What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-07-04 14:18:02 | A cybersecurity fund has returned more than 30 percent since the Equifax data breach (lien direct) | As the rest of the stock market has struggled on heightened trade rhetoric and many big technology companies have faced regulatory scrutiny over data privacy issues, one subsector of that industry has been on fire: cybersecurity. Companies in the fund include Palo Alto Networks, Fortinet, FireEye, Juniper Networks, CyberArk Software, Symantec and Cisco. Gartner recently ... | Data Breach | Equifax | ★★ |
 |
2018-06-29 15:15:05 | Data Aggregation Firm Leaks 340M Records - Left In Plain Sight (lien direct) | Exactis said to have exposed data of 340M people, more than Equifax breach. Similar to many recently-disclosed breaches, the information what left on a publicly accessible server… no need to beat that dead horse, but the 2 terabytes worth of data appears to go into excruciating detail for each individual listed, including phone numbers, home … The ISBuzz Post: This Post Data Aggregation Firm Leaks 340M Records — Left In Plain Sight | Equifax | ||
 |
2018-06-29 13:18:04 | Former Equifax Manager Charged With Insider Trading (lien direct) | US securities regulators announced insider trading charges on Thursday against a former Equifax manager who sold shares in the company before it disclosed a giant data breach. | Equifax | ||
 |
2018-06-29 11:15:00 | Equifax Software Manager Charged with Insider Trading (lien direct) | Sudhakar Reddy Bonthu used insider information about the company's 2017 data breach to profit in stock transaction. | Data Breach | Equifax | |
 |
2018-06-28 12:50:01 | Equifax Engineer Who Designed Breach Website Charged With Insider Trading (lien direct) | The US Securities and Exchange Commission (SEC) has indicted a former Equifax engineer on charges of insider trading. [...] | Equifax | ||
|
2018-06-28 11:33:00 | Newly Revealed Exactis Data Leak Bigger Than Equifax\'s (lien direct) | Marketing data firm left its massive database open to the Internet. | Equifax | ||
 |
2018-06-18 03:00:00 | Does cyber insurance make us more (or less) secure? (lien direct) | If data is the new oil, then we're looking at pelicans soaked in crude on a beach.When an oil tanker goes down or an oil rig explodes, dumping millions of gallons of petroleum into the ocean, we clean up the spill, we look for first causes, and we hold the company - even individuals - responsible for the harm they've caused to a shared resource: the environment we all live in.[ Watch out for 7 common modeling mistakes | Get the latest from CSO by signing up for our newsletters. ] When a company like Equifax commits gross negligence for failing to secure our data, and a breach pumps 147.9 million records onto the internet, the company's directors keep their jobs, their cyber insurance policy pays out, and the company posts a profit. | Equifax APT 32 | ||
 |
2018-06-15 21:45:00 | Vermont Librarian Wins Small-Claims Suit Against Equifax (lien direct) | In a David-and-Goliath moment, the 49-year-old librarian has won satisfaction in the wake of its head-spinningly massive 2017 data breach. | Equifax | ||
 |
2018-06-13 20:14:04 | Librarian Sues Equifax Over 2017 Data Breach, Wins $600 (lien direct) | In the days following revelations last September that big-three consumer credit bureau Equifax had been hacked and relieved of personal data on nearly 150 million people, many Americans no doubt felt resigned and powerless to control their information. But not Jessamyn West. The 49-year-old librarian from a tiny town in Vermont took Equifax to court. And now she's celebrating a small but symbolic victory after a small claims court awarded her $600 in damages stemming from the 2017 breach. | Equifax | ||
 |
2018-06-07 16:37:02 | Checklist 92: Is There a Plumber in the Building? (lien direct) | In many of our recent episodes, we’ve spent plenty of time talking about data breaches, a subject that often dominates security conversations these days. For good, reason, too, as everyone from major credit bureaus such as Equifax to retail store chains have lost or mishandled user information in recent years. Data breaches aren’t the only ways your personal information ends up in the hands of people who might not ... | Equifax | ||
|
2018-06-05 21:12:03 | DNA Testing Service MyHeritage Leaks User Data of 92 Million Customers (lien direct) | An unspecified "private" server was found with the account data of users who signed up for the service, in the largest breach since Equifax last year. | Equifax Heritage | ||
 |
2018-05-18 12:01:01 | Open source code is ubiquitous and so are many vulnerabilities (lien direct) | >One-third of audited codebases that contain Apache Struts suffer from the same vulnerability that facilitated the Equifax hack a year ago | Equifax | ||
 |
2018-05-15 13:00:00 | Open-source vulnerabilities plague enterprise codebase systems (lien direct) | Vulnerabilities including the bug reportedly responsible for Equifax's data breach are still common elements of open-source systems used in the enterprise. | Equifax | ||
|
2018-05-11 09:58:03 | Equifax now says some passport info was stolen in breach (lien direct) | Equifax acknowledged a relatively small number of passport images and information were stolen as part of last year's security breach, despite previously denying such a thing occurred. View full story ORIGINAL SOURCE: NY Post | Equifax | ||
|
2018-05-09 10:30:05 | Equifax Revelation (lien direct) | The ISBuzz Post: This Post Equifax Revelation | Equifax | ||
|
2018-05-08 16:45:05 | “Equi-Facts”: Equifax Clarifies the Numbers for Its Massive Breach (lien direct) | As companies continue to install the vulnerable version of Apache Struts behind the breach, Equifax has filed a clarification statement. | Equifax | ||
|
2018-05-08 14:43:00 | Here\'s how the Equifax breach breaks down, by the numbers (lien direct) | Equifax said in a regulatory filing how much of its data sets were stolen in a 2017 breach. | Equifax | ||
|
2018-05-07 16:43:00 | After Equifax breach, major firms still rely on same flawed software (lien direct) | At least seven tech giants still use the vulnerable software that hackers exploited to attack Equifax last year. | Equifax | ||
|
2018-04-26 09:49:02 | Equifax has spent $242.7 million on its data breach so far (lien direct) | Equifax’s first quarter earnings report highlighted expenses due to its September 2017 data breach and how the spending is shifting more toward IT and security. In its first quarter earnings report, Equifax outlined that it spent $45.7 million for the three months ended March 31 on IT and data security. The company has been staffing ... | Equifax | ||
 |
2018-04-19 13:00:00 | Let\'s be Fools (lien direct) |
The Roman poet Lucretius once wrote: “A fool believes that the tallest mountain in the world will be equal to the tallest one he has observed.”
