Amazon phishing email...
Delivered-To: xxxxxxxxxxx@gmail.com
Received: by 10.202.197.131 with SMTP id v125csp390758oif;
Fri, 20 Jun 2014 17:13:32 -0700 (PDT)
X-Received: by 10.180.189.79 with SMTP id gg15mr7635763wic.0.1403309611555;
Fri, 20 Jun 2014 17:13:31 -0700 (PDT)
Return-Path: postmaster@lucklucky.net>
Received: from smtplqs-out38.aruba.it (smtplqs-out36.aruba.it. [62.149.158.76])
by mx.google.com with ESMTP id f9si4695864wie.75.2014.06.20.17.13.30
for xxxxxxxxxxx@gmail.com>;
Fri, 20 Jun 2014 17:13:31 -0700 (PDT)
Received-SPF: none (google.com: postmaster@lucklucky.net does not designate permitted sender hosts) client-ip=62.149.158.76;
Authentication-Results: mx.google.com;
spf=neutral (google.com: postmaster@lucklucky.net does not designate permitted sender hosts) smtp.mail=postmaster@lucklucky.net
Received: from webxc45s05.ad.aruba.it ([62.149.145.47])
by smartcmd04.ad.aruba.it with bizsmtp
id GoDW1o00c11am7y01oDWtF; Sat, 21 Jun 2014 02:13:30 +0200
Received: (qmail 21984 invoked by uid 19142416); 21 Jun 2014 00:13:30 -0000
Date: 21 Jun 2014 00:13:30 -0000
Message-ID: 20140621001330.21982.qmail@webxc45s05.ad.aruba.it>
To: xxxxxxxxxxx@gmail.com
Subject: update your account
X-PHP-Originating-Script: 19142416:send.php(2) : eval()'d code
MIME-Version: 1.0
Content-type: text/html; charset=iso-8859-1
From: amazon postmaster@lucklucky.net>
html xmlns:v="urn:schemas-microsoft-com:vml"
xmlns:o="urn:schemas-microsoft-com:office:office"
xmlns:w="urn:schemas-microsoft-com:office:word"
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml"
xmlns="http://www.w3.org/TR/REC-html40">
head>
meta http-equiv=Content-Type content="text/html; charset=windows-1252">
meta name=ProgId content=Word.Document>
meta name=Generator content="Microsoft Word 12">
meta name=Originator content="Microsoft Word 12">
link rel=Edit-Time-Data href="amazon_fichiers/editdata.mso">
title>Mise à jour de vos informations n /title>
!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:0 0 0 0 0 0 0 0 0 0;
mso-font-charset:1;
mso-generic-font-family:roman;
mso-font-format:other;
mso-font-pitch:variable;
mso-font-signature:0 0 0 0 0 0;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;
mso-font-charset:0;
mso-generic-font-family:swiss;
mso-font-pitch:variable;
mso-font-signature:1627400839 -2147483648 8 0 66047 0;}
@font-face
{font-family:"Lucida Sans";
panose-1:2 11 6 2 3 5 4 2 2 4;
mso-font-charset:0;
mso-generic-font-family:swiss;
mso-font-pitch:variable;
mso-font-signature:3 0 0 0 1 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{mso-style-unhide:no;
mso-style-qformat:yes;
mso-style-parent:"";
margin:0cm;
margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Times New Roman","serif";
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
mso-themecolor:hyperlink;
text-decoration:underline;
text-underline:single;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-noshow:yes;
mso-style-priority:99;
color:purple;
mso-themecolor:followedhyperlink;
text-decoration:underline;
text-underline:single;}
p
{mso-style-noshow:yes;
mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Times New Roman","serif";
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-noshow:yes;
mso-style-priority:99;
mso-style-link:"Texte de bulles Car";
margin:0cm;
margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;}
span.TextedebullesCar
{mso-style-name:"Texte de bulles Car";
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-unhide:no;
mso-style-locked:yes;
mso-style-link:"Texte de bulles";
mso-ansi-font-size:8.0pt;
mso-bidi-font-size:8.0pt;
font-family:"Tahoma","sans-serif";
mso-ascii-font-family:Tahoma;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Tahoma;
mso-bidi-font-family:Tahoma;}
p.auto-style81, li.auto-style81, div.auto-style81
{mso-style-name:auto-style81;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-unhide:no;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Times New Roman","serif";
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;}
.MsoChpDefault
{mso-style-type:export-only;
mso-default-props:yes;
font-size:10.0pt;
mso-ansi-font-size:10.0pt;
mso-bidi-font-size:10.0pt;}
