Sunday, June 29, 2014

Target Breach and releated POS Breach Articles

Articles about the target breach:


Number of cards updated to 70 million


Missed alerts:

Human considerations:

Federal lawsuit

Removal of corporate officers:

CISO should report to CEO

Target CEO Resignation Due To Security Issues

Cards Sold on Black Market

Started with an Email attack against HVAC vendor

Ward Off POS Attacks

Chip Cards to Prevent Credit Card Information Loss

Talent in Hacking, Not Security

EMV (Chip and Pin) credit cards alone cannot protect data

Car Washes had PC Anywhere installed on computers. End of life by Symantec, not used in years.

Tips for Protecting Point of Sale (POS) systems

Small business & mobile POS

Protecting POS systems

Separate VLANs

VLANs vs Subnets

PCI is not enough, POS Malware kits, warnings and auditing software ignored or shut off

FBI warns of more retail attacks

Hackers that wrote the malware

Memory scraping malware











PCI Compliance                                                                                                          




Joined Financial Information Sharing Center


What has done to prevent


Waiting for a major problem before taking action:


Chip and Pin Solution




Attacks on key employees


VLANs vs Subnets


POS security:



Net diagram - hunch