Translation? He’s essentially saying that our lived experiences define our perspectives. They warp our sense of scale like a bit of plastic in the microwave, moulding what we consider to be large and small.
As someone with years of experience in the security industry, and the cynicism and grey hair to prove it, I’ve got a lot of appreciation for this.
Remember in 2010 when the hacker group Goatse Security (please don’t google the first word in that name) penetrated the heart of AT&T’s servers and acquired the email addresses of over 100,000 iPad users? Man, 2010 was a different time.
The AT&T iPad hack was a major news story, and rightfully so. I distinctly remember thinking that 100,000 victims was pretty big. Now, in light of the Ashley Madison and Equifax hacks, it almost seems quaint.
What I’m saying is that, my perspective of what constitutes a major incident has shifted. I noticed that earlier this week when a jewelry retailer in the US accidentally leaked the details of 1.3 million customers. This happened because it committed one of the most basic of security schoolboy errors, and failed to secure the Amazon S3 bucket where it kept its database backups.
1.3 million? Yawn. I don’t get out of bed for less than 100 million.
And while I struggle to imagine a data breach greater in size than the 2016 release of over 300 million MySpace users, or more damaging than the 2017 Equifax hack, I know this is inevitable, even if I can’t actually visualize it in my mind’s eye.
But, like, what if it’s better to be fools?
We live in interesting times. Security breaches are no longer measured in the millions, but in the hundreds of millions of records. It’s only a matter of time until the first billion-victim data leak happens.
The smaller leaks (and apparently anything less than 10 million constitutes a “smaller leak”) barely warrant a mention. But what about the big ones? After every major incident there’s the trifecta of outrage, blame, and calls for consequences, but that that eventually settles down into apathetic acceptance.
Remember when everyone was really upset about the Ashley Madison hack, and then forgot about it?
Remember when everyone was really upset about the LinkedIn hack, and then forgot about it?
Remember when everyone was really upset about the Equifax hack, and then forgot about it?
And let me ask one last question: are we any better for having done so? Are companies still making silly security mistakes? Has there been any change at the government level? Any new laws passed? Has anyone gone to jail for having screwed up in such an egregious manner?
Perhaps it’s time to treat all security breaches -- all security breaches, but especially the big ones -- as the biggest mountains we’ve ever seen, because change isn’t going to happen any other way.
I, for one, think it’s better to be a fool. Who’s with me?
 |
Equifax | ||
|
2018-04-13 16:10:02 | Illumio, Qualys Partner on Vulnerability-based Micro-Segmentation (lien direct) | Vulnerability management has two major components: discovering vulnerabilities, and mitigating those vulnerabilities. The first component is pointless without the second component. So, for example, Equifax, WannaCry, NotPetya, and many other breaches -- if not most breaches -- are down to a failure to patch, which is really a failure in vulnerability management. | NotPetya Wannacry Equifax | ||
|
2018-04-06 11:26:00 | State AG\'s Equifax case may portend big problems for data breach defendants (lien direct) | We may be on the verge of a breakthrough in data breach litigation. A state judge in Massachusetts ruled Wednesday that the Massachusetts Attorney General can move forward with a potentially gigantic data breach case against the credit reporting firm Equifax. The AG, Maura Healey, is asking for statutory damages under Massachusetts consumer and data ... | Equifax | ★★★ | |
 |
2018-04-04 13:27:00 | Don\'t blame Panera Bread\'s security guy just because he used to work at Equifax (lien direct) |  Yes, we should be mad at Panera Bread for its lousy response to a serious security issue.
