Sonic Drive-In, a fast-food chain with 3,600 restaurants in 45 states, has acknowledged a breach affecting an unknown number of Sonic cash registers, known today as point-of-sale terminals. About 5 million credit card numbers were recently put up for sale on a shadowy underground online network.
Unknown at this point is whether the breach affected only a small portion of Sonic Drive-In sites or the entire chain.
A bug in Linux kernel that was discovered two years ago, but was not considered a security threat at that time, has now been recognized as a potential local privilege escalation flaw Identified as CVE 2017 1000253. Since it was not recognized as a serious bug at that time, the patch for this kernel flaw was not backported to long-term Linux distributions in kernel 3.10.77.
However, researchers have now found that this vulnerability could be exploited to escalate privileges and it affects all major Linux distributions, including Red Hat, Debian, and CentOS.
Alert Logic’s Michael Farnum and Joe Hitchcock lay out the key elements of effective security for web applications in a SQL-based cloud environment in this 5-part blog series.
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.