UPS Archives - Latest News from Backup Technology

United Parcel Service (UPS) which is one of the largest shipment and logistics companies in the world has become one of the latest high profile companies to suffer a data breach.

UPS confirmed that they have suffered a data breach which has compromised data from around 105,000 customer transactions between January and August from 51 of its stores. Such stores that were affected are located in 24 U.S. states including New York, California and Texas.

UPS has confirmed that the data breach occurred due to malicious software being installed on their systems that has resulted on confidential data such as credit or debit card data, customer names and postal address being compromised.

Tim Davis who is the president of the UPS store stressed that as soon as they became aware of the data breach; the threat was contained and eliminated as quickly as possible.

Davis stated, “As soon as we became aware of the potential malware intrusion, we deployed extensive resources to quickly address and eliminate this issue. Our customers can be assured that we have identified and fully contained the incident.”

UPS have stated that they will not be notifying customers on an individual basis as they do not have all of the cardholder data. Therefore the emphasis has been places on UPS customers to check the UPS Store Inc.’s website to see if they have previously shopped at one of the affected UPS stores.

UPS has been keen to stress that so far, there has been no evidence of fraud because of the data breach.

UPS are the latest high profile company to have suffered a data breach which shows that it is now as important to ever to ensure security procedures and plans are in place and regularly tested and updated.

Supporting this, due to the increased threat from cyber thieves, it is now vital that all confidential data is also backed up with a robust backup solution to ensure that data can be recovered to the desired state if it is deleted or modified.

Well this is one way to ruin an IT Manager’s morning coffee, a new form of Malware has been discovered that wont be detected by standard antivirus.

An article published on the Register this morning details a rare form of malware that can steal data off a machine without installing any files. The malware is extremely difficult to detect as it will set up home within the computers registry, hence antivirus being unable to detect any suspicious looking files on an infected machine. Nice!

In a report Paul Rascagneres stated, “All activities are stored in the registry. No file is ever created. So, attackers are able to circumvent classic anti-malware file scan techniques with such an approach and are able to carry out any desired action when they reach the innermost layer of [a machine] even after a system re-boot. To prevent attacks like this, anti-virus solutions have to either catch the initial Word document before it is executed (if there is one), preferably before it reached the customer’s email inbox.”

Paul Rascagneres (@r00tbsd) has a reputation for ripping malware and bots to uncover and undermine black hat operations. Last year, Rascagneres won the Pwnie Award at Black Hat Las Vegas for tearing through the infrastructure of Chinese hacker group APT1.

The code has been spread, somewhat typically, through email. The mail, currently being sent under the guise of Canada Post and UPS tracking information, carries a Word Document containing the malicious code. Once opened, this then creates a hidden encoded autostart registry key, subsequently executing shellcode and a binary payload (this is the bit that allows any hacker access to a device).

Rascagneres added, “This trick prevents a lot of tools from processing this malicious entry at all and it could generate a lot of trouble for incident response teams during the analysis. The mechanism can be used to start any program on the infected system and this makes it very powerful.”