But things turn ugly when the masses begin to blame individually-named members of the security team.
|
Equifax | ||
|
2018-04-02 15:25:00 | Saks, Lord & Taylor Stores Hit by Data Breach (lien direct) | A data breach at Saks Fifth Avenue and Lord & Taylor stores in North America exposed customer payment card data, parent company Hudson's Bay Company (HBC) announced on Sunday. The hack, which also impacted its discount store brand Saks OFF 5TH, did not appear to affect HBC's e-commerce or other digital platforms. “We identified the issue, took steps to contain it, and believe it no longer poses a risk to customers shopping at our stores,” the announcement said. “We are working rapidly with leading data security investigators to get our customers the information they need, and our investigation is ongoing. We also are coordinating with law enforcement authorities and the payment card companies,” it added. According to cybersecurity research and threat intelligence firm Gemini Advisory, a cybercrime marketplace called JokerStash announced that over five million stolen credit and debit cards were for sale, which it says were likely stolen from HBC's stores. “In cooperation with several financial organizations, we have confirmed with a high degree of confidence that the compromised records were stolen from customers of Saks Fifth Avenue and Lord & Taylor stores,” Gemini said in a blog post, adding that the window of compromise was estimated to be May 2017 to present.” As of Sunday, roughly 125,000 records had been released for sale so far, Gemini said, with the “entire cache” expected to become available in the following months. HBC did not provide details on the number of customers/records impacted in the incident. “The Company is working rapidly with leading data security investigators to get customers the information they need, and the investigation is ongoing. HBC is also coordinating with law enforcement authorities and the payment card companies,” HBC said. “The details of how these cards were stolen remains unclear at this time, but it's important that we learn what happened so that others can work to prevent similar breaches," commented Tim Erlin, VP, product management and technology at Tripwire. "This appears to be the type of breach, through point-of-sale systems, that EMV is supposed to prevent, so we need to ask what happened here. Was EMV in use, and if so, how did the attackers circumvent it? | Guideline | Equifax | |
|
2018-03-29 21:50:00 | Under Armour Says 150 Million Affected in Data Breach (lien direct) | 
Sports gear maker Under Armour said Thursday a data breach of its fitness application was hacked, affecting some 150 million user accounts.
The Baltimore, Maryland-based company said it had contacted law enforcement and outside consultants after learning of the breach.
Under Armour said it learned on March 25 of the breach of its MyFitnessPal application, which enables users to track activity and calorie intake using a smartphone.
It said an unauthorized party obtained usernames, email addresses, and "hashed" passwords, which make it harder for a hacker to ascertain.
The hack did not affect social security numbers, drivers licenses or credit card data, according to the company.
"The company's investigation is ongoing, but indicates that approximately 150 million user accounts were affected by this issue," a statement said.
Users were being notified by email and messaging to update settings to protect account information.
The attack is the latest affecting companies with large user bases such as Yahoo, retailer Target and credit reporting agency Equifax.
|
Equifax Yahoo | ||
 |
2018-03-29 16:00:00 | The data breach epidemic: no info is safe (lien direct) |
By now it's obvious that data security technology hasn't kept pace with the needs of consumers. In 2017 alone, we learned about massive data breaches from major organizations like Equifax, Uber, and Verizon. In other words: We're in the midst of a data breach epidemic.
Categories:
101
Infographics
Tags: data breachdata breachesdata breaches of 2017Equifaxprivacy
(Read more...)
|
Equifax Uber | ||
|
2018-03-27 11:20:03 | Why Does Data Exfiltration Remain an Almost Unsolvable Challenge? (lien direct) | From hacked IoT devices to corporate infrastructures hijacked for crypto-mining to automated ransomware, novel and sophisticated cyber-attacks are notoriously hard to catch. It is no wonder that defending against these silent and never-seen-before threats dominates our security agendas. But while we grapple with the challenge of detecting the unknown, data exfiltration - an old and very well-known risk - doesn't command nearly the same amount of attention. Yet data exfiltration happens, and it happens by the gigabyte.
As attackers improve their methods of purloining the sensitive data we trust our organizations to keep safe, one critical question remains: why does data exfiltration present the security community with such a formidable challenge?
Gigawatts and Flux Capacitors. Let's go Back in Time.
All data exfiltration attacks share one common trait: the early warning signs of anomalous activity on the network were present but traditional security failed to catch them. Regardless of level of subtlety, or the number of devices involved, perimeter tools missed the window of opportunity between impact and unauthorized data transfer – allowing for hundreds of gigabytes of data to be exfiltrated from the organization.
The Sony hack of 2014 brought the world to a startling halt when it was revealed that attackers had spent over a year leaking 100 terabytes of data from the network. The next year brought us the Panama Papers, where allegedly 2.6 terabytes of data were leaked, causing reputational damage to some of the world's most recognizable public figures. And in 2016, allegedly 80 gigabytes of data escaped from the Democratic National Committee's network, launching two years of skepticism and distrust around the US elections. Each of these cases of sizeable data exfiltration remained undetected for months, or even years – only to be discovered when the data had already long been lost.
When we look at this cycle of stealthy and silent data breaches, we have to ask ourselves: how can such tremendous amounts of data leave our corporate networks without raising any alarms?
