PoS – Page 5 – WindowsTechs.com

Unsecured Elasticsearch servers turned into PoS malware C&Cs

Posted on September 14, 2017 by Zeljka Zorz

Security researchers have discovered over 4,000 Elasticsearch servers compromised to distribute and control PoS malware. 99 percent of them are hosted by Amazon. What is Elasticsearch? Elasticsearch is the most popular choice for enterprise search engines. Based on the open source information retrieval software library Lucene, it is itself open source, and it provides a full-text search engine with an HTTP web interface and JSON documents. A number of organizations, including Amazon Web Services (AWS), … More → Continue reading Unsecured Elasticsearch servers turned into PoS malware C&Cs→

SAP Patches High-Risk Flaws in SAP POS, Host Agent

Posted on July 12, 2017 by Chris Brook

SAP fixed 23 vulnerabilities across roughly a dozen products on Tuesday, including a series of high-risk flaws in SAP POS and SAP Host Agent.

Continue reading SAP Patches High-Risk Flaws in SAP POS, Host Agent→

PoS malware hits food kiosks, steals payment card and biometric info

Posted on July 10, 2017 by Zeljka Zorz

PoS malware can lurk in the most unexpected of places, and some have recently been found in the payment kiosks by US-based vendor Avanti, stealing payment card and biometric information. Those “micro markets” are effectively unmanned retail spaces where users can choose snacks and beverages and pay through a kiosk. They can be found at offices throughout the US, are usually installed, maintained and restocked by local resellers, and accept payment via payment card, cash, … More → Continue reading PoS malware hits food kiosks, steals payment card and biometric info→

US court hits Russian PoS hacker with record 27 year jail sentence

Posted on April 24, 2017 by Graham Cluley

A Russian hacker has received the longest sentence ever handed down for hacking-related charges in the United States.
Read more in my article on the We Live Security blog.
Continue reading US court hits Russian PoS hacker with record 27 year jail sentence→

RawPOS malware has new data-grabbing capabilities

Posted on April 21, 2017 by Zeljka Zorz

RawPOS continues to evolve, and has recently been equipped with the capability to steal data contained in the victims’ driver’s license’s 2-dimensional barcode. “Although the use of this barcode is less common than credit card swipes, it is not unheard of. Some people might experience getting their driver’s license barcode scanned in places like pharmacies, retail shops, bars, casinos and others establishments that require it,” Trend Micro researchers explained. “Traditionally, PoS threats look for credit … More → Continue reading RawPOS malware has new data-grabbing capabilities→

12 tips for implementing secure business practices

Posted on December 12, 2016 by Help Net Security

Optiv Security shared a list of a dozen tips for implementing secure business practices during the 2016 holiday season. Security experts developed these recommendations to help security and IT teams better prepare their companies and employees to address the increase in cyber threats that occur during this time of year. 1. Limit temporary worker privileges Many organizations employ temporary workers during the holidays to address increased demand for their products or services, and backfill employees … More → Continue reading 12 tips for implementing secure business practices→

PoS attacks: Undetected vulnerabilities lay in wait

Posted on December 8, 2016 by Help Net Security

Attivo Networks issued a report detailing severe vulnerabilities in the nation’s POS systems that could lead to large breaches during the Holiday shopping period and on into next year. The report, based on primary research, shows how attackers are moving laterally undetected through networks, compromising asset management servers and then using them to plant malware on POS terminals for either timed or remote activation, creating the foundation for wide-scale credit card information theft. The lack … More → Continue reading PoS attacks: Undetected vulnerabilities lay in wait→

The New Mindset Required for Making a Dent in the World of Cybercrime

Posted on September 7, 2016 by Tripwire Guest Authors

We all know that cybercrime is increasing and likely to jump from a $75 billion problem last year to a $170 billion problem in 2020. Most will argue that this out of control spiral that the cybersecurity industry is in is unavoidable. It’s just the nature of the game. We will always be one step […]… Read More

The post The New Mindset Required for Making a Dent in the World of Cybercrime appeared first on The State of Security.

Continue reading The New Mindset Required for Making a Dent in the World of Cybercrime→

US hotels hit by payment card slurping malware

Posted on August 16, 2016 by Lisa Vaas

10 months after merchants were to assume financial responsibility if they didn’t install chip readers, we’re still seeing POS breaches. Continue reading US hotels hit by payment card slurping malware→

Credit-card stealing malware hits Hyatt, Marriott, Sheraton hotel chains

Posted on August 16, 2016 by Graham Cluley

Some 20 hotels have been attacked by hackers who planted point-of-sale malware on their systems.
Read more in my article on the Tripwire State of Security blog.
Continue reading Credit-card stealing malware hits Hyatt, Marriott, Sheraton hotel chains→