners were in and the intruders had gained access by passing all the systems in place, the intruders would have been limited severely.

Recognition is not just saying ‘true or false’.  It is a process that concludes after ascertaining several facts.  It determines, the person, relationship, trust level, and many more factors before allowing access.  The access level of a maid differs with the access level of a child; and the access level of a plumber is far different from that of a relative or friend.  Employing the recognition method is surely far more reliable.  It is not limited by a couple or more sets of parameters.  It fulfills a range of analogous process before determining the output.  The scope and boundary are limitless, and can be easily updated and analyzed on a process to process basis.

Encryption is good in a one to one, well defined  environment.  It has paradigm limitations and the only security will be the difference between one encryption and the other.  With many products and many approaches, it will be tough to find a unified single platform that will be safe and secure.  Time and again encryption algorithms have been broken and decrypted because they have been forced to follow a standard.  Non standard products float in the sea of encryption tools, tossed and turned only to vanish, lost in their proprietary algorithms.

Makaseh Identity is a tool that would address the benefits of recognition and a single viable and secure encryption protocol for all.

I am looking for Ethical Hackers to hack into our Cyber security tool “Makaseh Identity”

12 Oct

I am looking for Ethical Hackers to hack into our Cyber security tool “Makaseh Identity” A prize of USD1000 is available to the first successful hacker. We are also willing to provide a minimal compensation for the time and effort, Please send me a note to To know more about the tool please visit

Hackers Exploit U.S. Army, Microsoft

3 Oct

“The members of this international hacking ring stole trade secret data used in high-tech American products, ranging from software that trains U.S. soldiers to fly Apache helicopters to Xbox games,”   GovInfoSecurity

Major Android Browser Flaw Allowing Hackers to Bypass SOP Mechanism

2 Oct

A major security flaw has been exposed in the Android Open Source Platform (AOSP) browser, which is used by more than a fifth of the world’s smartphone users. This issue, exposed by security expert Rafay Baloch, can lead to the dreaded cookie theft.

Sharon Solomon CHECKMARX

Makaseh Identity is portable 


Get every new post delivered to your Inbox.

%d bloggers like this: