According to HIPAA Journal, pharmacy chain Rite Aid recently discovered that unauthorized third parties accessed the online store’s e-commerce platform and acquired personal information of customers who entered their payment card details at the online store. An investigation into the breach revealed that access to the platform was first gained on January 30, 2017, and continued until April 11, 2017, when the intrusion was detected and unauthorized access was blocked.
Presently, it is unclear exactly how many individuals have been impacted by the breach. The pharmacy is working with credit card companies and offering affected individuals a full year of free credit monitoring.
A 7-year-old critical remote code execution vulnerability has been discovered in the Samba networking software. The remote code execution vulnerability (CVE-2017-7494) affects all versions newer than Samba 3.5.0. In the wake of WannaCry, the critical new flaw could allow a remote attacker to take control of an affected Linux and Unix machines.
Security experts say that the flaw is trivial to exploit. However, Samba is so widely used that a network worm could really have a field day exploiting this vulnerability. The U.S. Computer Emergency Response Team (US-CERT) recommends users and administrators to immediately apply the patch or workarounds.
References: 7-Year-Old Samba Flaw Lets Hackers Access Thousands of Linux PCs Remotely | Samba Patches Wormable Bug Exploitable With One Line Of Code | Patch The Samba Bug Before a Network Worm Exploits It
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.