Tag: crime

Equifax Executives Depart Amid Growing Backlash

Equifax Executives Depart Amid Growing Backlash

In-brief: Equifax said on Friday that its Chief Information Officer and Chief Security Officer had “retired” in the wake of a massive data breach that leaked sensitive on some 143 million people. 

Equifax named a six month old vulnerability as the cause of a devastating hack of information on 140 million people. It was patched in August.

Beset by Lawsuits, Scams, Investigations, Equifax names Source of Breach

In-brief: Beset by a plunging share price, class action lawsuits in dozens of states, pending Congressional hearings and a FTC investigation, Equifax on Wednesday finally settled speculation and named a six month old hole in a common software platform, Apache Struts, as the cause of a massive hack.

A flaw in smart cameras sold by Samsung leaves them vulnerable to remote attack, researchers claim.

A Year After Mirai: Insecure Devices are still a Huge Problem

In-brief: A year after Mirai, as many as 100,000 devices, globally, may be running some version of the Mirai malware, while countless others are vulnerable to being enlisted in a Mirai-like attack. Worse: these systems may not be patched for “years,” according to the SANS Internet Storm Center. 

FBI agents arrested researcher Marcus Hutchins in Las Vegas Wednesday in connection to the Kronos Banking Trojan.

Hero WannaCry Researcher Charged over Links to Kronos Trojan

In-brief: A British researcher who became a hero after he stopped the WannaCry ransomware from spreading globally has been apprehended in Nevada and charged with distributing the Kronos banking trojan in the U.S. between July 2014 and July 2015.

Operation Lonely Guy: Iranians Use Cute Girl Profile to Cultivate, Compromise Targets in Middle East

Operation Lonely Guy: Iranians Use Cute Girl Profile to Cultivate, Compromise Targets in Middle East

Hackers working on behalf of the government of Iran are using alluring social media profiles featuring a young, English photographer to entice and then compromise the systems of high value targets in the oil and gas industry, according to a report by Dell Secureworks. In a report released on Thursday, Secureworks’ Counter Threat Unit (CTU) said that it observed an extensive phishing campaign beginning in January and February 2017 that used a polished social media profile of a young, English woman using the name “Mia Ash” to conduct highly targeted spear-phishing and social engineering attacks against employees of Middle Eastern and North Africa firms in industries like telecommunications, government, defense, oil and financial services.  The attacks are the work of an advanced persistent threat group dubbed COBALT GYPSY or “Oil Rig” that has been linked to other sophisticated attacks. The attacks, which spread across platforms including LinkedIn and Facebook, as […]