Sonic Drive-In Hit by Security Breach

This week, the Alert Logic team highlights the Security Breach at Sonic Drive-In and an Easy-to-Exploit Flaw.

Data Breach

Sonic Drive-In Hit by Security Breach

Sonic Drive-In, a fast-food chain with 3,600 restaurants in 45 states, has acknowledged a breach affecting an unknown number of Sonic cash registers, known today as point-of-sale terminals. About 5 million credit card numbers were recently put up for sale on a shadowy underground online network.

Unknown at this point is whether the breach affected only a small portion of Sonic Drive-In sites or the entire chain.

References: Sonic Drive-In Hit by Massive Credit Card Breach | Sonic Drive-In Hack | Sonic’s Stock Plunges After Credit Card Hack That Could Affect Millions

 

Mitigation Strategies:

Malware

Easy-to-Exploit Flaw Resurfaces as High-Risk

A bug in Linux kernel that was discovered two years ago, but was not considered a security threat at that time, has now been recognized as a potential local privilege escalation flaw Identified as CVE 2017 1000253. Since it was not recognized as a serious bug at that time, the patch for this kernel flaw was not backported to long-term Linux distributions in kernel 3.10.77.

However, researchers have now found that this vulnerability could be exploited to escalate privileges and it affects all major Linux distributions, including Red Hat, Debian, and CentOS.

References: Patch Alert! Easy-to-Exploit Flaw in Linux Kernel Rated 'High Risk' |  2-Year-Old Linux Kernel Issue Resurfaces As High-Risk Flaw | Linux PIE/Stack Corruption

Mitigation Strategies:

Blog Series

5 Tips For Protecting SQL Based Cloud Deployed Web Applications

Alert Logic’s Michael Farnum and Joe Hitchcock lay out the key elements of effective security for web applications in a SQL-based cloud environment in this 5-part blog series.

This Week's Suspicious IP Addresses

40.71.173.191 194.88.105.76
186.2.161.36 6188.225.83.200
50.115.166.137 45.55.189.241

*IP addresses provided by Recorded Future.