@page Section1
{size:595.3pt 841.9pt;
margin:72.0pt 90.0pt 72.0pt 90.0pt;
mso-header-margin:35.4pt;
mso-footer-margin:35.4pt;
mso-paper-source:0;}
div.Section1
{page:Section1;}
-->
/style>
!--[if gte mso 10]>
style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Tableau Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin:0cm;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:10.0pt;
font-family:"Times New Roman","serif";}
/style>
![endif]-->
meta http-equiv=Content-Language content=fr>
!--[if gte mso 9]> xml>
o:shapelayout v:ext="edit">
o:idmap v:ext="edit" data="1"/>
/o:shapelayout> /xml> ![endif]-->
/head>
body lang=FR link=blue vlink=purple style='tab-interval:35.4pt'>
div class=Section1>
div align=center>
table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0 width=500
style='width:375.0pt;mso-cellspacing:0cm;mso-yfti-tbllook:1184;mso-padding-alt:
0cm 0cm 0cm 0cm'>
tr style='mso-yfti-irow:0;mso-yfti-firstrow:yes;mso-yfti-lastrow:yes;
height:22.5pt'>
td style='padding:0cm 0cm 0cm 0cm;height:22.5pt'>
div align=center>
table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0 width=489
style='width:366.75pt;mso-cellspacing:0cm;background:#F1F1F1;mso-yfti-tbllook:
1184;mso-padding-alt:0cm 0cm 0cm 0cm'>
tr style='mso-yfti-irow:0;mso-yfti-firstrow:yes;mso-yfti-lastrow:yes'>
td style='padding:0cm 0cm 0cm 0cm'>
div align=center>
table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0 width=490
style='width:367.5pt;mso-cellspacing:0cm;background:#F1F1F1;mso-yfti-tbllook:
1184;mso-padding-alt:0cm 0cm 0cm 0cm'>
tr style='mso-yfti-irow:0;mso-yfti-firstrow:yes;mso-yfti-lastrow:yes'>
td width=490 style='width:367.5pt;padding:0cm 0cm 16.5pt 0cm'>
div>
p class=MsoNormal style='line-height:15.0pt'> strong> span lang=EN style='font-size:9.0pt;font-family:"Lucida Sans","sans-serif";
mso-fareast-font-family:"Times New Roman";color:lime;mso-ansi-language:
EN'>Dear xxxxxxxxxxx@gmail.com
, html xmlns="http://www.constantcontact.com/cctd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemalocation="http://www.constantcontact.com/cctd http://origin.ih.constantcontact.com/schemas/CCEM8templates.xsd">
head>
meta http-equiv="Content-Language" content="fr">
meta name="GENERATOR" content="Microsoft FrontPage 6.0">
meta name="ProgId" content="FrontPage.Editor.Document">
title>Mise à jour de vos informations n /title>
style>
.MainBorder {
background-color: #CCCCCC;
padding: 1px;
}
.body {
background-color: #FFFFFF;
margin : 0px 0px 0px 0px;
}
.MainBG {
background-color: #FFFFFF;
}
.MainText {
title: Main Text;
font-family: Arial, Helvetica, sans-serif;
font-size: x-small;
color: #000000;
}
.GraphText {
title: Graph Text;
font-family: Arial, Helvetica, sans-serif;
font-size: xx-small;
color: #111111;
}
.CClink1 {
font-family: Arial, Helvetica, sans-serif;
font-size: x-small;
color: #3E69BD;
}
.TemplateWidth {
width: 600px;
}
.TemplatePad {
padding: 0 15px 15px 15px;
}
.GraphBG {
background-color:#4E81BD;
}
.BarBG {
background-color:#ffffff;
}
.StatTable {
background-color:#F5F5F5;
}
.HiLight {
font-family:Arial, Helvetica, sans-serif;
color:#357E86;
font-size:x-small;
}
.HiLight2 {
font-family:Arial, Helvetica, sans-serif;
color:#357E86;
font-size:x-large;
letter-spacing: -2px;
}
.TableHdr {
font-family:Arial, Helvetica, sans-serif;
background-color: #E7F2F4;
color:#357E86;
font-size:small;
}
.TableHdrBrdr {
border-top:1px solid #E7F2F4;
border-bottom:1px solid #E7F2F4;
background-color:#F3F3F3;
}
/style>
/head>
body leftmargin="0" rightmargin="0" topmargin="0">
html xmlns="http://www.constantcontact.com/cctd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemalocation="http://www.constantcontact.com/cctd http://origin.ih.constantcontact.com/schemas/CCEM8templates.xsd">
body leftmargin="0" rightmargin="0" topmargin="0">
p style="color: rgb(51, 51, 51); font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; margin: 1px 0pt 8px; font-family: Arial, sans-serif; font-size: 12px; line-height: 16px; background-color: rgb(241, 241, 241);">
Your account will expire in less than 48 hours. br>
it is imperative to conduct an audit of your information is present, otherwise
