Krebs on Security: Credit Card Breach at Buckle Stores

Krebs on Security: Credit Card Breach at Buckle Stores. “On Friday morning, KrebsOnSecurity contacted The Buckle after receiving multiple tips from sources in the financial industry about a pattern of fraud on customer credit and debit cards which suggested a breach of point-of-sale systems at Buckle stores across the country. Later Friday evening, The Buckle Inc. released a statement saying that point-of-sale malware was indeed found installed on cash registers at Buckle retail stores, and that the company believes the malware was stealing customer credit card data between Oct. 28, 2016 and April 14, 2017.”

Bleeping Computer: CIA Malware Can Switch Clean Files With Malware When You Download Them via SMB

Bleeping Computer: CIA Malware Can Switch Clean Files With Malware When You Download Them via SMB. “After taking last week off, WikiLeaks came back today and released documentation on another CIA cyberweapon. Codenamed Pandemic, this is a tool that targets computers with shared folders, from where users download files via SMB. The way Pandemic works is quite ingenious and original, and something not seen before in any other malware strain.”

Kmart Credit Card Breach: What You Need to Know (NBC News)

NBC News: Kmart Credit Card Breach: What You Need to Know. “Another day, yet another retail security breach. Embattled retailer Sears said on Wednesday it found a security breach involving ‘unauthorized’ credit card activity following some customer purchases at its Kmart stores. It’s the second major security breach for the retailer in under three years.”

USA Today: Chipotle says malware hack stole customer payment info

Sigh. USA Today: Chipotle says malware hack stole customer payment info . “Chipotle Mexican Grill on Friday said new information on a March-April data breach at its restaurants indicates hackers using malware stole customer payment information. Consumers’ account numbers, expiration data and verification codes were accessed by the malware from payment card systems at the fast-casual chain over three weeks between March 24 and April 18. Chipotle said the malware that breached its system has been removed. Most of its 2,249 restaurants were affected, said company spokesperson Chris Arnold.”

Wired: A WannaCry Flaw Could Help Some Windows XP Victims Get Files Back

Wired: A WannaCry Flaw Could Help Some Windows XP Victims Get Files Back. “Since the WannaCry ransomware ripped through the internet late last week, infecting hundreds of thousands of machines and locking up critical systems from health care to transportation, cryptographers have searched for a cure. Finding a flaw in WannaCry’s encryption scheme, after all, could decrypt all those systems without any ransom. Now one French researcher says he’s found at least a hint of a very limited remedy.”

Hacker: Patient data of 500,000 children stolen from pediatricians (Healthcare IT News)

This is from the beginning of May; I apparently missed it. From Healthcare IT News: Hacker: Patient data of 500,000 children stolen from pediatricians. “The patient records of about 500,000 children are up for grabs on the dark web, a hacker named Skyscraper told DataBreaches.net on Wednesday. These records contain both child and parent names, Social Security numbers, phone numbers and addresses. DataBreaches didn’t name the breached organizations but also said that another 200,000 records were stolen from elementary schools.”