Polyverse Weekly Breach Report

breach_report

A snapshot look at the breaches and reported vulnerabilities of last week

Panerabread.com

The website for Panera Bread Company leaked millions of customer records for at least 8 months. A security researcher initially notified Panera about the leak in August of 2017 before the story broke in April of 2018. To read more: https://krebsonsecurity.com/2018/04/panerabread-com-leaks-millions-of-customer-records/

Microsoft

Days after Microsoft released its third attempt at a Meltdown fix, system admins say many of their Windows 7 and Server 2008 R2 boxes are still not patched. To read more: https://www.theregister.co.uk/2018/04/03/microsoft_windows_meltdown_patch_saga/

Facebook

Facebook has said that actually up to 87 million users information was improperly shared with Cambridge Analytica. This figure is almost double what was initially reported. To read more: https://www.zdnet.com/article/facebook-confirms-cambridge-analytica-took-more-data-than-first-thought/

Intel

A handful of CPU families affected by Spectre and Meltdown will not be patched. To read more: https://www.zdnet.com/article/intel-we-now-wont-ever-patch-spectre-variant-2-flaw-in-these-chips/

SCADA Systems

Experts are stressing the importance of securing SCADA environments after a cyberattack shut down numerous pipeline communication networks this week. Various pipelines reported data system blackouts after a third-party communication system was attacked. To read more: https://threatpost.com/insecure-scada-systems-blamed-in-rash-of-pipeline-data-network-attacks/130952/

Sensitive files

Security researchers have found 1.5 billion business and consumer files exposed on the internet. A threat intel firm detected 1,550,447,111 publicly available files across open S3 buckets, rsync, Server Message Block, FTP severs, misconfigured websites and NAS drives. To read more: https://www.theregister.co.uk/2018/04/05/billions_files_exposed_aws_ftp_wide_open/

Delta, Sears breaches

A cyberattack hit software provider [24]7.ai. Security researchers are now pinning the exposed credit card information from Delta Airlines and Sears customers on this data breach. To read more: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Verge Cryptocurrency

The value of the Verge cryptocurrency dropped 25 percent after hackers exploited a bug and forced the developers to hit the reset button and hard-fork the currency. The bugs allowed the hackers to mine blocks with bad timestamps, ultimately messing up the blockchain. To read more: https://www.theregister.co.uk/2018/04/06/verge_cryptocoin_gets_hacked_devs_go_fork_themselves/

Best Buy

Best Buy issued a public statement explaining that customers’ personal information may have been exposed in the same breach that impacted Sears, Kmart and Delta. To read more: https://techcrunch.com/2018/04/06/best-buy-customer-info-may-have-been-exposed-in-data-breach/

Reported Vulnerabilities

Intel remote keyboard

Intel is telling users to delete the popular Android and iOS app called Intel Remote Keyboard after researchers discovered an attack that can inject keystrokes while the keyboard is in use. The vulnerability received a score of 9.0 out of 10. To read more: https://threatpost.com/intel-tells-remote-keyboard-users-to-delete-app-after-critical-bug-found/130974/

Natus Xltek EEG

The Natus Xltek EEG medical products were found susceptible to “a specially crafted network packet that can cause a stack buffer overflow resulting in code execution”. To read more: https://www.theregister.co.uk/2018/04/05/netus_eeg_vulnerabilities/

Rarog Trojan

A malware family called Rarog is low priced, easily configurable and supports multiple cryptocurrencies, which makes it appealing for hackers. The Trojan has been primarily used to mine the Monero cryptocurrency at this point. To read more: https://threatpost.com/rarog-trojan-easy-entry-for-new-cryptomining-crooks-report-warns/130995/

Want to learn more?

Sign up below and receive weekly breach reports directly in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.