A Review of the Best News of the Week on Cyber Threats & Defense

Understanding the Equifax Data Breach (Anna Slomovic| Managing Personal Data)
“Like many people, I have been watching the unfolding events around the Equifax data breach with morbid fascination. I have a special interest—I was Equifax’s Chief Privacy Officer for three years until January 2014.”

Equifax Breach Fallout: Your Salary History (Krebs on Security, Oct 08 2017)
In May, KrebsOnSecurity broke a story about lax security at a payroll division of big-three credit bureau Equifax that let identity thieves access personal and financial data on an unknown number of Americans. Incredibly, this same division makes it simple to access detailed salary and employment history on a large portion of Americans using little more than someone’s Social Security number and date of birth — both data elements that were stolen in the recent breach at Equifax.

Unmasking the ransomware kingpins (Elie on Internet Security and Performance, Oct 08 2017)
This blog post exposes the cybercriminal groups that dominate the ransomware underworld, and analyzes the reasons for their success. This is the third and final blog post of a series on ransomware economics.

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

Advanced Threat Analytics security research network technical analysis: NotPetya (Microsoft Secure, Oct 03 2017)
On June 27, 2017 reports on a new variant of Petya (which was later referred to as NotPetya) malware infection began spreading across the globe. It seems the malware’s initial infection delivered via the “M.E.doc” update service, a Ukrainian finance application. Based on Microsoft’s investigation so far, the propagation steps executed by the malware can be considered sophisticated and well tested.

New 4G, 5G Network Flaw ‘Worrisome’ (Dark Reading, Oct 09 2017)
Weaknesses in the voice and data convergence technology can be exploited to allow cybercriminals to launch DoS attacks and hijack mobile data.

Forrester.com Experienced A Cybersecurity Incident (Forrester Blogs, Oct 06 2017)
Forrester.com experienced a cybersecurity incident this week. To date, the investigation has determined that the attack was limited to research reports made available to Forrester clients on Forrester.com. There is no evidence that confidential client data, financial information, or confidential employee data was accessed or exposed as part of the incident. Preliminary forensic evidence suggests that the hacker was ultimately detected and shut out of the system; remediation steps were taken.

Forget stealing data — these hackers broke into Amazon’s cloud to mine bitcoin (Business Insider, Oct 08 2017)
A report from the security intelligence group RedLock found at least two companies which had their AWS cloud services compromised by hackers who wanted nothing more than to use the computer power to mine the cryptocurrency bitcoin.

POS Malware Breach Sees Payment Cards Hit Underground Shops (X-Force Research – Security Intelligence, Oct 03 2017)
Here’s several Payment Card Industry Data Security Standard (PCI DSS) compliance and security hygiene measures implemented to help mitigate the threat from the more obvious entry points.

Hundreds of Printers Expose Backend Panels and Password Reset Functions Online (BleepingComputer, Oct 09 2017)
A security researcher has found nearly 700 Brother printers left exposed online, allowing access to the password reset function to anyone who knows what to look for.

KnockKnock campaign targets Office 365 corporate email accounts (Help Net Security, Oct 09 2017)
The KnockKnock campaign has a focus on precision targeting instead of high volume targeting, attacks averaged five email addresses for each customer.

Job seekers, freelance journalists targeted in Atlantic Magazine scam (SC Magazine, Oct 06 2017)
Freelance writers were the targets of a phishing scam when they received emails purportedly from editors at The Atlantic offering non-existent jobs.