Security: Patches, CCleaner, Equifax Story Changes, 'Trusted IoT Alliance', Kali Linux 2017.2 and NBN
-
Security updates for Thursday
-
[Ubuntu] Security Team Weekly Summary: September 21, 2017
-
The CCleaner Attack Was Worse Than We Knew
-
Massive Equifax hack reportedly started 4 months before it was detected
The first evidence of the hackers' "interaction" with the Equifax network occurred on March 10, according to the report, which cited a confidential note that security firm FireEye sent to some Equifax customers. By then, a critical vulnerability in the Apache Struts Web application framework was already under active exploit on the Internet. Equifax officials have said the Struts flaw was the opening that gave attackers an initial hold in the targeted network.
Equifax has said that the breach that exposed sensitive data for as many as 143 million US consumers started on May 13 and lasted until July 30. The company didn't disclose the breach until September 7.
The attackers, according to the WSJ, eventually entered the command "Whoami," giving them the capability to determine the user account they had compromised. It was likely the beginning of months of painstaking hacking as the attackers attempted to escalate their privileges and intrude further into the Equifax network. Sometime between May and late July, the hackers accessed files that contained Equifax credentials and "performed database queries that provided access to documents and sensitive information stored in databases in an Equifax legacy environment," the report said. Eventually, the attackers accessed "numerous database tables in several databases."
-
Equifax's Troubles Grow With News of Prior Breach, DOJ Investigation Into Stock Trades
-
Equifax Canada says 100,000 Canadians may be affected by cyberattack
-
Equifax's disastrous Struts patching blunder: THOUSANDS of other orgs did it too
-
8 best practices for managing software patches
-
Plenty of blame to go around for Equifax breach
Mark Sangster, VP and Industry Security Strategist at eSentire, says, “Given the nature of Equifax data and the magnitude of the breach make this a watershed moment in breach detection and response. Many difficult questions will be asked and become the crux of numerous legal actions that will likely stem from this event. The most obvious, is why it took so long to disclose the breach. The risk to consumers begins to drop exponentially as soon as the breach becomes public, and affected companies and consumers can take defensive measures to protect their financial identity and funds.
-
Corporate America still using Equifax-like software even after hack
-
New alliance advocates the blockchain to improve IoT security, trust
-
Newly Launched 'Trusted IoT Alliance' Unites the Industry to Further a Blockchain-based Internet of Things
-
'Trusted IoT Alliance' Launches Effort to Establish a Blockchain-based Internet of Things for the Supply Chain
-
5 Ways Cisco's Trusted IoT Alliance Will Use Blockchain To Make IoT More Secure -- And What It Means For Partners1
-
Kali Linux 2017.2 Security OS Released With New Hacking Tools – Download Now!!!
-
Kali Linux 2017.2 Ethical Hacking & Pentesting OS Introduces New Security Tools
Offensive Security announced the release and general availability of the Kali Linux 2017.2 installation images for their advanced penetration testing and ethical hacking GNU/Linux distribution.
Kali Linux is the successor of the well-known Debian/Ubuntu-based BackTrack ethical hacking and penetration testing distro, and it follows a rolling release model where the user installs once and receives updates forever, or at least until he decides to reinstall.
If that's the case, the Kali Linux 2017.2 installation mediums are now available for download, and they include a bunch of general performance improvements and bugfixes, along with new security tools. The new images include all the updates pushed through the official channels since April's release of Kali Linux 2017.1.
-
NBN launches Tech Lab to collect data and resolve connection issues
- Login or register to post comments
- Printer-friendly version
- 2861 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago