Equifax insists web portal has not been compromised

Equifax has taken down a customer support page on its websites amidst concerns that a second compromise has taken place, but insists this is not the case.
A website page affected by a third-party vendor has been removed out of “an abundance of caution,” but according to the credit rating agency, the Equifax website is still operational and has not been the subject of a second cyberattack.
More security news
企业安全歌,唱红中国,唱响全球
Republican polling firm’s database was hacked, exposing donor records
各部门要进一步充分认识信息安全保障工作的重要性和紧迫性,坚持一手抓信息化发展、一手抓信息安全保障,明确主管领导,落实部门责任,各尽其职,常抓不懈。
This Netflix-flavoured phishing attack targets your business emails
SEC spoofed, malware hosted on US gov’t server in new DNS attack
Judge smashes boundless warrant for identities of anti-Trump website users
Equifax is still dealing with the aftermath of a vast data breach, which led to the theft of personal, sensitive information belonging to roughly 145.5 million US citizens, as well as at least 693,000 UK residents and Canadian individuals.
Earlier this week, Ars Technica reported that security researcher Randy Abrams visited the website on Wednesday to check his credit report, only to find, on multiple visits, fake Flash download requests which installed the crapware Adware.Eorezo.
In a video posted to YouTube, the researcher documents malvertising attempting to lure users to download the MediaDownloaderIron.exe payload, a highly obfuscated adware bundle.
It appears that on analysis, the malicious download was potentially the result of a third-party advertising network which allowed malicious ads to slip through the net — which means that the payload was not truly hosted on the Equifax domain, but wormed its way in through an external partner.
“We are aware of the situation identified on the equifax.com website in the credit report assistance link. Our IT and Security teams are looking into this matter, and out of an abundance of caution have temporarily taken this page offline,” Equifax told the publication. “When it becomes available or we have more information to share, we will.”
See also: Equifax ex-chief admits responsibility ‘starts at the top’ for devastating data breach | Equifax says 693,000 UK residents affected by hack | Equifax: An additional 2.5M Americans affected by breach | Equifax exposes credit services’ woeful IT, processes, security
The credit rating agency later told the BBC that the company was able to “confirm that its systems were not compromised and that the reported issue did not affect our consumer online dispute portal.”
Malvertising is a constant problem for ad networks and the web domains which rely on them to generate revenue to keep websites operational.
On occasion, threat actors will be able to bid for and secure an advertising spot on a legitimate domain, but will embed malicious links or code in the advert — and together with the trust issued by the legitimate domain, visitors may be more likely to believe the ad is trustworthy and therefore click through or download malicious software.

If malvertising is at fault, there is little that Equifax could have done, and it was up to the ad network to vet their customers. As a result, the website is simply added to the list of legitimate victims of this practice, which also includes the Daily Mail, Yatra, and the Huffington Post.
Earlier this month, former Equifax CEO Richard Smith, who resigned following the security debacle, admitted that responsibility “starts at the top” for the situation and that he was ultimately at fault for a data breach which should “not have happened on his watch.”
10 things you didn’t know about the Dark…
SEE FULL GALLERY
1 – 5 of 10
NEXT
PREV
Previous and related coverageResearchers find 450,000 financial scams operating on social media SEC spoofed, malware hosted on US gov’t server in new DNS attack Judge smashes boundless warrant for identities of anti-Trump website users
安全演习,跨国合作,应急响应,组织也仔细应该学习领会相关精神,并应用到紧急事件响应计划、业务持续性和灾难恢复计划的实际工作之中!

猜您喜欢

公司应该加强对员工进行软件版权及许可证教育
软件模拟安装操作培训互动设计服务
网络安全法视频宣传片 第二集 国家网络安全的现状与重要性概述
人民日报:中国出境游新气象 倒逼国外商家改收款习惯
NOVINLEATHER SHELLHOUSEFUNERALHOME
企业安全意识之歌