Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

admin
Pinned October 18, 2017

<> Embed

@  Email

Report

Uploaded by user
Equifax may have been hacked again
<> Embed @  Email Report

Equifax may have been hacked again

Mariella Moon, @mariella_moon

October 12, 2017
Equifax may have been hacked again | DeviceDaily.com
AOL

When Equifax’s interim CEO penned a letter of apology on The Wall Street Journal, he admitted that it will take a lot of effort to regain people’s trust. Unfortunately, the company still seems to be lacking when it comes to security, because according to Ars Technica, it’s been hacked yet again. Independent security analyst Randy Abrams told Ars that he was redirected to hxxp:centerbluray.info and was met with a Flash download when he went to equifax.com to contest a false info on his credit report.

The fake Flash installer apparently tricks people into downloading what Symantec identifies as Adware.Eorezo, an adware that inundates Internet Explorer with advertisements. Unfortunately, we can’t replicate the problem, but Abrams said he encountered the issue on three separate visits and captured one of them on video:

We reached out to Equifax to ask whether the company has already cleaned up the adware downloader. To be safe, though, don’t click on any random Flash installer that pops up when you visit the agency’s website in the near future.

Update: Equifax says its IT and security teams are looking into the issue, but while the investigation is in progress, the page has been taken offline. The company plans to share more information as it becomes available.

Update 2: An Equifax rep said the company’s website was not compromised, and the errant Flash downloader came from one of its vendors’ code.

“Despite early media reports, Equifax can confirm that its systems were not compromised and that the reported issue did not affect our consumer online dispute portal.

The issue involves a third-party vendor that Equifax uses to collect website performance data, and that vendor’s code running on an Equifax website was serving malicious content. Since we learned of the issue, the vendor’s code was removed from the webpage and we have taken the webpage offline to conduct further analysis.”

Source: Ars Technica
 

(30)

Pinned onto