Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).
Bash “Shellshock” Bug Rivals Heartbleed in Cyber Threat Severity (PhishLabs)
The recently discovered bug, Shellshock, also known as the “bash bug” was made public on September 24, 2014, causing widespread anxiety as bug patches failed to remediate all vulnerabilities. Essentially, the vulnerability allows for remote execution of arbitrary commands on web servers and computers with no authentication required.
Signature Systems Blamed in Jimmy John’s Breach (Krebes on Security)
Signature Systems Inc., the point-of-sale vendor blamed for a credit and debit card breach involving some 216 Jimmy John’s sandwich shop locations, now says the breach also may have jeopardized customer card numbers at nearly 100 other independent restaurants across the country that use its products.
Hackers Want Your Medical Information (Fox Business)
Last month, the FBI warned healthcare providers to guard against cyber attacks after one of the largest U.S. hospital operators, Community Health Systems Inc, said Chinese hackers had broken into its computer network and stolen the personal information of 4.5 million patients. Your medical information is worth 10 times more than your credit card number on the black market.
jQuery Official Website Compromised To Serve Malware (The Hacker News)
TripAdvisor's Viator Suffers Payment Card Data Breach, 1.4 Million Affected (Security Week)
Viator, the tour-booking company acquired this summer by TripAdvisor for $200 million, is notifying roughly 1.4 million customers that their payment card data and personal details might have been compromised following a data breach.