Scottrade Bank, a subsidiary of Scottrade Financial Services, Inc., recently secured a MSSQL database containing sensitive personal information on at least 20,000 customers that was inadvertently left exposed to the public. The exposed database had no encryption and included information such as Social Security Numbers, names, addresses, phone numbers, and other information that one would expect a bank to possess.
Scottrade Bank released a statement that said they are working with Federal law enforcement to investigate the theft and believe that contact information was the primary goal of those responsible for compromising the database where the data was stored.
References: Scottrade Bank Data Breach Exposes 20,000 Customer Records | Scottrade Bank Data Breach Exposes 20,000 Customers' Personal Information | Scottrade Bank Data Breach Exposes 20,000 Customer Records
Russian cyber espionage group, referred to as APT29, are using a stealthy backdoor to get access to a victim environment. This new spyware technique is being called POSHSPY. POSHSPY leverages two of the tools the group frequently uses: PowerShell and Windows Management Instrumentation (WMI). APT29 deploys POSHSPY as a secondary backdoor for use if they lost access to their primary backdoors. As stealthy as POSHSPY can be, it comes to light quickly if you know where to look.
References: Dissecting One of APT29’s Fileless WMI and PowerShell Backdoors (POSHSPY) | POSHSPY Ensures Permanent Access to Targeted Systems | APT29 Uses Stealthy Backdoor to Maintain Access to Targets
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.