Microsoft Windows Exposes Companies to Credit Card Data Theft

Researchers from FireEye have disclosed the details of cyberattack group leveraging a Microsoft Windows zero-day flaw in targeted attacks against over 100 US companies. The systems affected include Microsoft Windows Vista, Windows Server 2008, Windows 7, Windows 8.1, Windows Server 2012, Windows RT 8.1, and Windows 10. Dhanesh Kizhakkinan, Yu Wang, Dan Caselden and Erica Eng from FireEye’s security team said in a blog post on Wednesday that in March this year, a group of threat actors developed spear-phishing campaigns tailored for specific targets in the retail, restaurant, and hospitality industries.

The attacks involved CVE-2016-0167, a zero-day vulnerability which was patched in Microsoft’s April 12 Patch Tuesday. If you are processing or storing credit card information on any of the listed versions of Microsoft Windows, you need to install the patch immediately.

Details are available at http://goo.gl/FwK7bR.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s