News highlights this week: Panera Bread customer data breach, Mirai-style botnet is targeting financial institutions and Microsoft patches malware protection engine.
Panera Bread data leak
Over the last eight months, Panera Bread exposed millions of customer records all in plain text, accessible to anyone with a casual search. The breach included names, email addresses, home addresses, birthdays, and the last four digits of any cards used on panerabread.com.
Panerabread.com Leaks Millions of Customer Records (Krebs on Security, April 2)
Panera Bread Leaves Millions of Customer Records Exposed Online (Dark Reading, April 3)
Panera Bread Exposed Data On Millions Of Customers For 8 Long Months (Forbes, April 4)
Mirai-style botnet, Microsoft RCE vulnerability
It was revealed that a botnet based on Mirai was used to attack at least three European financial institutions in January.
Mirai Variant Botnet Takes Aim at Financials (Dark Reading, April 5)
A new Mirai-style botnet is targeting the financial sector (ZDNet, April 5)
Mirai variant botnet launches IoT DDoS attacks on financial sector (Tech Republic, April 5)
Microsoft has rolled-out security updates to fix a critical remote code execution flaw affecting Windows Defender and other anti-malware products.
Microsoft patches Malware Protection Engine to protect against devastating memory corruption attack (Tech Republic, April 4)
Microsoft Patches Critical Flaw in Malware Protection Engine (Dark Reading, April 4)
In other news…
7 Deadly Security Sins of Web Applications (Dark Reading, April 4)
100% of Web Apps Contain Vulnerabilities (Info Security, April 5)
Define DevOps’ Role in Application Security (Information Week, April 2)