SEC admits data breach, suggests illicit trading was key
“Regulator database opened”
The SEC has admitted to being hacked in 2016, with illegal trading potentially at the root of the breach. On Wednesday, SEC Chairman Jay Clayton said one of the financial regulator’s databases, containing corporate announcements, was compromised and may have been used to gain an advantage in stock trading.
CCleaner Hack Carried Out In Order to Target Big Tech Companies
“Group believed to operate out of China”
The CCleaner hack that took place over the summer and came to light this week might have been carried out by an infamous cyber-espionage group, believed to be operating out of China, and which targeted a list of who’s who of western tech companies. Thin lines connect evidence collected from the CCleaner incident to the activity of a cyber-espionage group that goes primarily by the name of Axiom, but is also referenced as APT17, DeputyDog, Tailgater Team, Hidden Lynx, Voho, Group 72, or AuroraPanda.
The malware injected into #CCleaner has shared code with several tools used by one of the APT groups from the #Axiom APT 'umbrella'.
— Costin Raiu (@craiu) September 19, 2017
Attackers Take Over WordPress, Joomla, JBoss Servers to Mine Monero
“Frequency of attacks up about 6 times”
Attacks aimed at delivering cryptocurrency mining tools on enterprise networks have gone up significantly, according to telemetry data collected by IBM’s X-Force team between January and August 2017. A recent report by fellow cyber-security firm Kaspersky found that cryptocurrency mining malware also infected over 1.65 million machines running Kaspersky solutions in the first eight months of the year.
Equifax Sent Breach Victims to Fake Website
“Failure after failure”
Equifax has made another blunder following the massive data breach suffered by the company – it advised some customers on Twitter to access a fake support website set up by a security researcher. Equifax staff advised breach victims on Twitter at least 8 times to access securityequifax2017.com instead of equifaxsecurity2017.com, the website created by the credit reporting agency following the hacker attack that affected as many as 143 million consumers in the U.S., 400,000 in the U.K. and 100,000 in Canada.
Enjoy your read? Check out our other content here.