What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-10-16 11:41:41 | Equifax a condamné à une amende de 13,5 millions de dollars par rapport à la violation de données 2017 Equifax Fined $13.5 Million Over 2017 Data Breach (lien direct) |
> La Watchdog financier de l'UK \'s FCA impose A & Pound; 11 millions (environ 13,5 millions de dollars) amende à Equifax sur la violation de données de 2017.
>UK\'s financial watchdog FCA imposes a £11 million (approximately $13.5 million) fine to Equifax over the 2017 data breach. |
Data Breach Legislation | Equifax | ★★ |
|
2023-02-01 12:00:00 | Cyber Insights 2023: ICS and Operational Technology (lien direct) | >The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while cybercriminals have had their restraints reduced. | Industrial | Equifax | ★★★ |
|
2021-04-08 15:06:39 | Library Dependencies and the Open Source Supply Chain Nightmare (lien direct) | 
It's a bigger problem than is immediately apparent, and has the potential for hacks as big as Equifax and as widespread as SolarWinds.
|
Equifax Equifax | ||
|
2021-01-08 19:00:08 | Equifax Buys Fraud Prevention Firm Kount in $640 Million Deal (lien direct) | Equifax on Friday announced plans to shell out $640 million to acquire Kount, a company that sells e-commerce retail fraud protection. The Atlanta, Ga.-based Equifax said the deal would expand its worldwide footprint in digital identity and fraud prevention solutions. | Equifax Equifax | ||
|
2019-09-20 15:43:55 | 200,000 Sign Petition Against Equifax Data Breach Settlement (lien direct) | 200,000 Sign Petition to "Force Equifax to Pay for Their Greed" | Data Breach | Equifax | |
|
2019-08-05 16:25:04 | ID Theft Stings, But it\'s Hard to Pin on Specific Data Hacks (lien direct) | Equifax 2017. Marriott 2018. Capital One 2019. | Data Breach | Equifax | |
|
2019-08-01 15:20:05 | FTC Warns Cash Option May be Small for Equifax Settlement (lien direct) | The Federal Trade Commission on Wednesday told consumers affected by the Equifax data breach that they are unlikely to get the full $125 cash payment that many sought. | Data Breach | Equifax | |
|
2019-07-22 13:16:00 | Equifax to Pay up to $700 Million to Consumers, Authorities Over 2017 Breach (lien direct) | Equifax and U.S. government agencies announced on Monday that the credit reporting agency is prepared to pay up to $700 million to settle charges related to the massive 2017 data breach that impacted roughly 147 million people. | Equifax | ||
|
2019-06-28 04:58:04 | Former Equifax Executive Gets 4 Months for Insider Trading (lien direct) | A former Equifax executive who sold stock a week and a half before the company announced a massive data breach was sentenced Thursday to serve four months in federal prison for insider trading. | Data Breach | Equifax | |
|
2019-06-17 14:19:00 | Federal Agencies Still Using Knowledge-Based Identity Verification (lien direct) | Some U.S. government agencies still rely on knowledge-based identity verification despite the fact that this system has been easy to beat following the massive data breaches suffered by the Office of Personnel Management (OPM) and Equifax | Equifax | ||
|
2019-05-23 12:04:01 | Moody\'s Downgrades Equifax Outlook to Negative Over 2017 Data Breach (lien direct) | Moody's has revised its Equifax outlook from stable to negative, citing the effect of the 2017 data breach. This is the first time that a cybersecurity incident has resulted in a Moody's outlook downgrading. | Data Breach | Equifax | |
|
2019-03-11 16:31:00 | Equifax Was Aware of Cybersecurity Weaknesses for Years, Senate Report Says (lien direct) | The massive Equifax data breach that impacted 148 million Americans in 2017 was the result of years of poor cybersecurity practices, a new Staff Report from the United States Senate's Permanent Subcommittee on Investigations reveals. | Data Breach | Equifax | |
|
2018-12-12 15:58:01 | U.S. House Report Blasts Equifax Over Poor Security Leading to Massive 2017 Breach (lien direct) | Equifax Could Have Prevented Massive Data Breach, Report From U.S. House Says | Equifax | ||
|
2018-10-18 04:43:01 | Ex-Equifax Manager Gets Home Confinement for Insider Trading (lien direct) | A former Equifax manager was sentenced Tuesday to serve eight months home confinement for engaging in insider trading in the wake of the company's massive data breach last year. | Data Breach | Equifax | |
|
