Equifax Sent Breach Victims to Fake Website
Equifax has made another blunder following the massive data breach suffered by the company – it advised some customers on Twitter to access a fake support website set up by a security researcher. Equifax staff advised breach victims on Twitter at least 8 times to access securityequifax2017.com instead of equifaxsecurity2017.com, the website created by the credit reporting agency…
Leaking Cloud Databases and Servers Expose Over 1 Billion Records
As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making breaches, it’s becoming clear that the greatest risks to an organization might come down to a simple permission error or server…
Equifax attackers got in through an Apache Struts flaw?
Have the attackers responsible for the Equifax data breach exploited a vulnerability in Apache Struts, a popular open source framework for developing web applications, to compromise the company’s networks? Equifax has yet to share more details about how the attack was pulled off, but a report by financial services firm Robert W. Baird & Co….
143 Million Affected in Hack of U.S. Credit Agency
A major American credit reporting agency entrusted to safeguard personal financial information said Thursday hackers looted its system in a colossal breach that could affect nearly half the US population as well as people in Britain and Canada. Equifax said that a hack it learned about on July 29 had the potential to affect 143…
Blindfolded on the Battlefield: The Importance of Threat Hunting in the Modern Age
One of the fundamental problems with cybersecurity is that organizations often do not realize when they are compromised. Traditional incident response methods are typically reactive, forcing security teams to wait for a visible sign of an attack. The problem is that many attacks today are stealthy, targeted and data-focused. Just stop for a moment to…
HBO hackers threaten to leak final episode of Game of Thrones Season 7
The attackers responsible for hacking HBO warned that they are about to leak this year’s final episode of Game of Thrones. You may have to dodge and weave as you navigate the web if you don’t want to know what happens in the final episode. (No worries; no spoilers here.) The hacking group behind the…
Sweden Rattled by Massive Confidential Data Leak
Sweden’s minority government was battling to contain the fallout Monday after a massive leak that may have made confidential military information accessible abroad, as well as the private data of millions of citizens. The leak made an entire database on Swedish drivers’ licenses available to technicians in the Czech Republic and Romania, with media reporting…
Businesses overconfident about keeping attackers at bay
Despite the increasing number of data breaches and nearly 1.4 billion data records being lost or stolen in 2016, the vast majority of IT professionals still believe perimeter security is effective at keeping unauthorized users out of their networks. However, companies are under investing in technology that adequately protects their business, according to Gemalto.
PoS Malware Hits Avanti Payment Kiosks
Micro markets solutions provider Avanti Markets has informed customers that their personal, payment card and biometric data may have been stolen by cybercriminals who managed to infect some of its kiosks with malware. According to the company, which serves 1.6 million customers across 46 U.S. states, the malware was designed to harvest information such as…
Know the Odds: The Cost of a Data Breach in 2017
We’ve all heard that when it comes to experiencing a data breach, the question is not if it will happen, but when. You may be wondering about the actual odds of it happening to your organization. Think about it this way: The chances of being struck by lightning this year are 1 in 960,000. When…