Data broker Equifax said that the data breach that spilled information on some 140 million individuals has cost the company $87 million so far, with more costs likely in the future.The disclosure, made as part of the company’s quarterly filing with the US Securities and Exchange Commission, is the first public disclosure of the direct costs of the incident, which saw the company’s stock price plunge by more than 30% and wiped out billions of dollars in value to shareholders.
A new ransomware strain called Ordinypt is currently targeting victims in Germany, but instead of encrypting users’ documents, the ransomware rewrites files with random data.
Wannabe hackers looking to create their very own Reaper botnet might have gotten more than they asked when they downloaded an IP scanner over the past few weeks. The IP scanner is a PHP file that was made available as a free download a few weeks back after news broke about Reaper, a botnet made up of vulnerable routers and IoT devices.
Google announced plans for three new Chrome security features that will block websites from sneakily redirecting users to new URLs without the user or website owner’s consent. While all three additions are welcomed, one of these features has the potential to stop a few malvertising campaigns dead in their tracks, and could potentially disrupt the malware scene in the next few months.
If you get an email from Netflix telling you that your account is suspended due to a problem validating your credit card, don’t believe it. It’s almost certainly a sophisticated phishing scam that first made its appearance early this year and has since gone out to tens of millions of people. And it appears to be working: Wired reports that the cybercriminals behind the scam have continued to send it out with almost no alterations, a likely sign that it’s proving effective as a way to fool people into revealing their Netflix username and password, and even credit card numbers, home address, and date of birth. The miscreants can sell all this useful data on the dark web.