This week more details on the Equifax data breach surfaced, including the news that Equifax failed to patch a vulnerability that could have prevented the data breach; FTC publically investigates the Equifax data breach; 200,000 stolen credit cards were traced to the Equifax data breach as old as 2016, but Equifax denies these accusations.
This week ShadowBrokers released another NSA exploit, UNITEDRAKE that will probably not be noticed due to the Equifax data breach that affected at least 143 million; Apache Struts released a patch for a vulnerability that could potentially take over a website.
Highlighting the cyber-security news from the past week in a 120 sec. read. Starting
This week HBO confirmed a data breach that included exposing episodes from HBO series prior to their release dates; CISO's will be concerned with the details from Cisco's latest report; According to a survey, 72% of companies are beginning to identify the importance of endpoint solutions.
Highlighting the cyber-security news from the past week
In March 2017, Microsoft (known for fixing vulnerabilities in their software products once a month on “Patch Tuesday”) recently addressed post-infection detection, investigation, and response with their Windows Defender Advanced Threat Protection [ATP]). Microsoft is a company that is continuing to evolve in product/services, and is now
Earlier today, we caught a new in-the-wild version of what seemed to be WannaCry. A check with VirusTotal showed that this sample hasn't been seen before. After a brief investigation, we can conclude that this is WannaCry with slight variations. Notably, malware writers removed the kill switch from the original version. The fact that
This week NotPetya ran a campaign that was intially thought to be ransomware shutting down computers worldwide; A researcher revealed that Microsoft's new Surface laptop can be interupted by ransomware; Anthem agrees to $115M in settlement fees for the 2015 data breach.
Highlighting the cyber-security news from the past week in a 120 sec. read.
In the past few days a new Petya-like ransomware, dubbed NotPetya, infected machines across the world by leveraging some of the NSA’s exploits for the SMB protocol (EternalBlue, EternalRomance), similarly to the WannaCry attack last month. This attack overwrites the MBR (Master Boot Record) and encrypts the file-system, rendering the system
Today, enSilo has issued a patch that protects these vulnerable users from Windows' ESTEEMAUDIT, a remote desktop protocol (RDP) vulnerability that leaves users exposed to ransomware, espionage campaigns and other malicious code that can propagate in the enterprise.
By now everyone knows about WannaCry and the problem with unpatched systems.
Just weeks after the Shadow Brokers released the NSA Tools, the world has had its first taste of just how effective threats built with these tools can be. Beginning early on May 12th, a ransomware variant using the EternalBlue exploit for Microsoft Windows, began spreading like wildfire, locking down businesses and users in more than 90