What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-10-13 12:44:08 | Data Sample in Equifax Hack Scam Possibly From Third-Party Servers (lien direct) | A data sample provided last month by scammers trying to make a profit by claiming to have breached U.S. credit reporting agency Equifax may have been obtained from unprotected Amazon Web Services (AWS) instances owned by a different company. | Equifax | ||
 |
2017-10-13 11:22:22 | (Déjà vu) Equifax hacked again (lien direct) | >Equifax has had its contract with the Internal Revenue Service (IRS) temporarily suspended after the credit reporting company had its website compromised again. View Full Story ORIGINAL SOURCE: IB Times | Equifax | ★★★★★ | |
 |
2017-10-13 08:07:44 | Equifax insists web portal has not been compromised (lien direct) | The credit rating agency has pushed back on claims of a second cyberattack. | Equifax | ||
|
2017-10-13 07:36:21 | Malicious Redirects on Equifax, TransUnion Sites Caused by Third-Party Script (lien direct) | Two of the “Big Three†U.S. credit reporting agencies, Equifax and TransUnion, were hit by a cybersecurity incident caused by the use of a third-party web analytics script. | Equifax | ||
 |
2017-10-13 07:29:08 | PODCAST: Core Security makes the case for penetration testing as an essential layer of defending networks (lien direct) | By Byron V. Acohido The Equifax debacle has a lot to teach us about how – and how not to – handle a data breach. The massive breach resulted in hackers accessing the social security numbers, birth dates, home addresses and driving license numbers for up to 143 million Americans and the credit card numbers […] | Equifax | ||
 |
2017-10-12 21:42:28 | Malvertising on Equifax, TransUnion tied to third party script (lien direct) |
Equifax's website is once again infected, this time with malvertising that redirects to a fake Flash player. Further investigation reveals TransUnion was also targeted.
Categories:
Malware
Threat analysis
Tags: EquifaxFlash PlayermalvertisingTransunion
(Read more...)
|
Equifax | ||
 |
2017-10-12 21:03:46 | Equifax Credit Assistance Site Served Spyware (lien direct) | Big-three consumer credit bureau Equifax says it has removed third-party code from its credit report assistance Web site that prompted visitors to download malicious software disguised as an update for Adobe's Flash Player software. | Equifax | ||
 |
2017-10-12 19:55:42 | Equifax website redirected visitors to fake Flash update, it\'s malvertising (lien direct) | Equifax service set up for obtaining free and discounted credit reports had been redirecting users to websites offering a fake Flash Player installer. The independent security analyst Randy Abrams discovered an Equifax service set up for obtaining free and discounted credit reports had been redirecting users to websites offering a fake Flash Player installer. “As I […] | Equifax | ||
 |
2017-10-12 16:32:54 | Equifax Takes Down Compromised Page Redirecting to Adware Download (lien direct) | Equifax has temporarily taken down one of its consumer-facing credit report services after the webpage was compromised and serving adware via a phony Flash Player download. | Equifax | ||
|
2017-10-12 16:00:27 | Labs report: summer ushers in unprecedented season of breaches (lien direct) |
In this edition of the Malwarebytes Cybercrime Tactics and Techniques report, we saw a number of high profile breaches targeting the personal information of hundreds of millions of people. We also observed shifts in malware distribution, the revival of some old families, and found cases of international tech support scams.
Categories:
Malwarebytes news
Tags: 3rd quarterandroid malwareastrumbreachcerbercybercrimecybercrime tactics and techniquesemotetEquifaxexploit kitfrancophonefruitflyglobeimposterLockymac malwaremalicious spammalspamMalwarebytesmalwarebytes labsnational health serviceNHSoceanlotusq3 2017reportRIGsmartscreensonictech support scamstrickbottrojan.clicker.hyjwhole foods
(Read more...)
|
Equifax APT 32 | ||
|
2017-10-12 15:41:06 | Equifax Website Redirects Users to Adware, Scams (lien direct) | A security researcher noticed recently that an Equifax service designed for obtaining free and discounted credit reports had been redirecting users to websites set up to serve adware and scams. | Equifax | ||
 |
2017-10-12 14:24:00 | Equifax Now Faces Potential Breach of Customer Help Page (lien direct) | Embattled credit-monitoring company takes down help page that reportedly redirects users to download a bogus software update. | Equifax | ||
 |
2017-10-11 17:04:22 | Equifax: Umm, actually hackers stole records of 15.2 million Brits, not 400,000 (lien direct) |  Equifax has confirmed that a recent data breach exposed a file containing 15.2 million UK personal information records.
