Advertisements

Blog Archives

Most Chipotle restaurants hacked with credit card stealing malware

The company first acknowledged the breach on April 25. But a blog post on Friday revealed the kind of malware used in the attack and the restaurants that were affected.

The list of attacked locations is extensive and includes many major U.S. cities. When CNNMoney asked the company Sunday about the scale of the attack, spokesman Chris Arnold said that “most, but not all restaurants may have been involved.”

Chipotle (CMG) said in its blog post that it worked with law enforcement officials and cybersecurity firms on an investigation.

The breaches happened between March 24 and April 18. The malware worked by infecting cash registers and capturing information stored on the magnetic strip on credit cards, called “track data.” Chipotle said track data sometimes includes the cardholder’s name, card number, expiration date and internal verification code.

The company said there is “no indication” that other personal information was stolen.

“During the investigation we removed the malware, and we continue to work with cyber security firms to evaluate ways to enhance our security measures,” the blog post reads.

A list of the restaurants and times they were affected can be found on Chipotle’s website.

The company recommended that customers scan their credit card statements for potentially fraudulent purchases. It also said victims should contact the Federal Trade Commission, the attorney general in their home states or their local police department.

Advertisements

Sony hackers dump more chunks of stolen data, promise another ‘Christmas gift’

Sony Pictures

The Guardians of Peace, the hackers who plundered Sony Pictures’ servers, has leaked more data swiped from the movie studio – and threatened a bigger document dump in the run up to Christmas in a set of sinister messages.

It comes amid claims the Sony subsidiary’s bosses knew its systems had been hacked, and sensitive information leaked, in late 2013.

 “We are preparing for you a Christmas gift,” said the first message, which was briefly posted on Pastebin and Friendpaste on Saturday, stating: “The gift will be larger quantities of data. And it will be more interesting. The gift will surely give you much more pleasure and put Sony Pictures into the worst state.”

The message included torrent links to a new 6.45GB archive of uncompressed data titled “My Life At The Company – Part 2,” according an analysis by consultancy Risk Based Security. The archive contains 6,560 files in 917 folders.

The message also included five anonymous email addresses for people to send in requests for what data should be released next.

The postings were taken down quickly “for legal reasons,” as Friendpaste put it. Given Sony’s legal barrage against the media, threatening dire financial penalties if any more of the leaked data is reported, both sites presumably thought it prudent to pull the plug.  Read More

The State of IT Security

Read More

Microsoft’s Tough Friday: Software giant battles hackers, malware, and a cloud outage

While workers at many companies were ending their work week Friday, Microsoft techs were scrambling to put out operational fires.

Late on Friday afternoon, Microsoft discovered that its worldwide Azure cloud service had gone offline when an expired security certificate prevented users from accessing the network.

Meanwhile, the company also discovered that a malware infection already discovered on internal computers at Facebook, Apple, and Twitter had crept into its in-house systems, too.

Azure fails

All encrypted traffic on Azure was disrupted when an SSL certificate expired, Microsoftexplained at a company website. Unencrypted traffic was unaffected by the certificate snafu, the company added.

microsoft azure

Service was almost totally restored by Saturday morning.

While the outage caused lots of grumbling on Microsoft’s online forums, contributor Brian Reischl accepted the mishap with a wry sense of humor.

“Might want to fix that, ASAP,” he wrote after a “certificate expired” message appeared on his computer screen. “It also wouldn’t hurt to put a sticky note on someone’s monitor so they remember to update that before it expires next time.

Outages aren’t new to Azure users. A year ago, the system went down. A certificate was the root cause of that outage, too. In addition, Western European users lost service due to a configuration issues in July 2012.  Read More

Commercial enterprises are putting our critical infrastructure at risk

Cybercriminals have already figured out how to hack into enterprise infrastructure, and the critical infrastructure that controls our nation’s supply of water, gas, oil and electricity just might be next.

With so many connections and shared vulnerabilities between the two infrastructures, the inevitability of this is unsettling. If the critical infrastructure is successfully penetrated, electrical grids could be shut down, water supplies could be turned off, telecommunications channels could be severed, and transportation systems could come to a halt. Take the electrical grid offline and massive numbers of power-reliant entities could grind to a halt, including everything from banks to hospitals.

 

Each day brings media attention to yet another breach, but it seems we are unable to make headway on the security front. It’s certainly not from a lack of resources; we have plenty of technology, standards, and regulations to draw upon.

It seems to boil down to the fact that we continue to do stupid things. We still write insecure code. We still don’t patch our systems. We still don’t control user rights properly. We still use the same usernames and passwords across multiple accounts throughout both our personal and business worlds. And, you guessed it — these passwords we use aren’t even managed well. It’s no wonder corporations continue to get hacked.

But what we should be most concerned about is that our two infrastructures — the private/commercial/enterprise infrastructure and the critical/industrial/utility infrastructure — are interconnected in many ways, and security weaknesses within either therefore put both at risk.  Read More

%d bloggers like this: