This week we learned that Verizon lowered their sale of the Yahoo acquisition due to Yahoo's record breaking breaches that are now traced to a state-sponsored attack with forged cookies; cyber espionage group, APT28 AKA FancyBear is now targeting Mac's with X-Agent; and a report proves that there is a disconnect between company executives with the IT decision makers on who is responsible when cyber-attacks hit.
Why is this signficant?
- The attackers are said to gain access to accounts without needing passwords. The reason was due to the fact that the source code used to generate cookies was stolen by a potential state- sponsor. This issue has been solved by Yahoo invalidating the cookies.
- Potential affected users are being notified via email by Yahoo. Since state sponsored attacks are usually targeted attacks, the number of affected users will most likely be small.
- What is the cost of a data breach? $250M has been chipped off of the Verizon acquisition due to the recent revelations of Yahoo’s record breaking breaches.
Why is this signficant?
- X-Agent was found to be the malware culprit responsible for the Democratic National Committee (DNC) breach prior to the U.S. elections that spread via a phishing campaign.
- APT28 has many alias such as Fancy Bear and is a state-sponsored attacker originating from Russia. Apparently, APT28 is using Komplex malware targeteting Macs, and then drops in the XAgentOSX variant compromising the device. X-Agent has variants targeting Windows, iOS and Android.
- X-Agent’s track history and evolution could represent how computer viruses could easily be used as an instigator for an act of war.
There is a strong disconnect between company executives and IT decision makers on the responsibility of a cyber- attack.
Why is this significant?
- “71% of these senior executives believe cyber security to be the most significant business challenge facing them. Perhaps more significantly, almost exactly the same proportion of the IT leaders expect to be targeted by a cyber attack in the next 12 months.”
- “80% of IT teams report that their cyber security spend is part of a comprehensive strategy, but only half of the senior executives believe this to be the case. “
- We continue to see that companies need to invest in more than just the first line of defense. A comprehensive endpoint security platform containing a unique post infection protection engine eliminates obvious cyber threats and in addition stops the attacker from freezing data using ransomware, tampering data or simply stealing it.
**// Interested in comprehensive endpoint security? Prevent the consequences of cyber attacks... Read more here //**
Read the full story in Forbes