2018-09-10 11:43:01 | Attackers Made 9,000 Unauthorized Database Queries in Equifax Hack: Report (lien direct) | It took Equifax 76 days to detect the massive 2017 data breach, despite the fact that attackers had conducted roughly 9,000 unauthorized queries on its databases, according to a new report from the U.S. Government Accountability Office (GAO). | Equifax | ||
|
2018-08-27 17:07:03 | Cyber Risk = Business Risk. Time for the Business-Aligned CISO (lien direct) | Data breaches, ransomware and other cyber attacks causing massive reputation issues (Equifax), knocking down merger prices (Yahoo!) or interrupting operations on a global scale (the NotPetya virus victims), have elevated cybersecurity concerns from the server room to the boardroom. | Ransomware | NotPetya Equifax Yahoo | |
|
2018-06-29 13:18:04 | Former Equifax Manager Charged With Insider Trading (lien direct) | US securities regulators announced insider trading charges on Thursday against a former Equifax manager who sold shares in the company before it disclosed a giant data breach. | Equifax | ||
|
2018-04-13 16:10:02 | Illumio, Qualys Partner on Vulnerability-based Micro-Segmentation (lien direct) | Vulnerability management has two major components: discovering vulnerabilities, and mitigating those vulnerabilities. The first component is pointless without the second component. So, for example, Equifax, WannaCry, NotPetya, and many other breaches -- if not most breaches -- are down to a failure to patch, which is really a failure in vulnerability management. | NotPetya Wannacry Equifax | ||
|
2018-04-02 15:25:00 | Saks, Lord & Taylor Stores Hit by Data Breach (lien direct) | A data breach at Saks Fifth Avenue and Lord & Taylor stores in North America exposed customer payment card data, parent company Hudson's Bay Company (HBC) announced on Sunday. The hack, which also impacted its discount store brand Saks OFF 5TH, did not appear to affect HBC's e-commerce or other digital platforms. “We identified the issue, took steps to contain it, and believe it no longer poses a risk to customers shopping at our stores,” the announcement said. “We are working rapidly with leading data security investigators to get our customers the information they need, and our investigation is ongoing. We also are coordinating with law enforcement authorities and the payment card companies,” it added. According to cybersecurity research and threat intelligence firm Gemini Advisory, a cybercrime marketplace called JokerStash announced that over five million stolen credit and debit cards were for sale, which it says were likely stolen from HBC's stores. “In cooperation with several financial organizations, we have confirmed with a high degree of confidence that the compromised records were stolen from customers of Saks Fifth Avenue and Lord & Taylor stores,” Gemini said in a blog post, adding that the window of compromise was estimated to be May 2017 to present.” As of Sunday, roughly 125,000 records had been released for sale so far, Gemini said, with the “entire cache” expected to become available in the following months. HBC did not provide details on the number of customers/records impacted in the incident. “The Company is working rapidly with leading data security investigators to get customers the information they need, and the investigation is ongoing. HBC is also coordinating with law enforcement authorities and the payment card companies,” HBC said. “The details of how these cards were stolen remains unclear at this time, but it's important that we learn what happened so that others can work to prevent similar breaches," commented Tim Erlin, VP, product management and technology at Tripwire. "This appears to be the type of breach, through point-of-sale systems, that EMV is supposed to prevent, so we need to ask what happened here. Was EMV in use, and if so, how did the attackers circumvent it? | Guideline | Equifax | |
|
2018-03-29 21:50:00 | Under Armour Says 150 Million Affected in Data Breach (lien direct) | 
Sports gear maker Under Armour said Thursday a data breach of its fitness application was hacked, affecting some 150 million user accounts.
The Baltimore, Maryland-based company said it had contacted law enforcement and outside consultants after learning of the breach.
Under Armour said it learned on March 25 of the breach of its MyFitnessPal application, which enables users to track activity and calorie intake using a smartphone.
It said an unauthorized party obtained usernames, email addresses, and "hashed" passwords, which make it harder for a hacker to ascertain.
The hack did not affect social security numbers, drivers licenses or credit card data, according to the company.