|
Equifax | ||
|
2017-10-11 14:24:23 | (Déjà vu) 700,000 Britons affected by Equifax breach (lien direct) | >Equifax has revealed that almost 700,000 UK customers have had their data hacked following on from the major cyber-attack. View Full Story ORIGINAL SOURCE: Guardian | Equifax | ★★ | |
|
2017-10-10 22:14:24 | Nearly 700,000 UK Nationals Affected by Equifax Breach: Company (lien direct) | Nearly 700,000 British consumers may have had personal data compromised in the massive breach at Equifax, the US credit reporting agency said Tuesday. "Although our UK business was not breached, the attack regrettably compromised the personal information of a range of UK consumers," the company said in an emailed statement. | Equifax | ||
|
2017-10-10 22:00:01 | Equifax Hackers Stole Info on 693,665 UK Residents (lien direct) | Equifax Inc. said today an investigation into information stolen in the epic data breach the company disclosed on Sept. 7 revealed that intruders took a file containing 15.2 million UK records. The company says it is now working to inform nearly 700,000 U.K. consumers whose data was stolen in the attack. | Equifax | ||
 |
2017-10-10 19:05:26 | Equifax Issues Second Breach Estimate Correction, Says 15.2M British Affected (lien direct) | For the second time since it fessed up to suffering a data breach last month, Equifax has issued a correction, acknowledging today in a press release that hackers stole details on over 15.2 million UK citizens. [...] | Equifax | ||
 |
2017-10-10 18:45:21 | Equifax data hack affected 694,000 UK customers (lien direct) | The credit reference agency now admits that this year's huge data hack exposed some customers to "possible criminal activity". | Equifax | ||
|
2017-10-10 17:48:00 | Equifax says 693,000 UK residents affected by hack (lien direct) | The company initially said 400,000 UK residents were at risk. | Equifax | ||
|
2017-10-10 15:40:00 | Equifax: 12.5 Million UK Client Records Exposed in Breach (lien direct) | But of that data, it affects 700K of British consumers, credit-monitoring company said today. | Equifax | ||
 |
2017-10-09 08:26:30 | Disqus Demonstrates How to Do Breach Disclosure Right (lien direct) | Presently sponsored by: Matchlight by Terbium Labs: Know when your exact data appears on the dark web. Contact us for a demo today.We all jumped on "the Equifax dumpster fire bandwagon" recently and pointed to all the things that went fundamentally wrong with their disclosure process. But it's equally important that we acknowledge exemplary handling of data breaches when they occur because that's behaviour that should be encouraged. Last week,... | Equifax | ||
|
2017-10-08 18:56:50 | Equifax Breach Fallout: Your Salary History (lien direct) | In May, KrebsOnSecurity broke a story about lax security at a payroll division of big-three credit bureau Equifax that let identity thieves access personal and financial data on an unknown number of Americans. Incredibly, this same division makes it simple to access detailed salary and employment history on a large portion of Americans using little more than someone's Social Security number and date of birth -- both data elements that were stolen in the recent breach at Equifax. | Equifax | ||
|
2017-10-06 14:19:14 | Major breaches make you wonder if your information will ever be safe (lien direct) | Equifax, Sonic, CeX, Zomato – S0me of the largest data breaches have happened in 2017 and have been on a scale not seen before. This has got people asking the question: Is our data ever safe? View Full Story ORIGINAL SOURCE: Washington Post | Equifax | ||
|
2017-10-06 13:34:01 | Kaspersky Lab CEO says company may be hacking victim (lien direct) | CEO Eugene Kaspersky likened a Wall Street Journal report on his company’s software being used to hack an NSA contractor to “the script of a C movie” and said his company was in the middle of a geopolitical dispute. The CEO of Russian antivirus firm Kaspersky Lab* hit back at a report in the Wall Street Journal on Thursday...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/465978246/0/thesecurityledger -->»Related StoriesFacebook: Russia’s Hand in Disinformation Campaign That Reached MillionsInside the Equifax Hack, Facebook’s Problem with Authoritarianism & ASPertise harnesses Asperger’s Syndrome to solve Cyber Security ProblemsInside the Equifax Hack, Facebook’s Problem with Authoritarianism & ASPertise harnesses Asperger’s Syndrome to solve Cyber Security Problems - Enclosure | Equifax | ||
 |
2017-10-05 18:11:01 | Equifax Hack Blamed On Single Employee (lien direct) |  We wrote about the Equifax Hack, Data Breach and Leak last month, which happened due to a flaw in Apache Struts that for some reason hadn't been patched.