your account will be destroyed . Just click the link below and log in using your
email and password. /p>
table border="0" cellpadding="0" cellspacing="0" class="callToAction" style="font-family: Verdana, Arial, Helvetica, sans-serif; letter-spacing: normal; orphans: auto; text-indent: 0px; text-transform: none; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; margin: 0px 0px 10px; font-style: normal; font-variant: normal; font-weight: normal; font-size: 11px; line-height: normal; background-color: rgb(241, 241, 241);">
tr>
td bgcolor="#ffa822" class="actionLinkContainer" style="margin: 0px; padding: 1px 10px; border-width: 1px; border-style: solid; border-color: rgb(191, 191, 191) rgb(144, 141, 141) rgb(144, 141, 141) rgb(191, 191, 191);">
a style="color: rgb(8, 68, 130); text-decoration: underline;" href="http://sasn.mcafee.com/l?v=0&ui=0&spid=rssmountain&p=000c0000000000000000000000000000&url=https://gator4083.hostgator.com/~coachmur/gettingpaidtobefit.com/readme.php">by
clicking here /a> /td>
/tr>
/table>
p style="color: rgb(51, 51, 51); font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; margin: 1px 0pt 8px; font-family: Arial, sans-serif; font-size: 12px; line-height: 16px; background-color: rgb(241, 241, 241);">
For more information, see span class="Apple-converted-space"> /span> a style="color: rgb(8, 68, 130); text-decoration: underline;" href="">Questions
and answers /a>. /p>
p style="color: rgb(51, 51, 51); font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: rgb(241, 241, 241);">
Sincerely, br>
Amazon /p>
p style="color: rgb(51, 51, 51); font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: rgb(241, 241, 241);">
Copyright 2014 amazon, Inc. All rights reserved. amazon is located at 2211 N.
First St., San Jose, CA 95131.
Trends from the trenches of Internet traffic. Hackers, spammers and Internet abuse. IP address database. DNS sightings. Views and opinions expressed are my own. ~ Teri Radichel @teriradichel
Sunday, June 29, 2014
Target Breach and releated POS Breach Articles
Articles about the target breach:
Overview:
http://www.businessinsider.com/target-credit-card-hackers-2013-12
Overview:
http://www.businessinsider.com/target-credit-card-hackers-2013-12
Number of cards updated to 70 million
http://mobile.eweek.com/security/target-data-breach-affected-70m-much-more-than-earlier-estimates.html
Timeline:
http://www.ibtimes.com/timeline-targets-data-breach-aftermath-how-cybertheft-snowballed-giant-retailer-1580056
Missed alerts:
http://www.npr.org/2014/03/13/289836952/report-target-missed-its-chance-to-prevent-data-breach
Human considerations:
http://www.eweek.com/security/preventing-targets-troubles-locking-the-door-against-data-breaches.html
Federal lawsuit
http://www.nationaljournal.com/tech/senate-report-target-could-have-prevented-massive-hack-20140325
Removal of corporate officers:
http://www.insidecounsel.com/2014/05/30/inadequate-data-breach-preparation-response-should
CISO should report to CEO
http://www.computerworld.com/s/article/9249129/Target_top_security_officer_reporting_to_CIO_seen_as_a_mistake
Target CEO Resignation Due To Security Issues
http://www.csoonline.com/article/2151381/cyber-attacks-espionage/target-ceo-resignation-highlights-cost-of-security-blunders.html
Cards Sold on Black Market
http://www.tripwire.com/state-of-security/vulnerability-management/how-stolen-target-credit-cards-are-used-on-the-black-market/
Started with an Email attack against HVAC vendor
http://krebsonsecurity.com/2014/02/email-attack-on-vendor-set-up-breach-at-target/
Ward Off POS Attacks
http://www.retailgazette.co.uk/articles/32114-how-to-ward-off-pos-cyber-security-attacksd
Chip Cards to Prevent Credit Card Information Loss
http://www.northjersey.com/news/business/a-chip-on-the-old-card-1.1039445
Talent in Hacking, Not Security
http://wallstcheatsheet.com/technology/cyber-crime-why-is-all-the-talent-in-hacking-and-not-in-security.html/?a=viewall
EMV (Chip and Pin) credit cards alone cannot protect data http://www.finextra.com/blogs/fullblog.aspx?blogid=9491
Car Washes had PC Anywhere installed on computers. End of life by Symantec, not used in years.
