Threats

Equifax named a six month old vulnerability as the cause of a devastating hack of information on 140 million people. It was patched in August.

Beset by Lawsuits, Scams, Investigations, Equifax names Source of Breach

In-brief: Beset by a plunging share price, class action lawsuits in dozens of states, pending Congressional hearings and a FTC investigation, Equifax on Wednesday finally settled speculation and named a six month old hole in a common software platform, Apache Struts, as the cause of a massive hack.

Bluetooth Flaw affects Billions of Devices and has a Name: BlueBorne

Bluetooth Flaw affects Billions of Devices and has a Name: BlueBorne

In-brief: Dubbed BlueBorne, the flaw could affect billions of devices that use the Bluetooth wireless protocol, enabling remote hacks, the security firm Armis warned. 

Equifax said last week that hackers may have made off with information on 143 million individuals. But the company's response to the hack may have angered customers more than the hack itself. (Image courtesy of Equifax.)

Inside the Equifax Hack, Facebook’s Problem with Authoritarianism & ASPertise harnesses Asperger’s Syndrome

In-brief: In this week’s podcast, Security Ledger Editor in Chief Paul Roberts talks with noted security researcher Robert “RSnake” Hansen about the data breach at Equifax and why the company’s response to it was so lacking. Also: Chris Sumner of the Online Privacy Foundation talks about why Facebook is a killer app for information operations and we talk to the president of ASPertise: a consulting firm by and of professionals with Aspergers and Autism spectrum disorders.

Facebook said thousands of ads that ran on its site in 2015 and 2016 have links to Russian information operations.

Facebook: Russia’s Hand in Disinformation Campaign That Reached Millions

In-brief: Facebook said thousands of ads that ran on its site in 2015 and 2016 have links to Russian information operations. The ads were designed to foment discord around a range of issues. 

A flaw in smart cameras sold by Samsung leaves them vulnerable to remote attack, researchers claim.

A Year After Mirai: Insecure Devices are still a Huge Problem

In-brief: A year after Mirai, as many as 100,000 devices, globally, may be running some version of the Mirai malware, while countless others are vulnerable to being enlisted in a Mirai-like attack. Worse: these systems may not be patched for “years,” according to the SANS Internet Storm Center.