"The company's investigation is ongoing, but indicates that approximately 150 million user accounts were affected by this issue," a statement said.
Users were being notified by email and messaging to update settings to protect account information.
The attack is the latest affecting companies with large user bases such as Yahoo, retailer Target and credit reporting agency Equifax.
|
Equifax Yahoo | ||
|
2018-03-27 11:20:03 | Why Does Data Exfiltration Remain an Almost Unsolvable Challenge? (lien direct) | From hacked IoT devices to corporate infrastructures hijacked for crypto-mining to automated ransomware, novel and sophisticated cyber-attacks are notoriously hard to catch. It is no wonder that defending against these silent and never-seen-before threats dominates our security agendas. But while we grapple with the challenge of detecting the unknown, data exfiltration - an old and very well-known risk - doesn't command nearly the same amount of attention. Yet data exfiltration happens, and it happens by the gigabyte.
As attackers improve their methods of purloining the sensitive data we trust our organizations to keep safe, one critical question remains: why does data exfiltration present the security community with such a formidable challenge?
Gigawatts and Flux Capacitors. Let's go Back in Time.
All data exfiltration attacks share one common trait: the early warning signs of anomalous activity on the network were present but traditional security failed to catch them. Regardless of level of subtlety, or the number of devices involved, perimeter tools missed the window of opportunity between impact and unauthorized data transfer – allowing for hundreds of gigabytes of data to be exfiltrated from the organization.
The Sony hack of 2014 brought the world to a startling halt when it was revealed that attackers had spent over a year leaking 100 terabytes of data from the network. The next year brought us the Panama Papers, where allegedly 2.6 terabytes of data were leaked, causing reputational damage to some of the world's most recognizable public figures. And in 2016, allegedly 80 gigabytes of data escaped from the Democratic National Committee's network, launching two years of skepticism and distrust around the US elections. Each of these cases of sizeable data exfiltration remained undetected for months, or even years – only to be discovered when the data had already long been lost.
When we look at this cycle of stealthy and silent data breaches, we have to ask ourselves: how can such tremendous amounts of data leave our corporate networks without raising any alarms?
Modern Networks: Living Organisms
The challenge in identifying indicators of data exfiltration lies partly in the structure of today's networks. As our businesses continue to innovate, we open the door to increased digital complexity and vulnerability – from BYOD to third party supply chains, organizations significantly amplify their cyber risk profile in the name of optimal efficiency.
Against this backdrop, our security teams are hard-pressed to identify the subtle telling signs of a data exfiltr |
Equifax | ||
|
2018-03-26 15:27:02 | One Year Later, Hackers Still Target Apache Struts Flaw (lien direct) | One year after researchers saw the first attempts to exploit a critical remote code execution flaw affecting the Apache Struts 2 framework, hackers continue to scan the Web for vulnerable servers. The vulnerability in question, tracked as CVE-2017-5638, affects Struts 2.3.5 through 2.3.31 and Struts 2.5 through 2.5.10. The security hole was addressed on March 6, 2017 with the release of versions 2.3.32 and 2.5.10.1. The bug, caused due to improper handling of the Content-Type header, can be triggered when performing file uploads with the Jakarta Multipart parser, and it allows a remote and unauthenticated attacker to execute arbitrary OS commands on the targeted system. The first exploitation attempts were spotted one day after the patch was released, shortly after someone made available a proof-of-concept (PoC) exploit. Some of the attacks scanned servers in search of vulnerable Struts installations, while others were set up to deliver malware. Guy Bruneau, researcher and handler at the SANS Internet Storm Center, reported over the weekend that his honeypot had caught a significant number of attempts to exploit CVE-2017-5638 over the past two weeks. The expert said his honeypot recorded 57 exploitation attempts on Sunday, on ports 80, 8080 and 443. The attacks, which appear to rely on a publicly available PoC exploit, involved one of two requests designed to check if a system is vulnerable. Bruneau told SecurityWeek that he has yet to see any payloads. The researcher noticed scans a few times a week starting on March 13, coming from IP addresses in Asia. “The actors are either looking for unpatched servers or new installations that have not been secured properly,” Bruneau said. The CVE-2017-5638 vulnerability is significant as it was exploited by cybercriminals last year to hack into the systems of U.S. credit reporting agency Equifax. Attackers had access to Equifax systems for more than two months and they managed to obtain information on over 145 million of the company's customers. The same vulnerability was also leveraged late last year in a campaign that involved NSA-linked exploits and cryptocurrency miners. | Guideline | Equifax | |
|
2018-03-23 12:42:03 | Pwner of a Lonely Heart: The Sad Reality of Romance Scams (lien direct) | Valentine's Day is a special holiday, but for victims of romance scams it is a tragic reminder, not only of love lost, but financial loss as well. According to the FBI Internet Crime Complaint Center (IC3), romance scams accounted for $230 million in losses in 2016.