http://nakedsecurity.sophos.com/2014/06/25/carwash-pos-systems-hacked-credit-card-data-drained/
Tips for Protecting Point of Sale (POS) systems
http://www.lexology.com/library/detail.aspx?g=edac3d96-7d0a-4d70-87b1-966ba3fcc5c7
Small business & mobile POS
http://www.smallbusinesscomputing.com/biztools/small-business-mobile-point-of-sale-systems-the-pros-cons.html
Protecting POS systems
http://www.darkreading.com/attacks-breaches/tech-insight-defending-point-of-sale-systems/d/d-id/1141214?
Separate VLANs
http://www.darkreading.com/attacks-breaches/back-to-basics/d/d-id/1269436
Timeline:
http://www.ibtimes.com/timeline-targets-data-breach-aftermath-how-cybertheft-snowballed-giant-retailer-1580056
Missed alerts:
http://www.npr.org/2014/03/13/289836952/report-target-missed-its-chance-to-prevent-data-breach
Human considerations:
http://www.eweek.com/security/preventing-targets-troubles-locking-the-door-against-data-breaches.html
Federal lawsuit
http://www.nationaljournal.com/tech/senate-report-target-could-have-prevented-massive-hack-20140325
Removal of corporate officers:
http://www.insidecounsel.com/2014/05/30/inadequate-data-breach-preparation-response-should
CISO should report to CEO
http://www.computerworld.com/s/article/9249129/Target_top_security_officer_reporting_to_CIO_seen_as_a_mistake
Target CEO Resignation Due To Security Issues
http://www.csoonline.com/article/2151381/cyber-attacks-espionage/target-ceo-resignation-highlights-cost-of-security-blunders.html
Cards Sold on Black Market
http://www.tripwire.com/state-of-security/vulnerability-management/how-stolen-target-credit-cards-are-used-on-the-black-market/
Started with an Email attack against HVAC vendor
http://krebsonsecurity.com/2014/02/email-attack-on-vendor-set-up-breach-at-target/
Ward Off POS Attacks
http://www.retailgazette.co.uk/articles/32114-how-to-ward-off-pos-cyber-security-attacksd
Chip Cards to Prevent Credit Card Information Loss
http://www.northjersey.com/news/business/a-chip-on-the-old-card-1.1039445
Talent in Hacking, Not Security
http://wallstcheatsheet.com/technology/cyber-crime-why-is-all-the-talent-in-hacking-and-not-in-security.html/?a=viewall
EMV (Chip and Pin) credit cards alone cannot protect data http://www.finextra.com/blogs/fullblog.aspx?blogid=9491
Car Washes had PC Anywhere installed on computers. End of life by Symantec, not used in years.
http://nakedsecurity.sophos.com/2014/06/25/carwash-pos-systems-hacked-credit-card-data-drained/
Tips for Protecting Point of Sale (POS) systems
http://www.lexology.com/library/detail.aspx?g=edac3d96-7d0a-4d70-87b1-966ba3fcc5c7
Small business & mobile POS
http://www.smallbusinesscomputing.com/biztools/small-business-mobile-point-of-sale-systems-the-pros-cons.html
Protecting POS systems
http://www.darkreading.com/attacks-breaches/tech-insight-defending-point-of-sale-systems/d/d-id/1141214?
