- From Bank Info Security - AT&T is paying $25 million for call center employees in Mexico, Colombia and the Philippines accessing personally identifiable information from some 278,000 customer accounts without authorization.
- Bloomberg reports that data breaches don’t just affect retailers and banks, most big law firms have been hacked, too.
- According to Threat Post, new evasion techniques helped AlienSpy, a remote access tool, to deliver the Citadel banking Trojan and establish backdoors inside a number of critical infrastructure operations.
- Just last weekend Linux Australia got pwned, rooted, RATted and botted, reports Naked Security.
- And Wired tells us about a security flaw in drug infusion pumps that allows hackers to raise dosage levels.
Here's a look at this week's top information security news stories:
- PCI DSS 3.0 compliance deadline approaches. Will it make any difference? Read more at CSO Online.
- Apple iOS malware gets onto 75,000 iPhones, steals ad clicks - fortunately, AdThief only affects jailbroken devices. Learn more at Naked Security.
- The Secret Service is estimating that more than 1,000 U.S. businesses had their systems infected by Backoff, a new point-of-sale malware linked to numerous remote-access attacks. Read the full story at Bank Info Security.
- Dairy Queen breached? Krebs on Security investigates the claim, includes official statement from DQ HQs.
Background check records of 25,000 undercover investigators and other homeland security staff were exposed in the breach at US Investigations Services (USIS) this month. Read "Breach of Homeland Security Background Checks Raises Red Flags" via Dark Reading.
Banks large and small are girding for an elaborate drill this week that will test how they would fare if hackers unleashed a powerful and coordinated attack against them.
The exercise is being called ‘‘Quantum Dawn 2,’’ and if the name sounds like a video game, it is also meant to convey the seriousness of the threat.
Cyberattacks on the banking industry are growing more frequent and sophisticated, and the list of assailants is ever-changing: crime bosses who want money, ‘‘hacktivists’’ making political statements, foreign governments that want to spy on US companies. A successful, widespread attack on the industry would shake confidence in the banking system and the possibility has banks and regulators on edge.
Read the full article via The Boston Globe.