Bitstamp, which is a bitcoin exchange, suffered a breach resulting in a loss of 18,977 bitcoins ($5.3 million). The attack was a sophisticated spear-phishing attack and included Skype and a Microsoft Word Macro.
Trump Hotel Properties was victim of a card data breach at multiple locations. It is likely that malware is to blame.
FFIEC released a Cybersecurity Assessment Tool to help financial institutions assess and mitigate current and future cybersecurity risks.
A former hospital worker of Montefiore Medical Center stole patient data and sold the patient records. Stolen data was utilized to open up store credit card accounts.
LOT, a Polish airline, fell victim to an attack that affected ground-control systems. Flight plans could not be issued; therefore, flights were cancelled for 1,400 passengers.
Lisa Traina shares the top 5 cybersecurity risks for CPAs in the AICPA CPA Insider.
FBI is currently investigating an attack on the Houston Astros. Allegations are that the St. Louis Cardinals franchise hacked into the Houston Astros databases and stole sensitive information.
ClearXchange is a bank-owned digital payments network that will be live by the end of 2015. The member financial institutions will be able to offer real-time payments to their customers. This technology will not be limited to member institutions.
The cloud based password manager, LastPass, suffered a security breach. The CEO stated “The investigation has shown, however, that LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised.”
OPM reports that 4.2 million current federal employees and 10 million former federal employees and contractors have been affected by the breach. Data includes extremely personal and sensitive information. This is the second breach for OPM in the past year.
Kaspersky Lab discovered a new advanced persistent threat, Duqu 2.0. Kaspersky was a victim of this new attack, which began by exploiting a zero-day Windows vulnerability.
Eataly experienced a POS breach at its New York location. The breach affected transactions occurring in the first quarter 2015. Unlike other restaurants breaches, Eataly’s card data was intercepted in transit to the processor.
U.S. Army’s website was defaced with propaganda from the Syrian Electronic Army. Attackers gained access to the website control panel most likely via a phishing attack or brute force.
Cyber-insurer, Columbia Casualty, is suing its own client, Cottage Health, for reimbursement of payments. Columbia Casualty is now claiming that Cottage Health “failed to follow minimum required practices”.
Breach of the U.S. Office of Personnel Management systems may have exposed personally identifiable information of 4 million current and former government employees.
Heartland has reported a breach due to physical theft. Several systems were stolen and one of these systems may have stored “Social Security number and/or bank account information processed for [customers’] employer.” The previous data breach in 2008 involved a breach of card data.
Beacon Health System is a healthcare provider organization based out of South Bend, Indiana. Employees fell victim to phishing attacks and hackers were able to gain access to email accounts that contained patient information. This breach affected 220,000 patients.
A vulnerability has been discovered in the linux kernel driver, NetUSB, which is widely used in many routers. So far 26 vendors have been identified so far as using this driver. If the vulnerability is exploited, attackers can conduct DoS attacks or remote code execution.
New malware, Linux/Moose, is targeting Linux routers by gaining access to the router via brute-force attacks. So far Moose has only been used for fraudulent social networking actions, such as “like” and “follow”; however, attackers may begin to perform more sinister actions.
100,000 taxpayer accounts were breached via the IRS Get Transcript service. Taxpayers’ transcripts were accessed after hackers authenticated to the system using the service’s multi-step authentication process. Several pieces of personal information were utilized to successfully authenticate to the system. It is likely that the attackers acquired the personal data utilized in this breach from a previous data breach unrelated to the IRS.
1.1 million individuals affected in the recent database breach of BlueCross Blue Shield. Details on the methods used by the attackers have not been released. Data included user names, names, birth dates, email addresses and subscriber identification numbers.
20-year-old flaw in TLS discovered. TLS protects data during transmission over the Internet from eavesdropping. This includes websites, mail servers and VPNs.
Anyone hosting a web server or mail server “should disable support for export cipher suites and generate a unique 2048-bit Diffie-Hellman group”. Make sure your vendors are aware and taking appropriate action. You can test your server here. Everyone should apply appropriate patches to their web browsers.
Attackers gained access to the DNS records for the St. Louis Federal Reserve Bank’s website and redirected users accessing research.stlouisfed.org. The fake site resembled the actual website to trick users into disclosing credentials and/or downloading malware. Details of the actual intent of the fake site have not been released.
40,000 small office/home office routers have been infected with malware in the form of botnets. The botnets now are used for DDoS attacks. The routers were infected using default administrative login credentials that were never changed.
Penn State University is the latest victim of cyberattacks. The cyberattacks have been going on for at least two years and have targeted the College of Engineering. Investigations are still underway, but they have concluded that usernames and passwords have been compromised. Research universities have become a target due to the sensitive information and intellectual property they hold.
New zero-day vulnerability has been identified today. Attackers can exploit the vulnerability that exists in the open-source QEMU hypervisor. By doing so they can break out of the affected virtual machine and have access to the physical server and the other virtual machines. QEMU is utilized in some capacity in other more widely used virtualization products such as Xen, KVM (kernel-based virtual machine) and Oracle VM VirtualBox. Venom will be extremely detrimental for data centers.
Not affected: VMware, Microsoft Hyper-V, and Bochs hypervisors.
The technology of Apple Pay has not been exploited; however, weaknesses in setting up Apple Pay do exist. The first method, reported earlier this year, involved fraudsters setting up stolen credit cards on Apple Pay due to weak or non-existent customer authentication methods. Now fraudsters are continuing this practice; however, this time they are using out-of-band authentication methods, such as verification by phone. The fraudsters are porting phone numbers, most commonly customers’ landlines.
MasterCard and Target have reached an agreement that Target will reimburse MasterCard $19 million. Banking institutions attempted to block this settlement; however, that motion has been denied. May 20th is the deadline for card issuers to agree to the payout.
A class action lawsuit against eBay has been dismissed due to lack of evidence proving “economic damages” and “actual identity theft”. The breach included ebay users’ encrypted passwords, names, email addresses, mailing address, phone numbers and dates of birth.
Sally Beauty Supply is currently investigating a new data breach. Could this be the same malware that caused the first data breach in 2014 or is this a new incident?