Now it seems the CEO Rick Smith is basically placing the blame on a single employee that failed to pass a message on to the right people, rather than taking responsibility for an organisational failure. It's also interesting there was a scheduled security scan not long after the flaw was disclosed and it wasn't detected.
Read the rest of Equifax Hack Blamed On Single Employee now! Only available at Darknet.
|
Equifax | ||
|
2017-10-05 14:48:47 | How Secure Are We? Preventing a Breach when Everything is Breachable (lien direct) | The recent | Equifax | ||
|
2017-10-04 17:00:00 | Yahoo, Equifax Serve as Cautionary Tales in Discerning Data Breach Scope (lien direct) | Both companies this week revealed that their previously disclosed breaches impacted a lot more people than previously thought. | Equifax Yahoo | ||
 |
2017-10-04 14:00:06 | Equifax security – Today\'s Testimony Before US House Subcommittee (lien direct) | The ISBuzz Post: This Post Equifax security – Today’s Testimony Before US House Subcommittee | Equifax | ||
|
2017-10-04 13:47:41 | Equifax ex-CEO: Hacked data wasn\'t encrypted (lien direct) | The customer data hacked by the cyber attackers during the Equifax data breach was not encrypted. View Full Story ORIGINAL SOURCE: CBS News | Equifax | ★★★★ | |
|
2017-10-04 04:34:50 | Fear Not: You, Too, Are a Cybercrime Victim! (lien direct) | Maybe you've been feeling left out because you weren't among the lucky few hundred million or billion who had their personal information stolen in either the Equifax or Yahoo! breaches. Well buck up, camper: Both companies took steps to make you feel better today. Yahoo! announced that, our bad!: It wasn't just one billion users who had their account information filched in its record-breaking 2013 data breach. It was more like three billion (read: all) users. Meanwhile, big three credit bureau Equifax added 2.5 million more victims to its roster of 143 million Americans who had their Social Security numbers and other personal data filched in a breach earlier this year. At the same time, Equifax's erstwhile CEO informed Congress that the breach was the result of even more bone-headed security than was first disclosed. To those still feeling left out by either company after this spate of news, I have only one thing to say (although I feel a bit like a broken record in repeating this): Assume you're compromised, and take steps accordingly. | Equifax Yahoo | ||
|
2017-10-03 19:27:08 | Equifax Says 145.5M Affected by Breach, Ex-CEO Testifies (lien direct) | The credit bureau Equifax said Monday the information of 145.5M Americans, was implicated in this summer's breach. | Equifax | ||
|
2017-10-03 13:24:00 | Equifax ex-chief admits responsibility \'starts at the top\' for devastating data breach (lien direct) | Former Equifax CEO Richard Smith says the data breach shouldn't have happened on his watch. | Equifax | ||
|
2017-10-03 12:57:15 | Equifax hack affected 145.5 million individuals, 2.5M more than originally stated (lien direct) | Equifax data breach may affect 2.5 million more customers than originally stated, the overall number of exposed individuals reached 145.5 million. Earlier this week, Equifax announced that additional 2.5 million U.S. consumers were exposed as a result of the massive data breach that affected the company in September. The credit reporting agency confirmed that a total of […] | Equifax | ||
 |
2017-10-03 03:57:55 | Equifax breach bigger than first reported (lien direct) | Credit rating firm says up to 145.5 million consumers may have been affected by cyber breach earlier this year | Equifax | ||
 |
2017-10-03 01:23:36 | Whoops, Turns Out 2.5 Million More Americans Were Affected By Equifax Breach (lien direct) | Equifax data breach was bigger than initially reported, exposing highly sensitive information of more Americans than previously revealed.
Credit rating agency Equifax says an additional 2.5 million U.S. consumers were also impacted by the massive data breach the company disclosed last month, bringing the total possible victims to 145.5 million from 143 million.
