point of sale

Financial Malware, not Ransomware, drives most Cyber Crime

In-brief: data from the firm Symantec shows that financial malware targeting banks – not ransomware- is the most important and oft-used tool in the cyber criminal’s toolbox. 

Point of Sale Terminal

PCI Updates Security Guidance with Focus on Firmware

In-brief: The Payment Card Industry Security Standards Council (PCI Council) is raising the bar for the security of point of sale systems, with a big focus on the software (or “firmware”) that runs those systems. 

20 top US hotels hit by fresh malware attacks | ZDNet

In-brief:  Twenty US hotels operated by HEI Hotel & Resorts on behalf of Starwood, Marriott, Hyatt and Intercontinental are the victims of a hack focused on point of sale systems, media reports say. 

Blurred Lines: Sophisticated Hacks Building On Commodity Crime Tools

The information security industry has long operated with the premise of two, very different kinds of threats: indiscriminate, cyber criminal activity aimed at making money quick and sophisticated, targeted attacks intended to provide long term competitive advantage to another company (or economy), disrupt the operation of the target or provide a (future) strategic advantage in some kind of cyber conflict. But new research from FireEye suggests that the lines between sophisticated and unsophisticated cyber operations are blurred, making it hard for organizations to know if a given infection is merely bad luck, or evidence of a larger and more dangerous operation. Writing about a new financially motivated hacking crew called Fin6, FireEye said that the group, which targeted point-of-sale systems made off with “millions of payment card numbers.” Still, FireEye said that it couldn’t figure out how the group compromised its victims. “In Mandiant’s investigations of FIN6, the group already […]

SCOTUS FISA Ruling A Tool To Disenfranchise Data Theft Victims?

In-brief: a 2013 ruling by the Supreme Court that limited the right of Amnesty International to sue the government for damages caused by the actions of the secretive Foreign Intelligence Surveillance Act (FISA) court is being used by Home Depot to question consumers’ right to sue for damages related to a massive theft of credit cards from that company in 2014.