News briefs February 2016
» After reporting in December that it had found malware on the computers operating the company's payment processing systems, Chicago-based Hyatt Hotels Corp. listed 250 hotels that could have exposed information stored on its payment cards, including cardholder names, payment card numbers and internal verification codes and expiration dates. Most cards were used at Hyatt restaurants.
»Tax preparation software company TaxAct found evidence that certain accounts were entered last year between Nov. 10 and Dec. 4. The attacker viewed and possibly copied or printed stored tax returns and thus had access to Social Security numbers, addressed, names, driver's license numbers and bank account information.
»Symantec reported the worldwide infection of 3,500 public servers with a malicious script that redirects victims to other compromised websites that could be used to download malware and which the company said could be part of a recon effort for future attacks.
»The hacking group Phantom Squad claimed responsibility for a distributed denial of service (DDoS) attack that brought down Sony's PlayStation Network offline worldwide for most of January 4. The group tweeted, “#psn #offline #off for some users. We are back for some action!”
»Cybersecurity solutions firm Fortinet has taken a proactive ‘sharing with the group' approach to dealing with confirmed vulnerabilities that have surfaced across its product line. The firewall and network security company has been open about the technical details of recent events, but perhaps less keen to label the exact nature of the dangers that may have been uncovered.
»Cisco released an advisory statement explaining that its chat client Jabbar is currently vulnerable to a man-in-the-middle attack. Found in the Windows client of Jabbar, the vulnerability could allow an unauthenticated, remote attacker to perform a STARTTLS downgrade attack.
»Scammers are once again using fake emails from the Internal Revenue Service to launch attacks. The latest phishing campaign, discovered by researchers at Heimdal Security, claims to inform recipients of a refund notification from the IRS. The emails deliver a very different kind of payload: an attachment that activates Windows PowerShell to download Kovter and CoreBot.
» On BlackBerry's corporate blog, the mobile phone manufacturer said it did not have any details about the specific devices that the Dutch police said had been decrypted. “If such an information recovery did happen, access to this information from a BlackBerry device could be due to factors unrelated to how the BlackBerry device was designed, such as user consent, an insecure third-party application, or deficient security behavior of the user,” the company wrote.
»Hurley Medical Center in Flint, Mich., was hit by a cyberattack January 24, one day after the hacktivist group Anonymous threatened in a YouTube video to take action for the city's water crisis. A hospital spokeswoman said patient care was not compromised and said officials were closely monitoring all systems to ensure that IT security is consistently maintained.