Files released by the mysterious hacker Shadow Brokers suggested Friday the US National Security Agency had penetrated the SWIFT banking network and monitored a number of Middle East banks.
Cerber, one of the most active malware families over the past year, has increased its share of the ransomware market to 87% in the first quarter of 2017, Malwarebytes Labs reports.
Facebook on Friday said it disrupted an international fake account operation that was firing off inauthentic “likes” and bogus comments to win friends it would then pound with spam.
Facebook’s security team spent six months fighting to neutralize what they saw as a coordinated campaign, according to Shabnam Shaik, a company security manager.
It’s Friday, which means it’s time for another episode of “Which Restaurant Chain Got Hacked?” Multiple sources in the financial industry say they’ve traced a pattern of fraud on customer cards indicating that the latest victim may be Shoney’s, a 70-year-old restaurant chain that operates primarily in the southern United States.
Shoney’s did not respond to multiple requests for comment left with the company and its outside public relations firm over the past two weeks.
Based in Nashville, Tenn., the privately-held restaurant chain includes approximately 150 company-owned and franchised locations in 17 states from Maryland to Florida in the east, and from Missouri to Texas in the West — with the northernmost location being in Ohio, according to the company’s Wikipedia page.
Sources in the financial industry say they’ve received confidential alerts from the credit card associations about suspected breaches at dozens of those locations, although it remains unclear whether the problem is limited to those locations or if it extends company-wide. Those same sources say the affected locations were thought to have been breached between December 2016 and early March 2017.
It’s also unclear whether the apparent breach affects corporate-owned or franchised stores — or both. In last year’s card breach involving hundreds of Wendy’s restaurants, only franchised locations were thought to have been impacted. In the case of the intrusion at Arby’s, on the other hand, only corporate stores were affected.
The vast majority of the breaches involving restaurant and hospitality chains over the past few years have been tied to point-of-sale devices that were remotely hacked and seeded with card-stealing malicious software.
Once the attackers have their malware loaded onto the point-of-sale devices, they can remotely capture data from each card swiped at that cash register. Thieves can then sell the data to crooks who specialize in encoding the stolen data onto any card with a magnetic stripe, and using the cards to buy gift cards and high-priced goods from big-box stores like Target and Best Buy.
Many retailers are now moving to install card readers that can handle transactions from more secure chip-based credit and debit cards, which are far more expensive for thieves to clone. Malware that makes it onto point-of-sale devices capable of processing chip card transactions can still intercept data from a customer’s chip-enabled card, but that information cannot later be used to create a cloned physical copy of the card.
Update, April 16, 2017, 10:05 p.m. ET: After this story was published, an Atlanta-based company called Best American Hospitality Corp. published a press release claiming responsibility for a card breach impacting dozens of Shoney’s locations. Here’s the company’s notice about this incident, which lists the locations thought to have been compromised so far.Source: KREBS ON SECURITY
Adobe and Microsoft separately issued updates on Tuesday to fix a slew of security flaws in their products. Adobe patched dozens of holes in its Flash Player, Acrobat and Reader products. Microsoft pushed fixes to address dozens of vulnerabilities in Windows and related software.
The biggest change this month for Windows users and specifically for people responsible for maintaining lots of Windows machines is that Microsoft has replaced individual security bulletins for patches with a single “Security Update Guide.”
This change follows closely on the heels of a move by Microsoft to bar home users from selectively downloading specific updates and instead issuing all monthly updates as one big patch blob.
Microsoft’s claims that customers have been clamoring for this consolidated guide notwithstanding, many users are likely to be put off by the new format, which seems to require a great deal more clicking and searching than under the previous rubric. In any case, Microsoft has released a FAQ explaining what’s changed and what folks can expect under the new arrangement.
By my count, Microsoft’s patches this week address some 46 security vulnerabilities, including flaws in Internet Explorer, Microsoft Edge, Windows, Office, Visual Studio for Mac, .NET Framework, Silverlight and Adobe Flash Player.
At least two of the critical bugs fixed by Microsoft this month are already being exploited in active attacks, including a weakness in Microsoft Word that is showing up in attacks designed to spread the Dridex banking trojan.
Finally, a heads up for any Microsoft users still running Windows Vista: This month is slated to be the last that Vista will receive security updates. Vista was first released to consumers more than ten years ago — in January 2007 — so if you’re still using Vista it might be time to give a more modern OS a try (doesn’t have to be Windows…just saying).
As it is wont to do on Microsoft’s Patch Tuesday, Adobe pushed its own batch of security patches. The usual “critical” update for Flash Player fixes at least seven flaws. The newest version is v. 220.127.116.11 for Windows, Mac and Linux systems.
As loyal readers here no doubt already know, I dislike Flash because it’s full of security holes, is a favorite target of drive-by malware exploits, and isn’t really necessary to be left installed or turned on all the time anymore.
Hence, if you have Flash installed, you should update, hobble or remove Flash as soon as possible. To see which version of Flash your browser may have installed, check out this page.
The smartest option is probably to ditch the program once and for all and significantly increase the security of your system in the process. An extremely powerful and buggy program that binds itself to the browser, Flash is a favorite target of attackers and malware. For some ideas about how to hobble or do without Flash (as well as slightly less radical solutions) check out A Month Without Adobe Flash Player.
If you choose to keep Flash, please update it today. The most recent versions of Flash should be available from the Flash home page. Windows users who browse the Web with anything other than Internet Explorer may need to apply this patch twice, once with IE and again using the alternative browser (Firefox, Opera, e.g.).
Chrome and IE should auto-install the latest Flash version on browser restart (users may need to manually check for updates in and/or restart the browser to get the latest Flash version). Chrome users may need to restart the browser to install or automatically download the latest version. When in doubt, click the vertical three dot icon to the right of the URL bar, select “Help,” then “About Chrome”: If there is an update available, Chrome should install it then.
Adobe also issued security fixes for its Photoshop, Adobe Reader and Acrobat software packages. The Reader/Acrobat updates address a whopping 47 security holes in these products, so if you’ve got either program installed please take a moment to update.
As ever, please leave a note in the comment section if you run into any difficulties downloading or installing any of these patches.Source: KREBS ON SECURITY