Separate VLANs
http://www.darkreading.com/attacks-breaches/back-to-basics/d/d-id/1269436
VLANs vs Subnets
http://websitenotebook.blogspot.com/2014/06/vlans-vs-subnets.html?m=1
PCI is not enough, POS Malware kits, warnings and auditing software ignored or shut off
http://www.computing.co.uk/ctg/feature/2348267/too-open-for-business
FBI warns of more retail attacks
http://www.reuters.com/article/2014/01/23/us-target-databreach-fbi-idUSBREA0M1UF20140123
Hackers that wrote the malware
http://www.startribune.com/business/243125731.html#ZMDJ1wAuHohOSl87.97
Memory scraping malware
http://www.csoonline.com/article/2359441/data-protection/criminals-seeking-more-buyers-with-all-in-one-malware.html
http://www.darkreading.com/attacks-and-breaches/target-breach-8-facts-on-memory-scraping-malware/d/d-id/1113440
http://nakedsecurity.sophos.com/2013/07/16/a-look-at-point-of-sale-ram-scraper-malware-and-how-it-works/
http://krebsonsecurity.com/2014/01/a-first-look-at-the-target-intrusion-malware/
http://threatpost.com/ram-scraper-malware-a-threat-to-point-of-sale-systems
http://volatility-labs.blogspot.com/2014/01/comparing-dexter-and-blackpos-target.html
PCI is not enough, POS Malware kits, warnings and auditing software ignored or shut off
http://www.computing.co.uk/ctg/feature/2348267/too-open-for-business
FBI warns of more retail attacks
http://www.reuters.com/article/2014/01/23/us-target-databreach-fbi-idUSBREA0M1UF20140123
Hackers that wrote the malware
http://www.startribune.com/business/243125731.html#ZMDJ1wAuHohOSl87.97
Memory scraping malware
http://www.csoonline.com/article/2359441/data-protection/criminals-seeking-more-buyers-with-all-in-one-malware.html
http://www.darkreading.com/attacks-and-breaches/target-breach-8-facts-on-memory-scraping-malware/d/d-id/1113440
http://nakedsecurity.sophos.com/2013/07/16/a-look-at-point-of-sale-ram-scraper-malware-and-how-it-works/
http://krebsonsecurity.com/2014/01/a-first-look-at-the-target-intrusion-malware/
http://threatpost.com/ram-scraper-malware-a-threat-to-point-of-sale-systems
http://volatility-labs.blogspot.com/2014/01/comparing-dexter-and-blackpos-target.html
ICMP
http://www.commerce.senate.gov/public/?a=Files.Serve&File_id=24d3c229-4f2f-405d-b8db-a3a67f183883
More...
CISO should report to CEO
http://www.computerworld.com/s/article/9249129/Target_top_security_officer_reporting_to_CIO_seen_as_a_mistake
Cards Sold on Black Market
http://www.tripwire.com/state-of-security/vulnerability-management/how-stolen-target-credit-cards-are-used-on-the-black-market/
Ward Off POS Attacks
http://www.retailgazette.co.uk/articles/32114-how-to-ward-off-pos-cyber-security-attacksd
Chip Cards to Prevent Credit Card Information Loss
http://www.northjersey.com/news/business/a-chip-on-the-old-card-1.1039445
More...
People
PCI Compliance
Target.com
NEW CISO
Joined Financial Information
Sharing Center
https://www.fsisac.com/
What has done to prevent
Waiting for a major problem before
taking action:
Chip and Pin Solution
Articles about the target breach and related:
Overview:
http://www.businessinsider.com/target-credit-card-hackers-2013-12
Human considerations:
http://www.eweek.com/security/preventing-targets-troubles-locking-the-door-against-data-breaches.html
Overview:
http://www.businessinsider.com/target-credit-card-hackers-2013-12
Human considerations:
http://www.eweek.com/security/preventing-targets-troubles-locking-the-door-against-data-breaches.html
Attacks on key employees
CISO should report to CEO
http://www.computerworld.com/s/article/9249129/Target_top_security_officer_reporting_to_CIO_seen_as_a_mistake
Cards Sold on Black Market
http://www.tripwire.com/state-of-security/vulnerability-management/how-stolen-target-credit-cards-are-used-on-the-black-market/
Ward Off POS Attacks
http://www.retailgazette.co.uk/articles/32114-how-to-ward-off-pos-cyber-security-attacksd
Chip Cards to Prevent Credit Card Information Loss
http://www.northjersey.com/news/business/a-chip-on-the-old-card-1.1039445
EMV (Chip and Pin) credit cards
alone cannot protect data http://www.finextra.com/blogs/fullblog.aspx?blogid=9491
Talent in Hacking, Not Security
http://wallstcheatsheet.com/technology/cyber-crime-why-is-all-the-talent-in-hacking-and-not-in-security.html/?a=viewall
Car Washes had PC Anywhere installed on computers. End of life by Symantec, not used in years.