Men and women may jokingly refer to their significant other as their “partner in crime,” but when it comes to romance scams, this joke may become a sad reality. In additional to financial losses, many scammers may convince their victims to become money mules or shipping mules, directly implicating them in illegal behavior.
Recently, Agari researchers identified a woman in Los Angeles that has sent nearly half a million dollars to a scammer that she has never even met. Even worse, this woman knowingly cashes bad checks and fake money orders on his behalf. The FBI has warned her to stop, yet it is unlikely she will do so.
The victims of romance scams are typically women in their 40s to 50s, usually divorced or widowed and looking for a new relationship. They are targeted by scam artists on dating web sites, who have the ability to refine their searches for women that fit their target demographics.
The scam artists create profiles of charming and successful men to engage these lonesome women. Dating sites frequently ask what women are looking for in a partner, so it is easy for the scammer to say exactly what they need to seem like “Mr. Right.”
Once these scammers engage with their victims, there are an inevitable variety of excuses why they can't meet – claims of overseas military service or mission trips are common, and help to further cement the supposed righteousness of the scammer. After a few months of correspondence, the scammer will claim a supposed tragedy: a lost paycheck or medical fees are common – and request a small loan. The typical loss in these scams is $14,000, not to mention the considerable psychological damage – victims of romance scams frequently withdraw from their social circles, embarrassed by the stigma.
Even worse, such as the case of our anonymous victim, some of these scams can continue on for years, with frequent requests for financial support. Once trust is established with their victims, these scammers may also to begin to use them as “mules” to cash fake checks, make deposits, accept shipment of stolen goods, and more. In the case of our anonymous victim, her family has pleaded with her to stop sending her suitor more money, and the FBI has warned her that her behavior is illegal; and yet she persists.
|
Guideline | Equifax Yahoo | |
|
2018-03-21 01:24:01 | (Déjà vu) AMD Says Patches Coming Soon for Chip Vulnerabilities (lien direct) | AMD Chip Vulnerabilities to be Addressed Through BIOS Updates - No Performance Impact Expected
After investigating recent claims from a security firm that its processors are affected by more than a dozen serious vulnerabilities, chipmaker Advanced Micro Devices (AMD) on Tuesday said patches are coming to address several security flaws in its chips.
In its first public update after the surprise disclosure of the vulnerabilities by Israeli-based security firm CTS Labs, AMD said the issues are associated with the firmware managing the embedded security control processor in some of its products (AMD Secure Processor) and the chipset used in some socket AM4 and socket TR4 desktop platforms supporting AMD processors.
CTS Labs, which was unheard of until last week, came under fire shortly after its disclosure for giving AMD only a 24-hour notice before going public with its findings, and for apparently attempting to short AMD stock. The company later made some clarifications regarding the flaws and its disclosure method.
CTS Labs claimed that a number of vulnerabilities could be exploited for arbitrary code execution, bypassing security features, stealing data, helping malware become resilient against security products, and damaging hardware.
“AMD has rapidly completed its assessment and is in the process of developing and staging the deployment of mitigations,” the chipmaker wrote in an update on Tuesday. “It's important to note that all the issues raised in the research require administrative access to the system, a type of access that effectively grants the user unrestricted access to the system and the right to delete, create or modify any of the folders or files on the computer, as well as change any settings.”
AMD said that patches will be released through BIOS updates to address the flaws, which have been dubbed MASTERKEY, RYZENFALL, FALLOUT and CHIMERA. The company said that no performance impact is expected for any of the forthcoming mitigations.
