We publish this weekly threat intelligence brief keep you informed on the latest security incidents and threats. For security news throughout the day, follow us on Twitter. Subscribe to our blog to stay up-to-date on findings from our analyst research reports!
“[Scottrade] announced Friday that it suffered a security breach over a period of several months from late 2013 to early 2014, affecting approximately 4.6 million customers. But in a statement, Scottrade said it had no idea that the breach had occurred until law enforcement officials told them about it. […] The FBI notified Scottrade of the breach in August but asked that the company hold off on disclosing the attack until it had wrapped up another part of its investigation. The company was cleared to disclose the breach at the end of last week and began informing customers Friday.”
– PC World
“Kmart has employed IT forensic investigators after the personal details of its online customers were hacked. The Wesfarmers-owned company said no customer credit card or other payment details have been compromised, however, customer’s names, email addresses, home addresses, telephone numbers, and product purchase details had been accessed in an “external privacy breach” in early September.”
“The Dyreza trojan has recently re-emerged in a new and frightening way. Proofpoint, a California-based security company, has released new research showing that the infamous Dyreza Trojan has taken new aim at the IT supply chain. Its research shows 20 organisations involved in physical IT have been targeted, and listen in the trojan’s configuration files. This news comes just after Salesforce.com warned its customers earlier this month that the Dyreza trojan may be targeting its customers.”
“The government stored sensitive personal information on millions of health insurance customers in a computer system with basic security flaws, according to an official audit that uncovered slipshod practices. The Obama administration said it acted quickly to fix all the problems identified by the Health and Human Services inspector general’s office. But the episode raises questions about the government’s ability to protect a vast new database at a time when cyberattacks are becoming bolder. Known as MIDAS, the $110-million system is the central electronic storehouse for information collected under President Barack Obama’s health care law.”
– Star Tribune