Articles about incident response

man holds magnifying glass

VirusTotal slips on biz suit, says Google's daddy will help the search for nasties

Alphabet-owned malware aggregator website VirusTotal has given itself an enterprise-focused makeover. The firm said the reboot "takes advantage of Alphabet's "increased scalability of data collection, processing, and search" to help threat intel teams work faster. Front and centre of the upgrade is the introduction of Private …
John Leyden, 28 Sep 2018
malware

Can't read my, can't read my... broker face: Premium Credit back online a week after cyber attack

UK-based insurance services firm Premium Credit has hauled itself back online following a malware-based attack that struck the business more than a week ago. Premium Credit underwrites insurance premiums for a network of brokers, business and personal customers and has 400 staffers across the UK and Ireland. In a statement on …
John Leyden, 26 Sep 2018

Oh Smeg! Hacked white goods maker resurfaces after system shutdown

The Brit limb of unfortunately named and reassuringly expensive domestic appliance maker Smeg is up on its feet again after being hacked. The firm said yesterday it was "back up and running" after an "unfortunate cyber attack" that hit Wednesday 12 September. Important notice for Smeg UK customers: pic.twitter.com/XbBfWuZGHz …
John Leyden, 18 Sep 2018
Sceptic wears an incredulous expression, scrunches eyes

Veeam holds its hands up, admits database leak was plain 'complacency'

Veeam has blamed "human error" for the exposure of a marketing database containing millions of names and email addresses. The unencrypted MongoDB resource was left open for anyone to view after a migration between different AWS systems, Peter McKay, co-CEO and president at Veeam, told The Register. The resource – which wasn't …
John Leyden, 14 Sep 2018
British Airways website

British Airways hack: Infosec experts finger third-party scripts on payment pages

Security experts are debating the cause of the British Airways mega-breach, with external scripts on its payment systems emerging as a prime suspect in the hack. Why infosec folk think it was the payment system Although BA hasn't disclosed the root of the breach, the unusual precision it ascribed to the hack's duration …
John Leyden, 11 Sep 2018
THAT sand penis on BA.com. Just to the left of the L in 'Last minute deals'

Revealed: British Airways was in talks with IBM on outsourcing security just before hack

Exclusive Just weeks before being hacked in late August, British Airways' parent IAG was planning to outsource its cybersecurity to IBM, admitting it needed a "group-wide strategic and proactive approach" to counter threats. The memo in full Subject: Group IT Cyber Security Update From: John Hamilton Sent: 01 August 2018 13:56 All …
John Leyden, 7 Sep 2018
computer

Premera Blue Cross hacker victims claim insurer trashed server to hide data-slurp clues

Health-insurance biz Premera Blue Cross has been accused of deliberately knackering one of its computers to cover up details of a cyber-break-in. The organization denies any wrongdoing. The allegation was leveled last week against Premera, and is the latest twist in a long-running class-action lawsuit filed by the insurer's …
John Leyden, 6 Sep 2018

Adidas US breach may have exposed millions of customers' personal info

Adidas warned late on Thursday that hackers may have lifted customer data from its US website. The sportswear maker said personal data, including contact information (addresses and email addresses), and encrypted passwords may have fallen into the hands of criminals, but was able to reassure customers that neither financial …
John Leyden, 29 Jun 2018
Abandoned house

Ex-CEO on TalkTalk mega breach: It woz 'old shed' legacy tech wot done it

Infosec Europe Baroness Dido Harding, former chief exec of Brit telco TalkTalk, warned other business leaders of the dangers posed by legacy tech in the opening keynote of the Infosecurity Europe conference in London. Harding stood by TalkTalk's decision to alert its customers to the company's notorious October 2015 breach the same day it …
John Leyden, 5 Jun 2018
Doctors in a busy hospital

UK health service boss in the guts of WannaCry outbreak warns of more nasty code infections

The UK's National Health Service has learned from last year's WannaCry attack – and started putting in place disaster recovery measures that will allow it to maintain services in the face of an even fiercer assault. The worldwide spread of WannaCry last May hit hospital networks particularly hard and left doctors and nurses …
John Leyden, 13 Apr 2018
hacker

Gosh, these 'hacker' nerds are only getting more sophisticated

Hackers have moved away from simple point-of-sale (POS) terminal attacks to more refined assaults on corporations' head offices. An annual report from security firm Trustwave out today highlighted increased sophistication of web app hacking and social engineering tactics on the part of miscreants. Half of the incidents …
John Leyden, 5 Apr 2018
radar

US spanks EU businesses in race to detect p0wned servers

European organisations are taking longer to detect breaches than their counterparts in North America, according to a study by FireEye. Organisations in EMEA are taking almost six months (175 days) to detect an intruder in their networks, which is rather more than the 102 days that the firm found when asking the same questions …
John Leyden, 5 Apr 2018

UK Treasury Committee chairman calls on Equifax to answer for breach omnishambles

Equifax may soon face the wrath of UK politicians after the chairman of the country's House of Commons Treasury Committee demanded answers from the firm over its handling of its recent data breach. Nicky Morgan MP has written to the chief executive of Equifax Limited asking for further details about the scale of the breach, …
John Leyden, 12 Oct 2017
PHP, image via Shutterstock

Avast urges devs to secure toolchains after hacked build box led to CCleaner disaster

VB2017 Avast staffers spoke at the Virus Bulletin International Conference in Madrid, Spain, on Thursday to shed more light on their postmortem of the CCleaner fiasco – and urge developers to protect their software's toolchain and distribution systems from hackers. The widely used utility, which removes unwanted temporary files and …
John Leyden, 6 Oct 2017
League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC

Ouch: Brit council still staggering weeks after ransomware bit its PCs

A ransomware assault late last month is continuing to affect the operations of Copeland Borough Council in the northwest of England. The processing of planning applications is still being affected weeks after a major cyberattack hit the council in rural North West England. The planning application for a housing development of …
John Leyden, 29 Sep 2017
dumb_and_dumber_648

What's that, Equifax? Most people expect to be notified of a breach within hours?

Equifax hasn't found time for a houseclean and is making claims of authority and competence about security breaches that, following its own recent high profile breach, come off as pretty cringeworthy. An autumn 2016 whitepaper from Equifax - still available here at the time of publication – attempts to position the credit …
John Leyden, 19 Sep 2017
Woman and gun photo via Shutterstock

FireEye pulls Equifax boasts as it tries to handle hack fallout

FireEye removed an Equifax case study* from its website in response to a recently disclosed mega-breach at the credit reference agency. Equifax’s endorsement that FireEye’s tech protected it against zero-day and targeted attacks had more than the whiff of hubris about it once it emerged hackers had successfully pwned the …
John Leyden, 11 Sep 2017
airplane

Virgin America workers reset passwords after hacker's crash landing

Virgin America's staff and contractors have been told to change their passwords after a hacker raided the airline's systems. The T-Mobile-USA-of-the-skies revealed in a letter to its workforce that its network was compromised by one or more miscreants. A copy of the missive was, as required by law, shared with California's …

Create a news alert about incident response, or find more stories about incident response.

Biting the hand that feeds IT © 1998–2018