Category: Tech

Digital security is your business.

‘Terrified’ 60-year-old woman told to pay up for illegally downloading porn
Edit: Just to reinforce the lessons of the article, the demand for payment is legit, although unethical. The woman supposedly had her machine cracked, vector unknown. A file-sharing program was installed without her knowledge and it was sharing copyright material.
It’s the cost of being online. Buy/subscribe to anti-malware/anti-virus programs. Keep your machines up to date, upgrade the machines if the OS goes out of date.

Trust Nothing

A version of Piriform’s CCleaner was injected with a trojan during the build.

Based on further analysis, we found that the 5.33.6162 version of CCleaner and the 1.07.3191 version of CCleaner Cloud was illegally modified before it was released to the public, and we started an investigation process. We also immediately contacted law enforcement units and worked with them on resolving the issue. Before delving into the technical details, let me say that the threat has now been resolved in the sense that the rogue server is down, other potential servers are out of the control of the attacker, and we’re moving all existing CCleaner v5.33.6162 users to the latest version.

Equifax

It’s a biggie.

“This is massive,” said Paul Martini, chief executive officer of Iboss, a cybersecurity firm. “This overshadows any other breach that we’ve seen to date — not just the volume, the size, but the type of data that was in that database.”

WikiLeaks Latest in Vault 7

Breitbart reporting on the latest leaks out of Wikileaks.

WikiLeaks’ latest release in their CIA Vault 7 series details a number of advanced hacking tools that fall under the title of “Project Imperial.” The programs “Achilles” and “SeaPea” both target MacOS while the “Aeris” program targets Linux based systems. The WikiLeaks release page states that CIA agents can use Achilles to, “Trojan an OS X disk image (.dmg) installer with one or more desired operator specified executables for a one-time execution.”

H/t: Adrian

The Cloud

Centralize your and your customers data with hard to learn API’s and confusing security options! Join now for just half the price of a good IT person!

The exposed data includes the names, addresses, account information, email addresses, and last four digits of credit card numbers of millions of subscribers to Dow Jones publications like The Wall Street Journal and Barron’s. Also exposed in the cloud leak were the details of 1.6 million entries in a suite of databases known as Dow Jones Risk and Compliance, a set of subscription-only corporate intelligence programs used largely by financial institutions for compliance with anti-money laundering regulations.

An “outsourcer and cost-cutter”

Not much meat in the article to justify this headline, but still:

British Airways boss ‘tries to gag staff’ over IT failure which hit 300,000 passengers after ‘inexperienced staff outsourced to India didn’t know to launch back up system’

If true, no surprise. IT is and always will be thought of as a cost centre in business. I have some trepidation about the mass movement in business to more and more network based (read: cloud, off-shore administration) focused technologies.

Navigation