In-brief: Equifax said on Friday that its Chief Information Officer and Chief Security Officer had “retired” in the wake of a massive data breach that leaked sensitive on some 143 million people.
In-brief: Beset by a plunging share price, class action lawsuits in dozens of states, pending Congressional hearings and a FTC investigation, Equifax on Wednesday finally settled speculation and named a six month old hole in a common software platform, Apache Struts, as the cause of a massive hack.
In-brief: A year after Mirai, as many as 100,000 devices, globally, may be running some version of the Mirai malware, while countless others are vulnerable to being enlisted in a Mirai-like attack. Worse: these systems may not be patched for “years,” according to the SANS Internet Storm Center.
In-brief: A British researcher who became a hero after he stopped the WannaCry ransomware from spreading globally has been apprehended in Nevada and charged with distributing the Kronos banking trojan in the U.S. between July 2014 and July 2015.
Operation Lonely Guy: Iranians Use Cute Girl Profile to Cultivate, Compromise Targets in Middle East
Hackers working on behalf of the government of Iran are using alluring social media profiles featuring a young, English photographer to entice and then compromise the systems of high value targets in the oil and gas industry, according to a report by Dell Secureworks. In a report released on Thursday, Secureworks’ Counter Threat Unit (CTU) said that it observed an extensive phishing campaign beginning in January and February 2017 that used a polished social media profile of a young, English woman using the name “Mia Ash” to conduct highly targeted spear-phishing and social engineering attacks against employees of Middle Eastern and North Africa firms in industries like telecommunications, government, defense, oil and financial services. The attacks are the work of an advanced persistent threat group dubbed COBALT GYPSY or “Oil Rig” that has been linked to other sophisticated attacks. The attacks, which spread across platforms including LinkedIn and Facebook, as […]