Equifax Was Warned of Vulnerability Months Before Breach, and More Security News This Week

This week, some old security threats came back to haunt the internet, a fitting horror trope this close to Halloween.

Remember the Mirai botnet that took out the internet for a big chunk of the East Coast and beyond last year? It’s back, sort of. More specifically, a new botnet called Reaper is steadily growing, based on Mirai but with an added trick. It doesn’t just seek out IoT devices with poor password protections; it can actively take advantage of known vulnerabilities. With over a million networks already infected, it could eventually unleash a substantive DDoS attack. Think of it like a powder keg that gets a little bigger every day. Neat!

In that same vein, a new ransomware based on NotPetya, called BadRabbit, has struck the Ukraine. Curiously, though, it’s had an even bigger impact on Russian, whom security analysts largely believe was behind NotPetya in the first place.

We also took a look at the government ban of Kaspersky Lab, or more specifically the silence over what evidence it has that the Russian antivirus company poses a danger. A bug in a popular maritime platform—since fixed—underscores just how ill-prepared infrastructure at sea is for an age in which everything connects to the internet. And Apple’s Core ML machine learning engine will be a boon for developers, but has some security experts spooked about how easy it makes it to sift through your sensitive photos and such.

Finally, we took a long look at piracy’s shift from torrenting to Kodi boxes, and how the lawsuits have followed in kind.

Continue reading…

Source: Wired