online shopping

This Week In Security: Ebay’s School of Hard Knocks

Podcast: Play in new window | Download () | EmbedSubscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | RSS | https://www.securityledger.com/subscribeIt’s the end of another busy week in the security world. As we’re wont to do at The Security Ledger, we had DUO Security Evangelist Mark Stanislav in to the deluxe Security Ledger Studios to talk about the events of the week. On the agenda this week: the continued fallout from the hack of online auction giant eBay. The company ran into a thicket of criticism this week for the breach and its botched response. Despite knowing about the security breach for weeks, eBay seemed unprepared for the fallout once the news became public. Beyond its statements to the press, the company hadn’t taken steps to streamline the (inevitable) flood of customers who wanted to update their password. In fact, more than a day […]

Pew: IoT Will Take Off By 2025, Despite Security Woes

A survey of technology experts by the Pew Research Center and Elon University predicts that the Internet of Things will take off in the next decade despite serious concerns about the security of IoT devices and the data they hold. The IoT will gain wide adoption in the next decade, with the result that many aspects of day-to-day life will be transformed by a combination of inexpensive sensors, cloud based computing and data analytics. The report cites a number of likely innovations that will become commonplace by 2025 – from “smart” food products that can report when they are exhausted or spoiled, to smart roads and infrastructure to “subcutaneous sensors or chips that provide patients’ real-time vital signs to self-trackers and medical providers.” The Pew Center canvassed more than 1600 technology leaders and analysts about the Internet of Things and published the findings of the survey on Wednesday. The survey population included […]

Arbor Networks PoS Report

Unknown Knowns: Arbor Warns Of Widespread Point of Sale Compromises

The hack of U.S. retailer Target put attacks on point of sale systems on the radar, and prompted major retailers to revisit the security of the systems that accept credit card transactions. Now research from Arbor Networks is warning that hackers and cyber criminals are doubling down on point of sale (PoS) systems with a wide range of specialized PoS malware and targeted attacks. Arbor says it has data suggesting that PoS compromises may be widespread, and undetected. Arbor’s Security Engineering & Response Team (SERT)  issued its findings in a Threat Intelligence Brief (2014-6)  report. The company said that “ambitious threat actors” are using targeted attack campaigns against PoS networks. The “longevity and extent” of PoS attack campaigns – even at wealthy and sophisticated organizations – is “a serious concern.”   [Read Security Ledger’s coverage of the Target data breach here.] “In organizations with security teams and well-managed network infrastructure, point of […]

In Next Phase: Web Tracking Cookies Grow Legs

It’s easy to focus on the low hanging fruit in the Internet of Things revolution – the Internet-connected thermostats, connected vehicles and lawn sprinklers that you can manage from the Web.   But the biggest changes are yet to come – as powerful, wearable technology, remote sensors and powerful data analytics combine to map and record our every waking (and sleeping) moment. I got a glimpse of that reading this article over at the blog StreetFightMag.com, a site that concentrates on the hyperlocal marketing sector. Hyperlocal was a big thing about six or seven years ago, as online media outfit (and their advertisers) decided that consumers were losing interest in the thin gruel that online mass-media provided, but remained intensely interested in local news and affairs. Alas, capitalizing on the relatively small-scale opportunities in ‘hyperlocal’ proved harder than anyone thought, as this week’s decision to shutter AOL’s remaining Patch web […]

Target Confirms Massive Breach – 40 million Credit Cards Affected

Black Friday just got a bit more black. Target Corp., one of the U.S.’s leading retail outfits, confirmed in a statement Thursday morning that reports of a massive breach of the company’s payment infrastructure, resulting in the exposure of data on an estimated 40 million credit and debit card accounts. The statement, released on Target’s website, follows media reports on Wednesday citing reports from leading credit card issuers. In it, the company confirmed “it is aware of unauthorized access to payment card data that may have impacted certain guests making credit and debit card purchases in its U.S. stores.” According to statements by Target, the credit card data was stolen between Nov. 27 and Dec. 15, 2013 and includes customer name, credit or debit card number, and the card’s expiration date and the CVV, or three-digit security code. Shoppers at the company’s U.S. stores were affected, but the breach did not affect Target’s Canadian […]