AMD attempte |
Guideline | Equifax | |
|
2018-03-20 20:26:04 | Virsec Raises $24 Million in Series B Funding (lien direct) | Virsec, a cybersecurity company that protects applications from various attacks, today announced that it has closed a $24 million Series B funding round led by tech investment firm BlueIO.
This latest funding round brings the total amount raised to-date by the company to $32 million. The company previously raised $1 million in seed funding and $7 million in a Series A funding round.
Virsec explains that its technology can protect applications by protecting processes in memory and pinpointing attacks in real-time, within any application. In more detail, the company explains that its Trusted Execution technology “maps acceptable application execution, and instantly detects deviations caused by attacks.”
“The battleground has shifted in cybersecurity and the industry is not keeping up,” said Atiq Raza, CEO of San Jose, California-based Virsec. “With our deep understanding of process memory, control flow, and application context, we have developed a revolutionary solution that stops attacks in their tracks, where businesses are most vulnerable – within applications and processes.”
Additional investors participating in the round include Artiman Ventures, Amity Ventures, Raj Singh, and Boston Seed Capital.
|
Guideline | Equifax | |
|
2018-03-15 01:38:04 | Palo Alto Networks to Acquire CIA-Backed Cloud Security Firm Evident.io for $300 Million (lien direct) | Network security firm Palo Alto Networks (NYSE: PANW) on Wednesday said that it has agreed to acquire cloud security and compliance firm Evident.io for $300 million in cash.
Palo Alto Networks currently has several security offerings that cater to cloud environments, including its VM-Series virtualized next-generation firewalls, API-based security for public cloud services infrastructure, and Traps for host-based security.
Pleasanton, Calif.-based Evident.io's flagship Evident Security Platform (ESP) helps customers reduce cloud security risk by minimizing the attack surface and improving overall security posture. ESP can continuously monitor AWS and Microsoft Azure deployments, identify and assess security risks, provide security teams with remediation guidance, along with providing security auditing and compliance reporting by analyzing configurations of services and account settings against security and compliance controls.
“Once integrated with the Palo Alto Networks cloud security offering, customers will be able to use a single approach to continuous monitoring, comprehensive storage security, and compliance validation and reporting,” explained Tim Prendergast, CEO & Co-Founder of Evident.io.
Evident.io is backed by Bain Capital Ventures, True Ventures, Venrock, Google Ventures, and In-Q-Tel, the not-for-profit venture capital arm of the CIA.
The acquisition is expected to close during Palo Alto Networks fiscal third quarter, subject to satisfaction of customary closing conditions.
Evident.io's co-founders, Tim Prendergast and Justin Lundy, will join Palo Alto Networks.
|
Guideline | Equifax | |
|
2018-03-14 15:17:04 | Former Equifax CIO Charged With Insider Trading (lien direct) | The United States Securities and Exchange Commission (SEC) said it has charged Jun Ying, former chief information officer (CIO) of a business unit of Equifax, with insider trading in connection with the massive data breach disclosed in late 2017 that put millions of customers at risk. The SEC alleges that before Equifax's public disclosure of the breach in September 2017, Ying exercised all of his vested Equifax stock options and then sold the shares, taking proceeds of roughly $1 million. By selling his shares before public disclosure of the data breach, Ying avoided more than $117,000 in losses, the SEC says. According to the SEC's complaint, Jun Ying, who reportedly was next in line to be the company's global CIO, allegedly used confidential information provided to him by the company to conclude that Equifax had suffered a serious breach that exposed sensitive personal information of more than 148 million U.S. customers. The Atlanta-based company has been under fire for not explaining why it waited more than a month to warn affected customers about a risk of identity theft and fraud. Questions were also raised after four Equifax executives sold stock worth $1.8 million just prior to public disclosure of the hack. Equifax claimed that the execs had been unaware of the breach when they sold shares. “As alleged in our complaint, Ying used confidential information to conclude that his company had suffered a massive data breach, and he dumped his stock before the news went public,” said Richard R. Best, Director of the SEC's Atlanta Regional Office. “Corporate insiders who learn inside information, including information about material cyber intrusions, cannot betray shareholders for their own financial benefit.” Ying has been charged with violating the antifraud provisions of the federal securities laws and seeks repayment of ill-gotten gains plus interest, penalties, and injunctive relief. “Upon learning about Mr. Ying's August sale of Equifax shares, we launched a re | Guideline | Equifax | |
