A court ruling means that Yahoo! and its parent company, Verizon, could end paying a heavy price for the huge breaches that saw more than 1 billion people’s details compromised.
The energy sector in Europe and North America is being targeted by a new wave of cyber attacks that could provide attackers with the means to severely disrupt affected operations. The group behind these attacks is known as Dragonfly. The group has been in operation since at least 2011 but has re-emerged over the past two years from a quiet period following exposure by Symantec and a number of other researchers in 2014. This “Dragonfly 2.0” campaign, which appears to have begun in late 2015, shares tactics and tools used in earlier campaigns by the group.
The law enforcement agency has met with firms in the energy and tech sectors.
More Equifax News from Brian Krebs
Yes it is worse than we were told.
…an online portal designed to let Equifax employees in Argentina manage credit report disputes from consumers in that country was wide open, protected by perhaps the most easy-to-guess password combination ever: “admin/admin.”
Great advice about what to do now and how to protect yourself.
Do not use their “Have I been breached” website. Brought to you by the same idiots who lost your data in the first place – so what do YOU think?
What else! How about this?
US-CERT to Discontinue SMS Text Messages
US-CERT will be discontinuing SMS text messages (wireless alerts) this month. To ensure you continue receiving the latest information about security topics and threats, please update your subscriber profile to include an email address. Alternatively, subscribe here using your email address.
If you’re receiving this notification via email, you do not need to take any action. As we approach October, National Cyber Security Awareness Month, consider sharing the following link with friends and family so that they can stay current on risks potentially affecting their systems and data: https://www.us-cert.gov/ncas. At the bottom of every US-CERT.gov webpage is a link to subscribe to email alerts.
09/19/2017 01:44 PM EDT Original release date: September 19, 2017
Piriform, a subsidiary of Avast, has released CCleaner 5.34 and has pushed v1.07.3214 to CCleaner Cloud users. These versions do not contain the Floxif malware found in the 32-bit versions of CCleaner 5.33.6162 and CCleaner Cloud 1.07.3191. Floxif malware collects information from the victim’s system and can download additional malware to the system.
US-CERT encourages users and administrators to review the Piriform Security Notification and apply the necessary update.
These massive spam campaigns are disguised as invoice notices, voicemail memos, and Amazon Marketplace messages. See examples at Barkly blog