Modern Networks: Living Organisms
The challenge in identifying indicators of data exfiltration lies partly in the structure of today's networks. As our businesses continue to innovate, we open the door to increased digital complexity and vulnerability – from BYOD to third party supply chains, organizations significantly amplify their cyber risk profile in the name of optimal efficiency.
Against this backdrop, our security teams are hard-pressed to identify the subtle telling signs of a data exfiltr |
Equifax | ||
 |
2018-03-27 09:36:05 | Q&A: What all companies should know about their exposure to \'open-source\' vulnerabilities (lien direct) | Hackers were able to ransack Equifax last year and steal personal data for some 144 million citizens by exploiting a vulnerability in an open source component, which the credit bureau failed to lock down. Related article: Beware of open-source vulnerabilities lurking all through your network The hackers leveraged a vulnerability in something called Apache Struts2, […] | Equifax | ||
|
2018-03-26 15:27:02 | One Year Later, Hackers Still Target Apache Struts Flaw (lien direct) | One year after researchers saw the first attempts to exploit a critical remote code execution flaw affecting the Apache Struts 2 framework, hackers continue to scan the Web for vulnerable servers. The vulnerability in question, tracked as CVE-2017-5638, affects Struts 2.3.5 through 2.3.31 and Struts 2.5 through 2.5.10. The security hole was addressed on March 6, 2017 with the release of versions 2.3.32 and 2.5.10.1. The bug, caused due to improper handling of the Content-Type header, can be triggered when performing file uploads with the Jakarta Multipart parser, and it allows a remote and unauthenticated attacker to execute arbitrary OS commands on the targeted system. The first exploitation attempts were spotted one day after the patch was released, shortly after someone made available a proof-of-concept (PoC) exploit. Some of the attacks scanned servers in search of vulnerable Struts installations, while others were set up to deliver malware. Guy Bruneau, researcher and handler at the SANS Internet Storm Center, reported over the weekend that his honeypot had caught a significant number of attempts to exploit CVE-2017-5638 over the past two weeks. The expert said his honeypot recorded 57 exploitation attempts on Sunday, on ports 80, 8080 and 443. The attacks, which appear to rely on a publicly available PoC exploit, involved one of two requests designed to check if a system is vulnerable. Bruneau told SecurityWeek that he has yet to see any payloads. The researcher noticed scans a few times a week starting on March 13, coming from IP addresses in Asia. “The actors are either looking for unpatched servers or new installations that have not been secured properly,” Bruneau said. The CVE-2017-5638 vulnerability is significant as it was exploited by cybercriminals last year to hack into the systems of U.S. credit reporting agency Equifax. Attackers had access to Equifax systems for more than two months and they managed to obtain information on over 145 million of the company's customers. The same vulnerability was also leveraged late last year in a campaign that involved NSA-linked exploits and cryptocurrency miners. | Guideline | Equifax | |
|
2018-03-23 12:42:03 | Pwner of a Lonely Heart: The Sad Reality of Romance Scams (lien direct) | Valentine's Day is a special holiday, but for victims of romance scams it is a tragic reminder, not only of love lost, but financial loss as well. According to the FBI Internet Crime Complaint Center (IC3), romance scams accounted for $230 million in losses in 2016.
Men and women may jokingly refer to their significant other as their “partner in crime,” but when it comes to romance scams, this joke may become a sad reality. In additional to financial losses, many scammers may convince their victims to become money mules or shipping mules, directly implicating them in illegal behavior.
Recently, Agari researchers identified a woman in Los Angeles that has sent nearly half a million dollars to a scammer that she has never even met. Even worse, this woman knowingly cashes bad checks and fake money orders on his behalf. The FBI has warned her to stop, yet it is unlikely she will do so.
The victims of romance scams are typically women in their 40s to 50s, usually divorced or widowed and looking for a new relationship. They are targeted by scam artists on dating web sites, who have the ability to refine their searches for women that fit their target demographics.
The scam artists create profiles of charming and successful men to engage these lonesome women. Dating sites frequently ask what women are looking for in a partner, so it is easy for the scammer to say exactly what they need to seem like “Mr. Right.”
Once these scammers engage with their victims, there are an inevitable variety of excuses why they can't meet – claims of overseas military service or mission trips are common, and help to further cement the supposed righteousness of the scammer. After a few months of correspondence, the scammer will claim a supposed tragedy: a lost paycheck or medical fees are common – and request a small loan. The typical loss in these scams is $14,000, not to mention the considerable psychological damage – victims of romance scams frequently withdraw from their social circles, embarrassed by the stigma.
