In-brief: data from the firm Symantec shows that financial malware targeting banks – not ransomware- is the most important and oft-used tool in the cyber criminal’s toolbox.
point of sale
In-brief: The Payment Card Industry Security Standards Council (PCI Council) is raising the bar for the security of point of sale systems, with a big focus on the software (or “firmware”) that runs those systems.
In-brief: Twenty US hotels operated by HEI Hotel & Resorts on behalf of Starwood, Marriott, Hyatt and Intercontinental are the victims of a hack focused on point of sale systems, media reports say.
The information security industry has long operated with the premise of two, very different kinds of threats: indiscriminate, cyber criminal activity aimed at making money quick and sophisticated, targeted attacks intended to provide long term competitive advantage to another company (or economy), disrupt the operation of the target or provide a (future) strategic advantage in some kind of cyber conflict. But new research from FireEye suggests that the lines between sophisticated and unsophisticated cyber operations are blurred, making it hard for organizations to know if a given infection is merely bad luck, or evidence of a larger and more dangerous operation. Writing about a new financially motivated hacking crew called Fin6, FireEye said that the group, which targeted point-of-sale systems made off with “millions of payment card numbers.” Still, FireEye said that it couldn’t figure out how the group compromised its victims. “In Mandiant’s investigations of FIN6, the group already […]
In-brief: a 2013 ruling by the Supreme Court that limited the right of Amnesty International to sue the government for damages caused by the actions of the secretive Foreign Intelligence Surveillance Act (FISA) court is being used by Home Depot to question consumers’ right to sue for damages related to a massive theft of credit cards from that company in 2014.