Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Yahoo! braces itself for enormous class-action suit over breaches

A court ruling means that Yahoo! and its parent company, Verizon, could end paying a heavy price for the huge breaches that saw more than 1 billion people’s details compromised.

Dragonfly: Western energy sector targeted by sophisticated attack group

The energy sector in Europe and North America is being targeted by a new wave of cyber attacks that could provide attackers with the means to severely disrupt affected operations. The group behind these attacks is known as Dragonfly. The group has been in operation since at least 2011 but has re-emerged over the past two years from a quiet period following exposure by Symantec and a number of other researchers in 2014. This “Dragonfly 2.0” campaign, which appears to have begun in late 2015, shares tactics and tools used in earlier campaigns by the group.

FBI reportedly advising companies to ditch Kaspersky apps

The law enforcement agency has met with firms in the energy and tech sectors.

Kaspersky Lab’s tussle with the US government could have ramifications for its dealings with the private sector. A new report claims the FBI has been meeting with companies to warn them of the threat posed by the cybersecurity firm. The briefings are the latest chapter in an ongoing saga concerning the use of Kaspersky’s products by government agencies. Officials claim the company is a Russian stooge that can’t be trusted with protecting America’s critical infrastructure. The company denies these claims — its CEO Eugene Kaspersky has even offered up its source code in a bid to clear his firm’s name.
Due to global political events, I can no longer recommend Kaspersky.  It may be fine today, but one update can introduce a remote access backdoor to any system running Kaspersky software.

More Equifax News from Brian Krebs

Yes it is worse than we were told.

Ayuda! (Help!) Equifax Has My Data!

…an online portal designed to let Equifax employees in Argentina manage credit report disputes from consumers in that country was wide open, protected by perhaps the most easy-to-guess password combination ever: “admin/admin.”

The Equifax Breach: What You Should Know

Great advice about what to do now and how to protect yourself.

Equifax Breach Response Turns Dumpster Fire

Do not use their “Have I been breached” website.  Brought to you by the same idiots who lost your data in the first place – so what do YOU think?

Equifax Hackers Stole 200k Credit Card Accounts in One Fell Swoop

What else!  How about this?

Equifax has been sending customers to a fake phishing site for weeks

IRS Issues Urgent Warning to Beware IRS FBI Themed Ransomware Scam

US-CERT to Discontinue SMS Text Messages

US-CERT will be discontinuing SMS text messages (wireless alerts) this month. To ensure you continue receiving the latest information about security topics and threats, please update your subscriber profile to include an email address. Alternatively, subscribe here using your email address.

If you’re receiving this notification via email, you do not need to take any action. As we approach October, National Cyber Security Awareness Month, consider sharing the following link with friends and family so that they can stay current on risks potentially affecting their systems and data: https://www.us-cert.gov/ncas. At the bottom of every US-CERT.gov webpage is a link to subscribe to email alerts.

Avast’s Piriform Releases Security Update for CCleaner

09/19/2017 01:44 PM EDT Original release date: September 19, 2017

Piriform, a subsidiary of Avast, has released CCleaner 5.34 and has pushed v1.07.3214 to CCleaner Cloud users. These versions do not contain the Floxif malware found in the 32-bit versions of CCleaner 5.33.6162 and CCleaner Cloud 1.07.3191. Floxif malware collects information from the victim’s system and can download additional malware to the system.

US-CERT encourages users and administrators to review the Piriform Security Notification and apply the necessary update.

27 Million Emails Just Went Out Spreading a New Variant of Locky Ransomware

These massive spam campaigns are disguised as invoice notices, voicemail memos, and Amazon Marketplace messages.  See examples at Barkly blog



About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.