Even worse, such as the case of our anonymous victim, some of these scams can continue on for years, with frequent requests for financial support. Once trust is established with their victims, these scammers may also to begin to use them as “mules” to cash fake checks, make deposits, accept shipment of stolen goods, and more. In the case of our anonymous victim, her family has pleaded with her to stop sending her suitor more money, and the FBI has warned her that her behavior is illegal; and yet she persists.
|
Guideline | Equifax Yahoo | |
|
2018-03-22 14:08:04 | Survey: Americans Spent $1.4B on Credit Freeze Fees in Wake of Equifax Breach (lien direct) | Almost 20 percent of Americans froze their credit file with one or more of the big three credit bureaus in the wake of last year's data breach at Equifax, costing consumers an estimated $1.4 billion, according to a new study. The findings come as lawmakers in Congress are debating legislation that would make credit freezes free in every state. The figures, commissioned by small business loan provider Fundera and conducted by Wakefield Research, surveyed some 1,000 adults in the U.S. Respondents were asked to self-report how much they spent on the freezes; 32 percent said the freezes cost them $10 or less, but 38 percent said the total cost was $30 or more. The average cost to consumers who froze their credit after the Equifax breach was $23. A credit freeze blocks potential creditors from being able to view or "pull" your credit file, making it far more difficult for identity thieves to apply for new lines of credit in your name. | Equifax | ||
|
2018-03-21 01:24:01 | (Déjà vu) AMD Says Patches Coming Soon for Chip Vulnerabilities (lien direct) | AMD Chip Vulnerabilities to be Addressed Through BIOS Updates - No Performance Impact Expected
After investigating recent claims from a security firm that its processors are affected by more than a dozen serious vulnerabilities, chipmaker Advanced Micro Devices (AMD) on Tuesday said patches are coming to address several security flaws in its chips.
In its first public update after the surprise disclosure of the vulnerabilities by Israeli-based security firm CTS Labs, AMD said the issues are associated with the firmware managing the embedded security control processor in some of its products (AMD Secure Processor) and the chipset used in some socket AM4 and socket TR4 desktop platforms supporting AMD processors.
CTS Labs, which was unheard of until last week, came under fire shortly after its disclosure for giving AMD only a 24-hour notice before going public with its findings, and for apparently attempting to short AMD stock. The company later made some clarifications regarding the flaws and its disclosure method.
CTS Labs claimed that a number of vulnerabilities could be exploited for arbitrary code execution, bypassing security features, stealing data, helping malware become resilient against security products, and damaging hardware.
“AMD has rapidly completed its assessment and is in the process of developing and staging the deployment of mitigations,” the chipmaker wrote in an update on Tuesday. “It's important to note that all the issues raised in the research require administrative access to the system, a type of access that effectively grants the user unrestricted access to the system and the right to delete, create or modify any of the folders or files on the computer, as well as change any settings.”
AMD said that patches will be released through BIOS updates to address the flaws, which have been dubbed MASTERKEY, RYZENFALL, FALLOUT and CHIMERA. The company said that no performance impact is expected for any of the forthcoming mitigations.
AMD attempte |
Guideline | Equifax | |
|
2018-03-20 20:26:04 | Virsec Raises $24 Million in Series B Funding (lien direct) | Virsec, a cybersecurity company that protects applications from various attacks, today announced that it has closed a $24 million Series B funding round led by tech investment firm BlueIO.
This latest funding round brings the total amount raised to-date by the company to $32 million. The company previously raised $1 million in seed funding and $7 million in a Series A funding round.
Virsec explains that its technology can protect applications by protecting processes in memory and pinpointing attacks in real-time, within any application. In more detail, the company explains that its Trusted Execution technology “maps acceptable application execution, and instantly detects deviations caused by attacks.”
“The battleground has shifted in cybersecurity and the industry is not keeping up,” said Atiq Raza, CEO of San Jose, California-based Virsec. “With our deep understanding of process memory, control flow, and application context, we have developed a revolutionary solution that stops attacks in their tracks, where businesses are most vulnerable – within applications and processes.”
Additional investors participating in the round include Artiman Ventures, Amity Ventures, Raj Singh, and Boston Seed Capital.
|
Guideline | Equifax | |
|
2018-03-20 19:50:00 | Cambridge Analytica Debacle -The Definition Of Breach (lien direct) |
Pretty much the motto of my profession is “word choice matters.” I say it a lot. It appears somewhere in the marginalia of pretty much everything I’ve ever edited. Words have denotation, and connotation. There are considerations for dialect, and for popular use.
It can be fiddly and annoying to be queried so; I get it. You know what you meant, and you grabbed the word in your head that, to you, meant that thing. One of the glories of having your work edited is that someone who isn’t you can hold up a mirror, to make sure that the word on the page means as close as possible to what you meant in your head, to the greatest number of people, no matter where they’re from or what language they natively speak. Here at AlienVault, we’ve had some great discussions about the differences in connotation in different words between our Irish speakers, who learned Hiberno-English (which gets the hyphen when none of the others do), Chinese speakers, who learned British English, and Americans, who learned American English with intense regional dialect (the Texans and the Californians are occasionally mutually unintelligible.)
But there’s one thing that none of us tolerate; the choosing of a word to deliberately mislead. When one works in fiction, one is used to the painting of pictures with words. When one chooses to work primarily in technology, it’s often because you’re way more comfortable with the nicely concrete, if entirely mutable. In technology, a thing is, or it is not. It’s variations on a theme of zeros and ones, no matter whether it’s software or hardware.
