In-brief: RSA said it detected evidence of a malicious software campaign that targeted employees at point of sale vendors – a possible effort to compromise the PoS supply chain.
Search Results for "point of sale"
The hack of U.S. retailer Target put attacks on point of sale systems on the radar, and prompted major retailers to revisit the security of the systems that accept credit card transactions. Now research from Arbor Networks is warning that hackers and cyber criminals are doubling down on point of sale (PoS) systems with a wide range of specialized PoS malware and targeted attacks. Arbor says it has data suggesting that PoS compromises may be widespread, and undetected. Arbor’s Security Engineering & Response Team (SERT) issued its findings in a Threat Intelligence Brief (2014-6) report. The company said that “ambitious threat actors” are using targeted attack campaigns against PoS networks. The “longevity and extent” of PoS attack campaigns – even at wealthy and sophisticated organizations – is “a serious concern.” [Read Security Ledger’s coverage of the Target data breach here.] “In organizations with security teams and well-managed network infrastructure, point of […]
Reuters is reporting on Monday that the recently disclosed hack of box store retailer Target Inc. was just one of a series of attacks against U.S. retailers, including Target, the luxury department store Neiman Marcus and other, as-yet-unnamed companies.* The story adds to other, recent revelations, including the breach at Neiman Marcus, which was first disclosed by the security blog Krebsonsecurity.com on Friday. Also on Monday, Target CEO Gregg Steinhafel confirmed that his company was the victim of malicious software installed on point of sale (PoS) systems at the store. According to the Reuters report, Target Corp and Neiman Marcus are just two retailers whose networks were breached over the holiday shopping season. The story cites unnamed sources “familiar with attacks,” which have yet to be publicly disclosed. Breaches of “at least three other well-known U.S. retailers took place and were conducted using similar techniques as the one on Target,” according […]
With news of the breach of big-box retailer Target Inc. still in the headlines, the U.S. Computer Emergency Readiness Team (CERT) issued a warning about the danger posed by malicious software targeting Point of Sale (POS) systems. CERT issued an advisory (TA14-002A) on Thursday asking POS owners to take steps to secure the devices, and telling consumers to beware. The warning comes after a string of reports that suggest that malware attacking point of sale systems is on the rise. In December, researchers from Arbor Networks said they had detected an “active PoS compromise campaign” to steal credit and debit card data that used the Dexter and Project Hook malware. Dexter is a Windows-based program that was first discovered in December, 2012 by Seculert, an Israeli security firm. It is still not known whether malware played a part in the huge theft of credit card data from Target Inc. That […]
Alternatives to legacy endpoint protection software like anti virus is one of the hottest areas in the information security space. Yesterday’s announcement by Cybereason of a $100 Million investment by SoftBank only underscores that. Cybereason, which has offices in Boston, London and Tel Aviv, closed a Series D funding round from SoftBank to accelerate growth. The round brings total investment in Cybereason to $189 million and make SoftBank the single largest investor int he company, which also counts Spark Capital, Lockheed Martin and CRV as investors. “We are thrilled with our incredible growth but we are never satisfied because hackers still have a big advantage over the vast majority of corporations. This new funding allows us to increase our growth through new distribution channels and to develop new technologies. Our strengthened partnership with SoftBank, which has a formidable sales force and enterprise customer base in Japan and a global reach, […]