Equifax last month announced
|
Equifax | ||
|
2017-10-02 22:04:35 | Equifax raises the impact of US data breach (lien direct) | The credit report giant now estimates an extra 2.5 million US customers may have been affected. | Equifax | ||
|
2017-10-02 21:16:53 | Equifax Breach Bigger Than Initially Reported (lien direct) | Number of U.S. Consumers Exposed by Equifax Breach Increased by 2.5 Million | Equifax | ||
|
2017-10-02 21:12:43 | Hacker Eye on the Consultant Guy: Deloitte and the Art of spotting Vulnerable Firms from the Outside (lien direct) | In the latest Security Ledger podcast, we analyze the breach of Deloitte by talking to two people who spend a lot of time judging the security of firms by how they look to the outside world. Dan Tentler of the firm Phobos Group tells us what he found out about Deloitte doing some fast and dirty open source research. Also: we talk to Stephen...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/463606098/0/thesecurityledger -->»
Related StoriesHacker Eye on the Consultant Guy: Deloitte and the Art of spotting Vulnerable Firms from the Outside - EnclosureAfter Equifax: What Makes a Good CSO? Also: App Sec is a Mess. We Talk about Why.After Equifax: What Makes a Good CSO? Also: App Sec is a Mess. We Talk about Why. - Enclosure
|
Equifax Deloitte | ||
|
2017-10-02 19:41:28 | Equifax Warned About Vulnerability, Didn\'t Patch It: Ex-CEO (lien direct) | The security team at Equifax failed to patch a vulnerability in March after getting a warning about the flaw, opening up the credit agency to a breach affecting 143 million people, the former chief executive said Monday. | Equifax | ||
|
2017-10-02 19:30:01 | Study concludes an Additional 2.5 Million Americans Affected by Equifax Breach (lien direct) | According to a press release issued by Equifax today, a study conducted by Mandiant concluded that approximately 2.5 million additional Americans were affected by Equifax security breach. [...] | Equifax | ★★★★★ | |
|
2017-10-02 17:49:11 | ROUNDTABLE: The implications of Deloitte data breach, especially following hacks of Equifax, SEC (lien direct) | By Byron V. Acohido The astonishing rash of disclosures of data breaches at top-tier organizations continues. Big Four accounting firm Deloitte has joined Equifax and the U.S. Securities and Exchange Commission in going public about a catastrophic loss of sensitive data. Ironically, Deloitte a few years ago branched from its core auditing and tax services […] | Equifax Deloitte | ||
|
2017-10-02 17:20:00 | Equifax: Number of US Breach Victims Rises to 145.5 Million (lien direct) | Credit bureau provides update on its breach investigation. | Equifax | ||
 |
2017-10-02 10:51:19 | NBlog October 2 - a 2-phase approach to bolster the security culture (lien direct) |  We've just updated the NoticeBored website to describe the new awareness module on security culture and delivered the latest batch of security awareness materials to subscribers. Culture is a nebulous, hand-waving concept, hard to pin down and yet an important, far-reaching factor in any organization. The new module (the 63rd topic in our bulging security awareness portfolio) is essentially a recruitment drive, aimed at persuading workers to join and become integral parts of the Information Security function. The basic idea is straightforward in theory but in practice it is a challenge to get people to sit up and take notice, then to change their attitudes and behaviors. During September, we developed a two-phased approach:Strong leadership is critically important which means first convincing management (all the way up to the exec team and Board) that they are the lynch-pins. In setting the tone at the top, the way managers treat information risk, security, privacy, compliance and related issues has a marked effect on the entire organization. Their leverage is enormous, with the potential to enable or undermine the entire approach, as illustrated by the Enron, Sony and Equifax incidents.With management support in the bag, the next task is to persuade workers in general to participate actively in the organization's information security arrangements. Aside from directly appealing to staff on a personal level, we enlist the help of professionals and specialists since they too are a powerful influence on the organization - including management. October's awareness materials follow hot on the heels of the revised Information Security 101 module delivered in September. That set the scene, positioning information security as an essential part of modern business. Future modules will expand on different aspects, each one reinforcing the fundamentals ... which is part of the process of enhancing the security cu |
Guideline | Equifax | |
|
2017-10-01 20:32:41 | NBlog October 1 - security culture module (lien direct) |  Well, despite Finagle's Law, we've limped home over the finishing line. Another tidy stack of NoticeBored security awareness content is packaged up and will shortly be ready for our subscribers to download, customize and deploy.'Security culture' is the 63rd awareness topic we've covered, among the most challenging module to develop and yet also the most rewarding: it's clear, in retrospect, what an important topic this is for any organization that takes information security seriously enough to run an awareness program. In short, there is no better mechanism than an effective security awareness program with which to foster a security culture. How on Earth have we ducked the issue for so long? Perhaps it's a maturity thing. Perhaps it's cultural: we are forging new paths, heading way off the track well-beaten by more conventional security awareness programs. Just in case you missed it, there's so much more tosecurity awareness than phishing!I pity organizations that rely solely on their security and privacy policies. 'Laying down the law' is undoubtedly an important part of the process, necessary but not sufficient. If it were, speed limit signs coupled with the threat of prosecution would have long since curbed driving incidents: we'd be left dealing with genuine accidents, mechanical failures and so forth, but excess speed would hardly ever be an issue. Patently, it is not ... and that's despite the parallel investment in awareness, training and education. It doesn't take much to imagine the carnage on our roads if 'laying down the law' was all that happened. |
Equifax | ||
|
2017-09-29 16:07:09 | Here\'s What to Ask the Former Equifax CEO (lien direct) | Richard Smith -- who resigned as chief executive of big-three credit bureau Equifax this week in the wake of a data breach that exposed 143 million Social Security numbers -- is slated to testify in front of no fewer than four committees on Capitol Hill next week. If I were a lawmaker, here are some of the questions I'd ask when Mr. Smith goes to Washington. | Equifax | ||
 |
2017-09-29 13:00:00 | Things I Hearted this Week: 29th Sept 2017 (lien direct) |
We’re a whisker away from October, which means all the usual Q4 activities will soon be upon us. People will be trying to use up their annual leave before the end of the year, holiday dinners will be being planned, budget plans will be adjusted, and breaches – oh the breaches will just keep rolling to the point of fatigue. But at least they will be ginger latte flavoured breaches.