It is therefore maddening beyond belief when the unambiguous words of technology are used to mislead the non-technical public. I’m of course talking about the Cambridge Analytica debacle, which is being referred to across the media landscape as “a data breach.”
A data breach is when someone who is not authorized to handle specific information obtains access to that information. It’s a non-trivial failure of the security measures a responsible company or reasonable individuals would have in place. It implies wrongdoing, it implies malice, it implies a victim/attacker relationship.
But when data is harvested and used with the unknowing opt-in of thousands of people, that’s not a breach. There are no hackers here; just people who knew how to use freely-given personal data to manipulate not very technically astute people to some political end.
Lorenzo Franceschi-Bicchierai, as usual, gets it:
We’ve been regularly covering data breaches for years. No one hacked into Facebook’s servers exploiting a bug, like hackers did when they stole the personal data of more than 140 million people from Equifax. No one tricked Facebook users into giving away their passwords and then stole their data, like Russian hackers did when they broke into the email accounts of John Podesta and others through phishing emails.
Facebook obviously doesn't want the public to think it suffered a ma |
Guideline | Equifax Yahoo | |
|
2018-03-16 13:00:00 | Things I hearted this week 16th March 2018 (lien direct) |
Last weekend, my daughter and I finally got around to watching Wonder Woman. We quite enjoyed it. There was a part in which Chris Pine’s character said, “My father told me once, he said, "If you see something wrong happening in the world, you can either do nothing, or you can do something". And I already tried nothing."
So, I turned to my daughter and asked, "When you're older will you say awesome quotes and attribute them to your dad so I'll appear all knowing and wise?"
She replied, "Yeah, I'll say 'my father told me if you see something wrong you can either do nothing, or send memes'".
Not sure if that means I’ve succeeded as a Dad or failed miserably. Hopefully she’ll come across one of these posts in the future and realise there was more to me than just memes.
Operation Bayonet
This article gives a fascinating insight into how law enforcement infiltrated and took down a drug market.
As reports of these kinds of operations become available, Hollywood should really be looking to these for inspiration. Far better plots than most fiction!
Operation Bayonet: Inside the sting that hijacked an entire dark web drug market | Wired
How many devices are misconfigured… or not configured?
I saw this blog that Anton Chuvakin posted over at Gartner stating that there’s a lot of security technology which is deployed yet misconfigured, not configured optimally, set to default, or deployed broken in other ways.
Broadly speaking, I agree, in the race to get things done, assurance often takes a back seat. But there’s no obvious answer. Testing takes time and expertise. Unless it’s automated. But even then someone needs to look at the results and get things fixed. DevSecOps maybe?
How Much of Your Security Gear Is Misconfigured or Not Configured? | Gartner
Hacking encrypted phones
Encrypted phone company Ciphr claims it was hacked by a rival company. A preview into how vicious digital rivals can get. And regardless of who is to blame, the fact remains that the real victims here are the users.
Customer Data From Encrypted Phone Company Ciphr Has Been Dumped Online | Motherboard
Hidden Cobra on Turkish Banks
Bankshot implants are distributed from a domain with a name similar to that of the cryptocurrency-lending platform Falcon Coin, but the similarly named domain is not associated with the legitimate entity. The malicious domain falcancoin.io was created December 27, 2017, and was updated on February 19, only a few days before the implants began to appear. These implants are variations of earlier forms of Bankshot, a remote access tool that gives an attacker full capability on a victim’s system. This implant also contains functionality to wipe files and content from the targeted system to erase evidence or perform other destructive actions. Bankshot was first reported by the Department of Homeland Security on December 13, 2017, and has only recently resurfaced in newly compiled variants. The sample we analyzed is 99% similar to the documented Bankshot variants from 2017.
|
Medical | Equifax APT 38 | |
|
2018-03-15 01:38:04 | Palo Alto Networks to Acquire CIA-Backed Cloud Security Firm Evident.io for $300 Million (lien direct) | Network security firm Palo Alto Networks (NYSE: PANW) on Wednesday said that it has agreed to acquire cloud security and compliance firm Evident.io for $300 million in cash.
Palo Alto Networks currently has several security offerings that cater to cloud environments, including its VM-Series virtualized next-generation firewalls, API-based security for public cloud services infrastructure, and Traps for host-based security.
Pleasanton, Calif.-based Evident.io's flagship Evident Security Platform (ESP) helps customers reduce cloud security risk by minimizing the attack surface and improving overall security posture. ESP can continuously monitor AWS and Microsoft Azure deployments, identify and assess security risks, provide security teams with remediation guidance, along with providing security auditing and compliance reporting by analyzing configurations of services and account settings against security and compliance controls.
“Once integrated with the Palo Alto Networks cloud security offering, customers will be able to use a single approach to continuous monitoring, comprehensive storage security, and compliance validation and reporting,” explained Tim Prendergast, CEO & Co-Founder of Evident.io.
Evident.io is backed by Bain Capital Ventures, True Ventures, Venrock, Google Ventures, and In-Q-Tel, the not-for-profit venture capital arm of the CIA.
