IT Security Rewind: The Week of May 9


by Josh Arrington

Welcome back to our weekly “IT Security Rewind” blog series. If there is one thing that IT security professionals know all too well, it’s that there is no such thing as a “slow week.” So while we didn’t witness a series of spectacular breaches as seems to have been the norm over the past few weeks, one in particular is making us think twice before swiping our credit cards through a store’s PIN pad! Here are our top three security stories from the week of May 9:

A scrapbook that drains your bank account?: When news broke that debit and credit card numbers and PINs had been stolen through PIN-pad tampering at Michael’s, a national fabric retailer based in Irving, Texas, original reports indicated that the breach impacted only Chicago-area stores. But as is often the case, this week Michael’s reported that about 90 PIN pads at stores located throughout the US have allegedly been tampered with. The root cause of the attack is still under investigation—was it simple skimming through the use of an electronic device, or is it possible to implant malware on such a device through a network hack? We’ll certainly be watching for additional details on this story as they are uncovered.

  • More SCADA Security Flaws: It is never a good thing when “vulnerabilities” are included in the same sentence as “critical infrastructure.” According to ThreatPost, the “U.S.’s Computer Emergency Response Team (CERT) issued a warning to critical infrastructure firms on Wednesday about a serious security hole in products from Massachusetts firm Iconics that could leave critical systems vulnerable to remote attacks.” ThreatPost and other outlets reported that the vulnerability “can allow malicious code to run with the privileges of the current user.” Very much in the same vein as Stuxnet, we continue to see companies in the electricity, oil and gas, manufacturing and water treatment sectors emerging as the focus of targeted attacks.
  • Hacking a CMS? A Help Net Security report uncovered a new vulnerability in Exponent CMS that could enable hackers to “create an arbitrary user with administrative privileges if a logged-in administrative user visits a malicious web site.” Could privileged identity management technology play a role in mitigating this threat? Either way, here is another potentially damaging flaw that could “conduct cross-site request forgery attacks and disclose sensitive information.”

Check back here again soon for next week’s IT Security Rewind, and as always, let us know your take on the news.

Leave a Reply

Your email address will not be published. Required fields are marked *

You must be logged in to post a comment.