In this week's issue: the Syrian Electronic Army claims responsibility for the U.S. Army Hack, a strain of POS malware could target any POS system, Eataly NYC confirms data breach, Kaspersky Lab hacked And this week's Rippleshot content, we recap Of The 2015 Ponemon Institute Cost Of A Data Breach Study.
The US Army’s official website was the target of a cyber attack earlier this week, affecting everyday access. A message was placed on to the army’s official website, denouncing the US government’s training of rebel fighters in Syria. Shortly after the news broke, the Syrian Electronic Army claimed responsibility for the hack. Army officials confirmed that while the website had to be temporarily shut down, there was no confidential or personal information stored on site. This is not the first time that the pro-Syrian regime has claimed responsibility for cyber attacks targeted at organizations critiquing the Syrian regime.
Analysts at Trend Micro identified a new strain of malware that has the potential to target any point-of-sale(POS) system. Known as MalumPOS, this strain of malware targets data from POS systems running on Oracle MICROS. Currently, there are 330,000 customer sites around the world that use Oracle MICROS.
The majority of these sites are located in the United States, primarily in the food, beverage, hospitality and retail industries. According to the Trend Micro analysts, MalumPOS is a POS RAM scraper that searches for credit card data while avoiding detection by disguising itself as a “NVIDIA Display Drive.” For more information MalumPOS and its characteristics, check out Trend Micro’s technical brief.
The international food market Eataly confirmed that it was the victim of a data breach, compromising the payment data of its customers. In a statement issued by the company, it appears that only Eataly’s NYC location was affected by the data breach. Eataly states that the data breach took course over a four-month period between January and April of this year. Because Eataly does not store sensitive payment information on its systems, the retailer believes that the data theft took place in real time.
One of the leading antivirus and cybersecurity firms announced that it was the latest victim of a cyberattack, compromising the firm’s network systems. The cybersecurity firm stated that the attack was detected earlier this year and was described as “one of the most sophisticated campaigns ever seen.” Kaspersky Lab believes that while the attack was carried out successfully, the compromised files did not hamper any of the firm’s major products. During a press conference, Eugene Kaspersky could not provide a concrete explanation as to why this attack was carried out due to the nature of the security incident.
The latest edition of the Ponemon Institute Cost Of A Data Breach Study was released thanks to collaboration between the Ponemon Institute and IBM. Last week, the two organizations hosted a webinar covering the global and U.S. results led by David Puzas of IBM and Dr. Larry Ponemon of the Ponemon Institute. We highly recommend downloading the report for detailed insights into the true cost of a data breach and the underlying factors that coincide with a breach. In the meantime, we’ve recapped some of the key takeaways and findings in this week’s blog post.
SHARING IS CARING. TO GET YOUR FRIENDS AND COWORKERS SUBSCRIBED, SEND THEM HERE.