The acquisition is expected to close during Palo Alto Networks fiscal third quarter, subject to satisfaction of customary closing conditions.
Evident.io's co-founders, Tim Prendergast and Justin Lundy, will join Palo Alto Networks.
|
Guideline | Equifax | |
|
2018-03-14 17:16:03 | (Déjà vu) Ex-Equifax exec charged with insider trading after selling $1 million worth of stock before data breach disclosure (lien direct) |  A former Equifax executive, who sold nearly $1 million worth of shares before the company's massive data breach was made public, has been charged with insider trading.
|
Equifax | ||
|
2018-03-14 15:49:00 | Former Equifax executive charged with insider trading after data breach (lien direct) | The SEC accuses the former executive of dumping stock before Equifax made the breach public. | Equifax | ||
|
2018-03-14 15:17:04 | Former Equifax CIO Charged With Insider Trading (lien direct) | The United States Securities and Exchange Commission (SEC) said it has charged Jun Ying, former chief information officer (CIO) of a business unit of Equifax, with insider trading in connection with the massive data breach disclosed in late 2017 that put millions of customers at risk. The SEC alleges that before Equifax's public disclosure of the breach in September 2017, Ying exercised all of his vested Equifax stock options and then sold the shares, taking proceeds of roughly $1 million. By selling his shares before public disclosure of the data breach, Ying avoided more than $117,000 in losses, the SEC says. According to the SEC's complaint, Jun Ying, who reportedly was next in line to be the company's global CIO, allegedly used confidential information provided to him by the company to conclude that Equifax had suffered a serious breach that exposed sensitive personal information of more than 148 million U.S. customers. The Atlanta-based company has been under fire for not explaining why it waited more than a month to warn affected customers about a risk of identity theft and fraud. Questions were also raised after four Equifax executives sold stock worth $1.8 million just prior to public disclosure of the hack. Equifax claimed that the execs had been unaware of the breach when they sold shares. “As alleged in our complaint, Ying used confidential information to conclude that his company had suffered a massive data breach, and he dumped his stock before the news went public,” said Richard R. Best, Director of the SEC's Atlanta Regional Office. “Corporate insiders who learn inside information, including information about material cyber intrusions, cannot betray shareholders for their own financial benefit.” Ying has been charged with violating the antifraud provisions of the federal securities laws and seeks repayment of ill-gotten gains plus interest, penalties, and injunctive relief. “Upon learning about Mr. Ying's August sale of Equifax shares, we launched a re | Guideline | Equifax | |
|
2018-03-14 11:50:00 | SEC Charges Former Equifax Exec with Insider Trading (lien direct) | CIO of a US business unit within Equifax had reportedly learned of the company's data breach and sold his shares for nearly $1 million. | Equifax | ||
|
2018-03-13 15:50:02 | (Déjà vu) Usual Threats, But More Sophisticated and Faster: Report (lien direct) | Almost Every Type of Cyber Attack is Increasing in Both Volume and Sophistication Eight new malware samples were recorded every second during the final three months of 2017. The use of fileless attacks, primarily via PowerShell, grew; and there was a surge in cryptocurrency hijacking malware. These were the primary threats outlined in the latest McAfee Lab's Threat Report (PDF) covering Q4 2017. The growth of cryptomining malware coincided with the surge in Bitcoin value, which peaked at just under $20,000 on Dec. 22. With the cost of dedicated mining hardware at upwards of $5,000 per machine, criminals chose to steal users' CPU time via malware. It demonstrates how criminals always follow the money, and choose the least expensive method of acquiring it with the greatest chance of avoiding detection. Since December, Bitcoin's value has fallen to $9,000 (at the time of publishing). Criminals' focus on Bitcoin is likewise being modified, with Ethereum and Monero becoming popular. Last week, Microsoft discovered a major campaign focused on stealing Electroneum. "We currently see discussions in underground forums that suggest moving from Bitcoin to Litecoin because the latter is a safer model with less chance of exposure," comments Raj Samani, chief scientist and McAfee fellow with the Advanced Threat Research Team. The speed with which criminals adapt to their latest market conditions is also seen in the way they maximize their asymmetric advantage. "Adversaries," writes Samani, "have the luxury of access to research done by the technical community, and can download and use opensource tools to support their campaigns, while the defenders' level of insight into cybercriminal activities is considerably more limited, and identifying evolving tactics often must take place after malicious campaigns have begun." Examples of attackers making use of legitimate research include Fancy Bear (APT28) leveraging a Microsoft Office Dynamic Data Exchange technique in November 2017 that had been made public just a few we | NotPetya Equifax APT 28 | ||
|
2018-03-11 18:51:00 | Checked Your Credit Since the Equifax Hack? (lien direct) | A recent consumer survey suggests that half of all Americans still haven't checked their credit report since the Equifax breach last year exposed the Social Security numbers, dates of birth, addresses and other personal information on nearly 150 million people. If you're in that fifty percent, please make an effort to remedy that soon. Credit reports from the three major bureaus -- Equifax, Experian and Trans Union -- can be obtained online for free at annualcreditreport.com -- the only Web site mandated by Congress to serve each American a free credit report every year. | Equifax | ||
