Equifax lawsuit offers more evidence against passwords
Equifax’s internal security policies were a mess and directly led to one of the largest recorded data breaches in history, according to a lawsuit, demonstrating fundamental insecurities inherent in the use of passwords.
“Grossly inadequate” data protection measures that “failed to meet even the most basic industry standards”, and the use of the username and password ‘admin’ to protect a portal used to manage credit disputes are just a few of the accusations levelled at troubled credit services provider Equifax.
These accusations are from a securities fraud class action lawsuit over the September 2017 breach that saw the personal details of millions of users compromised.
New ‘unremovable’ xHelper malware has infected 45,000 Android devices
Factory resets aren’t helping. Neither are mobile antivirus solutions. Malware keeps reinstalling itself.
Over the past six months, a new Android malware strain has made a name for itself after popping up on the radar of several antivirus companies, and annoying users thanks to a self-reinstall mechanism that has made it near impossible to remove.
Named xHelper, this malware was first spotted back in March but slowly expanded to infect more than 32,000 devices by August (per Malwarebytes), eventually reaching a total of 45,000 infections this month (per Symantec).
The malware is on a clear upward trajectory. Symantec says the xHelper crew is making on average 131 new victims per day and around 2,400 new victims per month. Most of these infections have been spotted in India, the US, and Russia.
Making threat intelligence greater than the sum of its parts
Organisations can become more secure if they join up their varied sources of intelligence about business threats, and avoid losing valuable information within individual silos.
Far from being an activity solely undertaken by law enforcement and government agencies, effective intelligence can provide businesses with a wide range of benefits. These include reducing fraud and financial crime, enhancing cyber security and providing market insight to support better investment decisions.
Despite this, many organisations do not effectively unlock its full potential. Typically, companies do not recognise where intelligence can be found within the business, or worse, fail to coordinate the flow of intelligence across disparate functions.