|
2018-03-13 15:50:02 | (Déjà vu) Usual Threats, But More Sophisticated and Faster: Report (lien direct) | Almost Every Type of Cyber Attack is Increasing in Both Volume and Sophistication Eight new malware samples were recorded every second during the final three months of 2017. The use of fileless attacks, primarily via PowerShell, grew; and there was a surge in cryptocurrency hijacking malware. These were the primary threats outlined in the latest McAfee Lab's Threat Report (PDF) covering Q4 2017. The growth of cryptomining malware coincided with the surge in Bitcoin value, which peaked at just under $20,000 on Dec. 22. With the cost of dedicated mining hardware at upwards of $5,000 per machine, criminals chose to steal users' CPU time via malware. It demonstrates how criminals always follow the money, and choose the least expensive method of acquiring it with the greatest chance of avoiding detection. Since December, Bitcoin's value has fallen to $9,000 (at the time of publishing). Criminals' focus on Bitcoin is likewise being modified, with Ethereum and Monero becoming popular. Last week, Microsoft discovered a major campaign focused on stealing Electroneum. "We currently see discussions in underground forums that suggest moving from Bitcoin to Litecoin because the latter is a safer model with less chance of exposure," comments Raj Samani, chief scientist and McAfee fellow with the Advanced Threat Research Team. The speed with which criminals adapt to their latest market conditions is also seen in the way they maximize their asymmetric advantage. "Adversaries," writes Samani, "have the luxury of access to research done by the technical community, and can download and use opensource tools to support their campaigns, while the defenders' level of insight into cybercriminal activities is considerably more limited, and identifying evolving tactics often must take place after malicious campaigns have begun." Examples of attackers making use of legitimate research include Fancy Bear (APT28) leveraging a Microsoft Office Dynamic Data Exchange technique in November 2017 that had been made public just a few we | NotPetya Equifax APT 28 | ||
|
2018-03-02 03:26:02 | Equifax Identifies 2.4 Million More Affected by Massive Hack (lien direct) | US credit bureau Equifax said Thursday it identified an additional 2.4 million American consumers affected by last year's massive data breach that sparked a public outcry and a congressional probe. | Equifax | ||
|
2018-02-12 10:07:33 | New Details Surface on Equifax Breach (lien direct) | Documents provided recently by Equifax to senators revealed that the breach suffered by the company last year may have involved types of data not mentioned in the initial disclosure of the incident. | Equifax | ||
|
2018-01-11 18:05:46 | Proposed Legislation Would Create Office of Cybersecurity at FTC (lien direct) | Punitive Data Breach Legislation Proposed Post-Equifax | Equifax | ||
|
2017-12-07 18:32:22 | The Cumulative Effect of Major Breaches: The Collective Risk of Yahoo & Equifax (lien direct) | Until quite recently, people believed that a dizzying one billion accounts were compromised in the 2013 Yahoo! breach… and then it was revealed that the real number is about three billion accounts. That raises the question: so what? Isn't all the damage from a four-year-old breach already done? | Equifax Yahoo | ||
|
2017-12-01 18:42:44 | Senators Propose New Breach Notification Law (lien direct) | Senators Propose New Data Protection Bill Following Equifax and Uber Breaches | Equifax Uber | ||
|
2017-11-21 19:49:51 | House Committees Get Serious in New Letter to Equifax (lien direct) | The chairpersons of the House Science, Space, and Technology Committee and the House Oversight and Government Reform Committee on Monday sent a new letter (PDF) to Paulino Barros, the interim CEO of Equifax. | Equifax | ||
|
2017-11-03 16:19:24 | Equifax Says Execs Unaware of Hack When They Sold Stock (lien direct) | Equifax said Friday an internal review found that four executives who sold shares ahead of disclosure of a massive data breach at the credit agency were unaware of the incident ahead of the sale. | Equifax | ||
|
