InfraGard recently put out a Flash Alert for a piece of malware called Fruit Fly. I sat through this briefing during last year’s Black Hat/DefCon conference and this malware is unique because it can live in an environment for months, if not years, undetected. There are no ransomware screens alerting the user that they’ve been infected or the ominous blue screen of death. It was first discovered in January of 2017 by Thomas Reed who works for Malwarebytes, who’s also a top Mac OS security researcher and conducted the initial analysis, but since then other variants been identified, dissected, and monitored.

On March 25th, Under Armour was made aware that they had an unauthorized party gain access and acquire data associated with 150 million MyFitnessPal user accounts. The information they could’ve gathered includes, but is not limited to, usernames, email addresses, and hashed passwords. What are hashed passwords? Hashed passwords, from a high level, happen when passwords are ran through a mathematical function to create an encrypted version and a message authentication code (MAC) of a plaintext password. In MyFitnessPal’s case, they used a bcrypt hashing function, the same type that was used by formerly hacked Ashley Madison. After the Ashley Madison hack, the entire database and all password hashes were made available to the hackers of the world and now they have the password hashes of MyFitnessPal too. What does this mean for those of you that have an account on MyFitnessPal?

(Image via Reddit) It’s the holiday season and that means more people are traveling and spending time in airports, bus/train stations, and generally wondering if the next stop, coffee shop or store has free Wi-Fi. The habitual curiosity is understandable – why use your cell data when you can hook up to a free connection to the web, right? In fact, there’s always a couple of questions I seem to get on this subject when people find out I’m a security professional. They are: What do you think about public Wi-Fi? Is free Wi-Fi safe to use? Is it ok to use the Wi-Fi at the airport?

The holiday season means holiday shopping and while everyone will be looking for a bargain, it’s important to make sure you don’t get something you weren’t bargaining for. A new study from ADI predicts that this holiday shopping season will be the first to break $100 billion in online sales, with more than half of those sales coming from mobile devices. Here are some online shopping safety tips:

Twinkle, Twinkle, little star, How I wonder what you are! Up above the world so high, Like an Access Point providing Wi-Fi!

We are quickly entering a time in which the laws and regulations are outpaced by the exponential growth of technology. Who will be held accountable when an IMD (Implantable Medical Device) -- such as an ICD (Implantable Cardioverter Defibrillators) -- with Wi-Fi connectivity receives an erroneous data transmission from a spoofed doctor’s account changing the patient's normal heart rhythm for an abnormal one?