What do Best Buy and the US government have in common? - This week in cybersecurity
Late last night, Equifax confirmed that a web server vulnerability in Apache Struts that it failed to patch months ago was the cause of a data breach that affected over 143 million consumers, ZDNet reports. Read more.
Best Buy announced that they will no longer be selling internet security software from Kaspersky due to concerns with the company’s involvement with the Russian government reports the Star Tribune. Read more.
Security researchers from Armis have identified a new mobile attack that affects almost any Android, Linux or Window device that hasn’t been patched and has Bluetooth turned on. These flaws are dangerous because they can be fully automated and don’t require any user interaction. Read more.
The English Football Association (FA) will increase cybersecurity for the 2018 World Cup in Russia after hacking attacks by a group suspected of links to a Russian spy agency reports Reuters. Read more.
In response to past enterprise cyber threats, China announced today that it will create a national data repository for details on cyber attacks and require internet companies, telecom firms and domain name providers to report threats to the repository. Read more.
Security researchers have identified over 50 different applications in the Google Play market that were charging users for applications without their knowledge or consent. Ars Technica reported that as many as 4.2 million applications were downloaded. Google quickly removed the applications after they were reported by researchers. Read more.
Yesterday, the Trump administration announced the ban of Kaspersky products from U.S. government agencies after expressing concern about the company’s involvement with Kremlin, reports Reuters. Read more.