Articles about incident response

UK Treasury Committee chairman calls on Equifax to answer for breach omnishambles

Equifax may soon face the wrath of UK politicians after the chairman of the country's House of Commons Treasury Committee demanded answers from the firm over its handling of its recent data breach. Nicky Morgan MP has written to the chief executive of Equifax Limited asking for further details about the scale of the breach, …
John Leyden, 12 Oct 2017
PHP, image via Shutterstock

Avast urges devs to secure toolchains after hacked build box led to CCleaner disaster

VB2017 Avast staffers spoke at the Virus Bulletin International Conference in Madrid, Spain, on Thursday to shed more light on their postmortem of the CCleaner fiasco – and urge developers to protect their software's toolchain and distribution systems from hackers. The widely used utility, which removes unwanted temporary files and …
John Leyden, 6 Oct 2017
League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC

Ouch: Brit council still staggering weeks after ransomware bit its PCs

A ransomware assault late last month is continuing to affect the operations of Copeland Borough Council in the northwest of England. The processing of planning applications is still being affected weeks after a major cyberattack hit the council in rural North West England. The planning application for a housing development of …
John Leyden, 29 Sep 2017

Equifax CEO falls on his sword weeks after credit biz admits mega-breach

Equifax's chairman and chief exec today resigned, weeks after the consumer credit reporting agency admitted a massive security breach. Richard Smith, who "retires" with immediate effect, has joined a growing list of senior people that exited Equifax in the wake of the mega leak that affected in excess of 100 million consumers …
John Leyden, 26 Sep 2017
dumb_and_dumber_648

What's that, Equifax? Most people expect to be notified of a breach within hours?

Equifax hasn't found time for a houseclean and is making claims of authority and competence about security breaches that, following its own recent high profile breach, come off as pretty cringeworthy. An autumn 2016 whitepaper from Equifax - still available here at the time of publication – attempts to position the credit …
John Leyden, 19 Sep 2017
Woman and gun photo via Shutterstock

FireEye pulls Equifax boasts as it tries to handle hack fallout

FireEye removed an Equifax case study* from its website in response to a recently disclosed mega-breach at the credit reference agency. Equifax’s endorsement that FireEye’s tech protected it against zero-day and targeted attacks had more than the whiff of hubris about it once it emerged hackers had successfully pwned the …
John Leyden, 11 Sep 2017
airplane

Virgin America workers reset passwords after hacker's crash landing

Virgin America's staff and contractors have been told to change their passwords after a hacker raided the airline's systems. The T-Mobile-USA-of-the-skies revealed in a letter to its workforce that its network was compromised by one or more miscreants. A copy of the missive was, as required by law, shared with California's …
Frustrated accountant puts head in hands. Photo by Shutterstock

Insurers claim cyber calamities could cost more than Hurricane Sandy

Analysis A study aiming to raise the profile of cyber insurance claims that cloud outages and ransomware outbreaks on the WannaCry scale could cost companies $81.7bn – more than natural disasters like 2012's Hurricane Sandy. That's an awful lot of money, but wait – before you fish out the wallet – how did the authors arrive at these …
John Leyden, 18 Jul 2017

The AA's copped to credit data blurt, but what about car-crash incident response?

UK motoring organisation The AA belatedly admitted late on Friday, July 7th that customer data – including in some cases partial credit card numbers – had been exposed in a recent breach. Security experts gave the confession a frosty response while a specialist IT lawyer said incident response handling of this type would risk …
John Leyden, 10 Jul 2017

Braking news: AA password reset email cockup crashes servers

UK car insurance giant the AA caused all sorts of confusion on Monday after accidentally sending out a "password update" email to people. The alert led to motorists rushing to log into the motoring organization's website to change their passwords, only to overload the servers and effectively run them over. Brits were furious …
John Leyden, 26 Jun 2017

Cybercriminals getting as good as nation state spies – report

The European energy sector is being targeted by advanced threat actors seeking proprietary information to advance the capabilities of domestic companies, according to FireEye Mandiant. The latest annual report by FireEye's incident response arm further warns that cyber threat groups are also targeting European industrial …
John Leyden, 14 Mar 2017

Good guy Logic Supply resolves breach in days, unlike some companies

US-based industrial computer supplier Logic Supply has reset user passwords following a suspected security breach. Unauthorised access through the firm's website on 6 February may have exposed customer/company names, usernames and passwords, and order information. Payment card details were not exposed, Logic Supply reassured …
John Leyden, 8 Feb 2017

Some! at! Yahoo! knew! about! mega-breach! as! early! as! 2014!

Yahoo! knew it had been compromised by a state-sponsored hackers in 2014 despite not publicly disclosing this crucial information until 2016. The disclosure of some internal knowledge prior to public admission of a problem in September 2016 comes from a recent SEC filling, in paragraphs covering the investigation of the …
John Leyden, 10 Nov 2016

Post-referendum UK still part of Euro cyberterror stress test... for now

European enterprises are teaming with information security agencies and governments to run a pan-European cyberwar readiness exercise today. Cyber Europe 2016 - which involves thousands of experts from all 28 EU Member States, Switzerland and Norway - is being co-ordinated by European Union security agency ENISA. It's the …
John Leyden, 14 Oct 2016

NHS hospitals told to swallow stronger anti-ransomware medication

NHS Digital is set to start expanding the range of cybersecurity services available to UK hospitals and clinics. CareCERT (Care Computer Emergency Response Team) launched in November 2015, offering a national service that helps health and care organisations to improve their cybersecurity defences by providing proactive advice …
John Leyden, 9 Sep 2016
Engineer aboard Das Boot U-96 responds to telegraphs

Cisco warns responders: Drop ego, assimilate with the IR playbook

Cisco wants incident responders to be more self-conscious. The Borg's seasoned computer security incident response team boffins Gavin Reid and Jeff Bollinger say a knock to the ego will help combat the Dunning-Kruger effect in which over-confidence and a steering away from the rule book can lead to dangerous oversights. The …
Darren Pauli, 27 Jul 2016

ANZ Bank staffers drop slick incident response tool for Mandiant mobs

Security boffins at ANZ, one of Australia's largest banks, have offered their nightHawk incident response tools for organisations running free Mandiant tools. Mandiant's open source platform is fit for enterprises requiring incident response at scale, and can run off a laptop for many investigations. ANZ bank security …
Darren Pauli, 15 Jul 2016
Image by Walther S http://www.shutterstock.com/gallery-955900p1.html

The six stages of post-security incident grief avoidance

AusCERT Audio Security and forensics man Ashley Deuble has outlined the six stages of good incident response that if followed could bring an enterprise in line with Fortune 50 best practice. The Griffith University security manager says the steps of preparation; identification; containment; eradication; recovery, and lessons learned are …
Darren Pauli, 26 May 2016

Create a news alert about incident response, or find more stories about incident response.

Biting the hand that feeds IT © 1998–2017