The data-wiping Shamoon malware resurfaced this week at Italian oil and gas contractor Saipem, where it destroyed files on about 10 percent of company PCs, according to a published report. The attacks may be linked to Saipem’s work with Saudi Aramco, a target of earlier Shamoon attacks.
Hacks & Hackers
Security researchers have uncovered a three-year cyber attack on a Russian oil company that appeared at first glance to be state-sponsored, but later was found to be the work of cyber criminals seeking financial gain. The discovery is a cautionary tale for security experts not to be too rash when when drawing conclusions about high-profile cyber attacks.
Podcast Episode 123: HaveIBeenPwned’s Troy Hunt on Marriott’s Big Mess and GreatHorn on the Asymmetric Threat of Email
Thanks to our friends at GreatHorn for sponsoring this week’s podcast. In this episode of the Podcast, # 123: Troy Hunt, the founder of HaveIBeenPwned.com joins us to talk about Marriott International’s big mess: a breach of Starwood Hotels’ reservation system that revealed information on half a billion (with a “B”) guests. And, in our second segment: you’ve heard of Business Email Compromise attacks but what about Business Service Impersonation scams? In our second segment we speak with Kevin O’Brien the CEO and co-founder of GreatHorn about using machine learning to defend against asymmetric messaging threats.
The Marriott breach underscores how companies fail to price in the risk of poor data security. In the age of GDPR, that could be an expensive failure.
A massive database holding more than 114 million records of U.S. citizens and companies was discovered sitting online unprotected due to misconfigured search, a data leak that is estimated to affect about 83 million people.