2017-11-03 14:28:56 | New York State Proposes Stricter Data Protection Laws Post Equifax (lien direct) | New York State Attorney General Eric T. Schneiderman introduced new legislation Thursday, designed to protect New Yorkers from corporate data breaches like the recent Equifax breach that affected more than 145 million Americans, including 8 million New York residents. Its purpose is to increase the security of private information in a business-friendly manner. | Equifax | ||
|
2017-10-24 13:55:15 | UK Probes Equifax Hacking (lien direct) | Britain's financial watchdog on Tuesday said it was investigating a massive hack of the US consumer credit rating service Equifax that affected potentially almost 700,000 British customers. | Equifax | ||
|
2017-10-20 15:46:03 | EquiFIX - Lessons Learned From the Most Impactful Breach in U.S. History (lien direct) | While Equifax is the latest major data breach to hit the headlines, we know it will not be the last. How prepared is your organization if you were similarly targeted? | Equifax | ||
|
2017-10-18 16:23:22 | Equifax Hack: Keep Your Friends Close, but Your Supply Chain Closer (lien direct) | After more than 145 million customer records were compromised in the Equifax data breach, the company's stock plummeted by more than 30 percent. That amounted to market capitalization losses north of $5 billion. | Equifax | ||
|
2017-10-18 08:12:17 | Many Equifax Hack Victims Had Info Stolen Prior to Breach: IRS (lien direct) | The U.S. Internal Revenue Service (IRS) believes the recent Equifax breach will not make a significant difference in terms of tax fraud considering that many victims already had their personal information stolen prior to the incident. | Equifax | ||
|
2017-10-13 12:44:08 | Data Sample in Equifax Hack Scam Possibly From Third-Party Servers (lien direct) | A data sample provided last month by scammers trying to make a profit by claiming to have breached U.S. credit reporting agency Equifax may have been obtained from unprotected Amazon Web Services (AWS) instances owned by a different company. | Equifax | ||
|
2017-10-13 07:36:21 | Malicious Redirects on Equifax, TransUnion Sites Caused by Third-Party Script (lien direct) | Two of the “Big Three†U.S. credit reporting agencies, Equifax and TransUnion, were hit by a cybersecurity incident caused by the use of a third-party web analytics script. | Equifax | ||
|
2017-10-12 15:41:06 | Equifax Website Redirects Users to Adware, Scams (lien direct) | A security researcher noticed recently that an Equifax service designed for obtaining free and discounted credit reports had been redirecting users to websites set up to serve adware and scams. | Equifax | ||
|
2017-10-10 22:14:24 | Nearly 700,000 UK Nationals Affected by Equifax Breach: Company (lien direct) | Nearly 700,000 British consumers may have had personal data compromised in the massive breach at Equifax, the US credit reporting agency said Tuesday. "Although our UK business was not breached, the attack regrettably compromised the personal information of a range of UK consumers," the company said in an emailed statement. | Equifax | ||
|
2017-10-05 14:48:47 | How Secure Are We? Preventing a Breach when Everything is Breachable (lien direct) | The recent | Equifax | ||
|
2017-10-02 21:16:53 | Equifax Breach Bigger Than Initially Reported (lien direct) | Number of U.S. Consumers Exposed by Equifax Breach Increased by 2.5 Million | Equifax | ||
|
2017-10-02 19:41:28 | Equifax Warned About Vulnerability, Didn\'t Patch It: Ex-CEO (lien direct) | The security team at Equifax failed to patch a vulnerability in March after getting a warning about the flaw, opening up the credit agency to a breach affecting 143 million people, the former chief executive said Monday. | Equifax | ||
|
2017-09-28 12:52:26 | GDPR - Not Just a European Concern (lien direct) | The recent Equifax breach that has been all over the news raises an interesting question: How would the situation have played out if it was after May 25, 2018 when the new General Data Protection Regulations (GDPR) are due to come into force? While none of us has a crystal ball, we can bet the outcome for Equifax would be even worse. | Equifax | ||
|
2017-09-26 13:39:22 | Equifax CEO Steps Down After Massive Data Breach (lien direct) | Equifax CEO Richard Smith Steps Down After Massive Data Breach, Will Not Get Annual Bonus | Equifax | ||
|
2017-09-21 09:53:42 | Equifax Sent Breach Victims to Fake Website (lien direct) | Equifax has made another blunder following the massive data breach suffered by the company – it advised some customers on Twitter to access a fake support website set up by a security researcher. | Equifax |
To see everything:
Our RSS (filtrered)
