Select Page
Landry’s Restaurant Chain Suffers Payment Card Theft Via PoS Malware

Landry’s Restaurant Chain Suffers Payment Card Theft Via PoS Malware

Landry’s, a popular restaurant chain in the United States, has announced a malware attack on its point of sale (POS) systems that allowed cybercriminals to steal customers’ payment card information.

Landry’s owns and operates more than 600 bars, restaurants, hotels, casinos, food and beverage outlets with over 60 different brands such as Landry’s Seafood, Chart House, Saltgrass Steak House, Claim Jumper, Morton’s The Steakhouse, Mastro’s Restaurants, and Rainforest Cafe.

According to the breach notification published this week, the malware was designed to search for and likely steal sensitive customer credit card data, including credit card numbers, expiration dates, verification codes and, in some cases, cardholder names.

images from Hacker News

The Ultimate Guide to Ethical Hacking | What You Need to Know in 2020

The Ultimate Guide to Ethical Hacking | What You Need to Know in 2020

Hacking has a negative reputation, but some hackers are making the internet a better, safer place. Whether they use their powers for good or evil, hackers have some serious skills.

But can hacking really be a good thing? What is ethical hacking and how is it different from other kinds of hacking? Who are ethical hackers and how do you get started as one? And why would a company willingly say yes to being hacked?

images from VPN Mentor

14 Ways to Evade Botnet Malware Attacks On Your Computers

14 Ways to Evade Botnet Malware Attacks On Your Computers

Cybercriminals are busy innovators, adapting their weapons and attack strategies, and ruthlessly roaming the web in search of their next big score.

Every manner of sensitive information, such as confidential employee records, customers’ financial data, protected medical documents, and government files, are all subject to their relentless threats to cybersecurity.

Solutions span a broad spectrum, from training email users to ensuring a VPN kill switch is in place, to adding extensive advanced layers of network protection.

To successfully guard against severe threats from hackers, worm viruses to malware, such as botnet attacks, network managers need to use all tools and methods that fit well into a comprehensive cyber defense strategy.

Of all the menaces mentioned above to a website owner’s peace of mind, botnets arguably present the most unsettling form of security risk. They’re not the mere achievements of malicious amateur cybercriminals.

They’re state-of-the-dark-art cyber-crafts. What’s most rattling about them, perhaps, is their stealth, their ability to lurk around seeking vulnerabilities to exploit invisibly.

How Do Botnets Work?

Proliferating botnets is not one of the more straightforward strategic hacking weapons. Botnets are subtle data-extracting malware. They infiltrate networks, unauthorisedly access computers, and allow malware to continue operating without disruption for users, while they steal data and funnel it outside the victim network and into awaiting “botmasters,” evading detection throughout the process.

What Can You Do to Stop Botnets?

The front line of cyber defense has got to be manned by people — real people working at their computers, doing their everyday tasks in the office.

The best defense against ever-evolving threats is to educate the users who are the perpetrators’ prime targets. These particular front lines span the spectrum of web interactions, from email to social media.

It’s recommended to implement a strategy that incorporates as many of the following approaches, from some basics to more sophisticated solutions, as practicable for your organization:

images from Hacker News

Drupal Warns Web Admins to Update CMS Sites to Patch a Critical Flaw

Drupal Warns Web Admins to Update CMS Sites to Patch a Critical Flaw

If you haven’t recently updated your Drupal-based blog or business website to the latest available versions, it’s the time.

Drupal development team yesterday released important security updates for its widely used open-source content management software that addresses a critical and three “moderately critical” vulnerabilities in its core system.

Considering that Drupal-powered websites are among the all-time favorite targets for hackers, the website administrators are highly recommended to install the latest release Drupal 7.69, 8.7.11, or 8.8.1 to prevent remote hackers from compromising web servers.

Critical Symlinks Vulnerability in Drupal

The only advisory with critical severity includes patches for multiple vulnerabilities in a third-party library, called ‘Archive_Tar,’ that Drupal Core uses for creating, listing, extracting, and adding files to tar archives.

The vulnerability resides in the way the affected library untar archives with symlinks, which, if exploited, could allow an attacker to overwrite sensitive files on a targeted server by uploading a maliciously crafted tar file.

Due to this, to be noted, the flaw only affects Drupal websites that are configured to process .tar, .tar.gz, .bz2, or .tlz files uploaded by untrusted users.

According to Drupal developers, a proof-of-concept exploit for this vulnerability already exists and considering the popularity of Drupal exploits among hackers, you may see hackers actively exploiting this flaw in the wild to target Drupal websites.

Moderately Critical Drupal Vulnerabilities

Besides this critical vulnerability, Drupal developers have also patched three “moderately critical” vulnerabilities in its Core software, brief details of which are as follows:

  • Denial of Service (DoS): The install.php file used by Drupal 8 Core contains a flaw that can be exploited by a remote, unauthenticated attacker to impair the availability of a targeted website by corrupting its cached data.
  • Security Restriction Bypass: The file upload function in Drupal 8 does not strip leading and trailing dot (‘.’) from filenames, which can be used by an attacker with file upload ability to overwrite arbitrary system files, such as .htaccess to bypass security protections.
  • Unauthorized Access: This vulnerability exists in Drupal’s default Media Library module when it doesn’t correctly restrict access to media items in certain configurations. Thus, it could allow a low-privileged user to gain unauthorized access to sensitive information that is otherwise out of his reach.

According to the developers, affected website administrators can mitigate the access media bypass vulnerability by unchecking the “Enable advanced UI” checkbox on /admin/config/media/media-library, though this mitigation is not available in 8.7.x.

images from Hacker News

British Hacker Accused of Blackmailing healthcare Firms Extradited to U.S.

British Hacker Accused of Blackmailing healthcare Firms Extradited to U.S.

A British man suspected to be a member of ‘The Dark Overlord,’ an infamous international hacking group, has finally been extradited to the United States after being held for over two years in the United Kingdom.

Nathan Francis Wyatt, 39, appeared in federal court in St. Louis, Missouri, on Wednesday to face charges related to his role in hacking healthcare and accounting companies in the U.S. and then threatening to publish stolen information unless victims paid a ransom in Bitcoin.

According to a court indictment unsealed yesterday, Wyatt faces one count of conspiracy, two counts of aggravated identity theft and three counts of threatening to damage a protected computer.

However, the suspect has not yet pledged guilty to any of the charges in the U.S. federal court, where he appeared after fighting for 11 months to avoid being extradited from Britain.

Cyber Attacks by The Dark Overlord Group

British police first arrested Wyatt in September 2016 during an investigation into the hacking of an iCloud account belonging to Pippa Middleton, the younger sister of the British royal family member Duchess of Cambridge, and stealing 3,000 images of her.

Though he was released in that case without charge due to lack of evidence, Wyatt was again arrested in September 2017 over hacking companies, credit card fraud, and blackmail schemes.

The indictment does not name the companies allegedly attacked by The Dark Overlord hacking group between February 2016 and June 2017 but says the victims include multiple healthcare providers and accounting firms in Missouri, Illinois, and Georgia states.

However, the Dark Overload is the same hacking crew that previously has been attributed to a number of hacking attacks, including leaking 10 unreleased episodes of the 5th season of ‘Orange Is The New Black‘ series from Netflix and hacking Gorilla GlueLittle Red Door cancer service agency, among others.

The Dark Overlord Threatened Victims and their Relatives

According to the press release published by the Justice Department, Wyatt created and operated the email and phone accounts to threaten the compromised organizations to extort money, and in case victims refused to pay, Wyatt harassed and threatened their relatives.

images from Hacker News