|
2018-03-06 21:24:01 | What Is Your Bank\'s Security Banking On? (lien direct) | A large number of banks, credit unions and other financial institutions just pushed customers onto new e-banking platforms that asked them to reset their account passwords by entering a username plus some other static identifier -- such as the first six digits of their Social Security number, or a mix of partial SSN, date of birth or surname. Here's a closer look at what may be going on (spoiler: small, regional banks and credit unions have grown far too reliant on the whims of just a few major online banking platform providers). You might think it odd that any self-respecting financial institution would seek to authenticate customers via static data like partial SSN for passwords, and you'd be justified for thinking that, too. Nobody has any business using these static identifiers for authentication because it's all for sale on most Americans quite easily and cheaply in the cybercrime underground. The Equifax breach might have "refreshed" some of those data stores for identity thieves, but most U.S. adults have had their static details on sale for years now. On Feb. 16, KrebsOnSecurity reader Brent Hoeft shared a copy of an email he'd just received from his financial institution Associated Bank, which at $30+ billion in assets happens to be Wisconsin's largest by asset size. | Equifax | ||
|
2018-03-05 15:30:02 | Expanded Equifax Breach (lien direct) | The ISBuzz Post: This Post Expanded Equifax Breach | Equifax | ||
|
2018-03-02 20:12:05 | Equifax Adds 2.4 Million More People to List of Those Impacted By 2017 Breach (lien direct) | Equifax said that an additional 2.4 million Americans have been impacted by a 2017 data breach, bringing the total of those implicated to around 148 million people. | Equifax | ||
|
2018-03-02 14:00:00 | Things I Hearted this Week 2nd March 2018 (lien direct) |
This week London has been in the midst of snowmageddon! An inch of snow ground the city to a halt with schools closed and the capital on red alert. Fortunately, one of the perks of working from home is that I get to stay on top of the security news regardless of the weather, so put on your snow boots and jump right in.
Trading stocks in the wake of breaches
The US securities and Exchange Commission (SEC) has waned high-ranking executives not to trade stocks before disclosing beaches, major vulnerabilities and other cybersecurity related incidents.
SEC statement on public company cybersecurity disclosure (PDF) | SEC
After Intel & Equifax Incidents, SEC Warns Execs Not to Trade Stock While Investigating Security Incidents | Bleeping Computer
Tracking your sold hardware
Many devices now come with tracking features to help you find it if it gets lost or stolen. It started predominantly with phones, but now is in most laptops, desktops, and plenty of smart devices.
The trouble is that location tracking isn’t something we intuitively ask for when buying or selling an item. We just assume that the seller has disabled it, or it wasn’t enabled in the first place. Will we get to a point where before buying a smart teddy, a kid will ask if its been factory-wiped and all credentials removed?
How I sold an old Mac and unknowingly had access to its location for over 3 years | Bredon Mulligan / Medium
Cover your own assets
John Carroll wrote an interesting blog post on influencing business layers that might not get infosec.
Cover your own ass(ets) | CTU Security
Cybersecurity Style Guide
How many times have you wished you had a cybersecurity style guide to help you understand how to pronounce security phrases, or write a word, or the definitive meaning of a term. Well, your wishes have all been answered as Bishop Fox has created a style guide for you.
Web Semantics: The Bishop Fox Cybersecurity Style Guide | Wired
Download the Bishop Fox Cybersecurity Style Guide (PDF) | Bishop Fox
Revenge Hacking
Well, at least the motive was easy to establish.
Man admits hacking former employer’s computer system for revenge | Hackread
Teach a man to Phis |
Equifax | ||
 |
2018-03-02 13:25:05 | Equifax confirmed additional 2.4 Million identifies affected by security breach (lien direct) | The results of the forensic investigation on the massive Equifax hack revealed additional 2.4 Million identities were involved in the security incident. The massive Equifax hack made the headlines again, new revelations about the security breach emerge in the last hours. The credit bureau company announced this week it identified an additional 2.4 million American consumers affected by […] | Equifax | ||
|
2018-03-02 03:26:02 | Equifax Identifies 2.4 Million More Affected by Massive Hack (lien direct) | US credit bureau Equifax said Thursday it identified an additional 2.4 million American consumers affected by last year's massive data breach that sparked a public outcry and a congressional probe. | Equifax | ||
|
2018-03-02 01:40:00 | Equifax finds 2.5 Million more Victims of Hack (lien direct) | Equifax on Thursday disclosed that 2.4 million additional customers had information stolen in a 2017 cyber attack. The company said it overlooked the victims in prior forensic analysis of the incident. The credit rating agency Equifax said on Thursday that it has identified 2.5 million additional victims of a months long hack it first disclosed...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/529742322/0/thesecurityledger -->» | Equifax | ||
|
2018-03-01 16:35:00 | Equifax says millions more Americans affected by hack than first thought (lien direct) | An additional 2.4 million Americans have been identified as victims of the company's 2017 breach. | Equifax |
To see everything:
Our RSS (filtrered)