http://nakedsecurity.sophos.com/2014/06/25/carwash-pos-systems-hacked-credit-card-data-drained/
Tips for Protecting Point of Sale (POS) systems
http://www.lexology.com/library/detail.aspx?g=edac3d96-7d0a-4d70-87b1-966ba3fcc5c7
Small business & mobile POS
http://www.smallbusinesscomputing.com/biztools/small-business-mobile-point-of-sale-systems-the-pros-cons.html
Protecting POS systems
http://www.darkreading.com/attacks-breaches/tech-insight-defending-point-of-sale-systems/d/d-id/1141214?
Talent in Hacking, Not Security
http://wallstcheatsheet.com/technology/cyber-crime-why-is-all-the-talent-in-hacking-and-not-in-security.html/?a=viewall
Car Washes had PC Anywhere installed on computers. End of life by Symantec, not used in years.
http://nakedsecurity.sophos.com/2014/06/25/carwash-pos-systems-hacked-credit-card-data-drained/
Tips for Protecting Point of Sale (POS) systems
http://www.lexology.com/library/detail.aspx?g=edac3d96-7d0a-4d70-87b1-966ba3fcc5c7
Small business & mobile POS
http://www.smallbusinesscomputing.com/biztools/small-business-mobile-point-of-sale-systems-the-pros-cons.html
Protecting POS systems
http://www.darkreading.com/attacks-breaches/tech-insight-defending-point-of-sale-systems/d/d-id/1141214?
VLANs vs Subnets
http://websitenotebook.blogspot.com/2014/06/vlans-vs-subnets.html?m=1
PCI is not enough, POS Malware kits, warnings and auditing software ignored or shut off
http://www.computing.co.uk/ctg/feature/2348267/too-open-for-business
FBI warns of more retail attacks
http://www.reuters.com/article/2014/01/23/us-target-databreach-fbi-idUSBREA0M1UF20140123
Hackers that wrote the malware
http://www.startribune.com/business/243125731.html#ZMDJ1wAuHohOSl87.97
Memory scraping malware
http://www.csoonline.com/article/2359441/data-protection/criminals-seeking-more-buyers-with-all-in-one-malware.html
http://www.darkreading.com/attacks-and-breaches/target-breach-8-facts-on-memory-scraping-malware/d/d-id/1113440
http://nakedsecurity.sophos.com/2013/07/16/a-look-at-point-of-sale-ram-scraper-malware-and-how-it-works/
http://threatpost.com/ram-scraper-malware-a-threat-to-point-of-sale-systems
http://volatility-labs.blogspot.com/2014/01/comparing-dexter-and-blackpos-target.html
PCI is not enough, POS Malware kits, warnings and auditing software ignored or shut off
http://www.computing.co.uk/ctg/feature/2348267/too-open-for-business
FBI warns of more retail attacks
http://www.reuters.com/article/2014/01/23/us-target-databreach-fbi-idUSBREA0M1UF20140123
Hackers that wrote the malware
http://www.startribune.com/business/243125731.html#ZMDJ1wAuHohOSl87.97
Memory scraping malware
http://www.csoonline.com/article/2359441/data-protection/criminals-seeking-more-buyers-with-all-in-one-malware.html
http://www.darkreading.com/attacks-and-breaches/target-breach-8-facts-on-memory-scraping-malware/d/d-id/1113440
http://nakedsecurity.sophos.com/2013/07/16/a-look-at-point-of-sale-ram-scraper-malware-and-how-it-works/
http://threatpost.com/ram-scraper-malware-a-threat-to-point-of-sale-systems
http://volatility-labs.blogspot.com/2014/01/comparing-dexter-and-blackpos-target.html
POS security:
Net diagram - hunch
Subscribe to:
Posts (Atom)