Hacks & Hackers

North American firms may be early targets of EU regulators once the GDPR data privacy laws go into effect in May, 2018.

US Firms May Be Early GDPR Targets

Large US firms may be among the first targets of EU regulators once the General Data Protection Rule goes into effect. (Editor’s Note: this blog post first appeared on Digital Guardian’s Digital Insider blog. You can read the full post here. )

Furby Connect - just one of many insecure, connected toys for sale this holiday season.

Surveillance Under The Tree: Connected Device Audit Turns up Sensors, Security Holes

Sensors and security holes are common companions on a range of connected toys and consumer devices available to consumers this holiday season. 

Equifax said the breach of its network and theft of data on 140 million individuals has cost the company $87 million so far.

Equifax says breach cost it $87m

Data broker Equifax said that the data breach that spilled information on some 140 million individuals has cost the company $87 million so far, with more costs likely in the future. The disclosure, made as part of the company’s quarterly filing with the US Securities and Exchange Commission, is the first public disclosure of the direct costs of the incident, which saw the company’s stock price plunge by more than 30% and wiped out billions of dollars in value to shareholders. Equifax said that it recorded $87.5 million in expense related to the cybersecurity incident in the third quarter of 2017. But its worth digging into that number to sort out real from anticipated costs. Around $55.5m of the $87.5m in breach related costs stems from Product costs. Professional fees added up to another $17.1m for Equifax and consumer support costs totaled $14.9m, the company said. Equifax also said it […]

The tactics of cyber criminal hacking crews are indistinguishable from those of sophisticated, state sponsored "advanced persistent threat" groups, the firm FireEye said in its most recent M-Trends report.

Dark Markets do it better, surveying the Phishing underground and dissecting a Fancy Bear attack

In episode 69 of The Security Ledger podcast, we speak with Luca Allodi of The University of Eindhoven in The Netherlands about research on the functioning of dark markets. Also: DUO Security researched the trade in phishing toolkits – you’ll be surprised at what they learned. And we deconstruct a campaign against the citizen journalism website Bellingcat.com to understand how the Russian Group known as Fancy Bear works.