Debenhams, a UK Retailer, made public of a recent breach on their Flowers website, resulting in compromised personal data on over 26,000 customers. Payment details, names, and addresses of the individuals were leaked due to a targeted attack on Ecomnova, a third-party e-commerce portal used for the flowers and gifting business. Debenhams released a communication detailing the steps the company has taken since the breach as well as steps that customers should follow, from cautioning users of future phishing attacks to periodic reviews on bank statements.
The breach occurred sometime between February 24 and April 11 and the site has been offline since. Chief executive Sergio Bucher stated that a full investigation had started once the breach was discovered. This case stresses the importance of assessing cybersecurity risk with third-party vendors. Customers of the main site, Debenhams.com, were not affected by this breach.
A new IoT botnet has been discovered, and it’s called Persirai. Following suit just after Marai, an IoT malware in October 2016 that brought down many large internet and online services, Persirai’s focus is on web-connected cameras. Researchers claimed this new IoT botnet is targeting over a thousand different IP camera models, ultimately introducing malware vulnerabilities to over 122,000 web-connected cameras.
Due to the ease of use and connectivity, IP cameras are highly visible targets for IoT malware because of the Universal Plug and Play (UPnP) protocol. Attackers can access the vulnerable interface on these devices to download and execute the malicious shell scripts. Once executed, the malware can delete itself and run only on memory to avoid detection, as well as block the zero-day exploits it uses to prevent other attackers from hitting the same target.
Researchers are still tracing back the origins of this malware but have found special Persian characters in the code.
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.