Network Security News | Ingalls Information Security

Articles of interest from the week of May 27, 2019

Written by John Frasier | May 27, 2019 4:00:00 AM

In a first, Moody’s downgrades Equifax’s rating outlook due to cyberattack

Moody's has downgraded its rating outlook for Equifax from stable to negative due to losses the company sustained as a result of the massive data security breach in 2017. The revised outlook came in response to Equifax's SEC filing earlier this month. This is the first time a credit-rating agency has downgraded an organization's outlook because of the financial repercussions of a cyberattack. (By Bradley Barth, SC Corporate News)

NSA's EternalBlue is Being Used in Ransomware Attacks

The ransomware attack that has crippled the city of Baltimore's computer systems was fueled in part by a hacking tool developed by the National Security Agency (NSA). Dubbed EternalBlue by the NSA, the tool was stolen and leaked by a group known as Shadow Brokers in 2017. EternalBlue appears to have played a part in attacks against other cities' IT systems, as well as systems at hospitals, airports, and other industries. Former NSA employees speaking anonymously said that prior to its theft, the agency considered EternalBlue such a useful tool that it did not consider telling Microsoft about the flaws it exploited until EternalBlue was leaked online. (By Edward Moyer, CNET)

First American Mortgage Data Leak

First America Mortgage Corp., a real estate title insurance company, has acknowledged that 885 million files were inadvertently exposed due to a flaw in the company's document transfer system. The affected documents date as far back as 2003. The documents contain bank account numbers, tax and mortgage records, and other sensitive information. (By Brian Krebs, Krebs on Security)

Should Failing Phish Tests Be a Fireable Offense?

Would your average Internet user be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails? (By Brian Krebs, Krebs on Security)

Under GDPR, UK Data Breach Reports Quadruple

United Kingdom has seen the number of data breach notifications more than quadruple since Europe's tough new privacy law went into full force. (By Mathew J. Schwartz, BankInfoSecurity)


FI CISOs to ask for bigger cybersecurity budgets

Nearly three quarters of chief information and security officers at financial institutions plan to ask their firms for an increase in cybersecurity investments in the next year, according to a survey. (By Finextra