When a breach costs the top job
In an M Night Shyamalan plot twist, Richard Smith, CEO of Equifax has resigned in the wake of the huge data breach which saw an estimated 143 million records exposed.
Is there any doubt that information security should be taken seriously at the highest of levels? Or do the heads of CEOs need to roll on a more frequent basis for businesses to understand security isn’t an isolated IT issue to manage?
Equifax CEO suddenly 'retires' following an epic data breach affecting up to 143 million people | CNBC
Equifax CEO Richard Smith resigns after uproar over massive hack | Bloomberg
Trying to Stem Fallout From Breach, Equifax Replaces C.E.O. | NY Times
How much does that train journey cost?
Transport for London which runs the London underground, aka the Tube, introduced WiFi on trains a couple of years ago. Many commuters were glad to be able to connect in the otherwise dead zones, giving an excuse to stare at their phones to avoid even accidental eye contact with another Londoner making their way to or from work.
However, getting even a little bit of data attracts business attention like blood in the water attracts sharks. There are plans to track customers through their WiFi connection and then sell on the data – potentially netting Transport for London (Tfl) £322m.
Of course, this isn’t the only company to do so. Many free WiFi providers, such as those in shopping centres (malls) will track customer movement. The only way to defend against such tracking is to turn off WiFi on the device.
It reinforces how much customer data is worth, but how little people actually care, or consider the cost.
Maybe GDPR will help in this regard as Tfl will have to demonstrate consent per person for this, and also allow for opt-outs.
Tfl plans to make £322m by collecting data from passengers’ mobiles | Sky news
Transport for London bosses planning to track commuters using WiFi | Evening Standard
Here’s what Tfl learned from tracking your phone on the tube | Gizmondo
Qualifications and tech jobs
This isn’t really news – but a deb |
Equifax | ||
|
2017-09-28 13:00:00 | Report: Bank Email Fraud Increases since Equifax Breach (lien direct) | Cyberthieves are impersonating banks to send bogus "secure" bank email messages. | Equifax | ||
|
2017-09-28 12:52:26 | GDPR - Not Just a European Concern (lien direct) | The recent Equifax breach that has been all over the news raises an interesting question: How would the situation have played out if it was after May 25, 2018 when the new General Data Protection Regulations (GDPR) are due to come into force? While none of us has a crystal ball, we can bet the outcome for Equifax would be even worse. | Equifax | ||
 |
2017-09-27 14:00:00 | Tech Talk: The Equifax data breach, a new Apple Watch and the A.I. revolution (lien direct) | With the Equifax breach still making waves, the new Apple Watch now on wrists and A.I. seemingly everywhere, our panel digs into what's happening in the IT world. | Equifax | ||
|
2017-09-26 18:42:47 | It\'s Not The Crime, It\'s The Coverup or the Chaos (lien direct) | Well, Richard Smith has “resigned” from Equifax. The CEO being fired is a rare outcome of a breach, and so I want to discuss what’s going on and put it into context, which includes the failures at DHS, and Deloitte breach. Also, I aim to follow the advice to praise specifically and criticize in general, … Continue reading "It’s Not The Crime, It’s The Coverup or the Chaos" | Equifax Deloitte |
To see everything:
Our RSS (filtrered)
