Dive Brief:
-
Over 100 U.S. companies were reportedly targeted by a Microsoft Windows zero-day vulnerability in March, according to ZDNet.
-
Researchers from FireEye said a group of cybercriminals developed spear-phishing campaigns targeted at the retail, restaurant and hospitality sectors.
-
The vulnerability was patched in Microsoft's April 12 patch Tuesday. The names of the companies targeted, as well as the number of potential victims, was not disclosed.
Dive Insight:
FireEye's security team said in a blog post on Wednesday that the group targeted companies across the U.S. with phishing campaigns based on "tailored emails containing malicious Microsoft Word attachments."
The vulnerability and a point of sale (POS) memory scraping tool used in combination gave the cyberattackers the ability to steal credit card data stored in PoS systems used by the targeted companies.
"This actor has conducted operations on a large scale and at a rapid pace, displaying a level of operational awareness and ability to adapt their operations on the fly," FireEye said. "These abilities, combined with targeted usage of an (elevation of privelage) exploit and the reconnaissance required to individually tailor phishing emails to victims, potentially speaks to the threat actors' operational maturity and sophistication."
To help protect themselves, companies should ensure that they are always running the latest versions of software available.
