point of sale

(get it in RSS or Atom)

Home Depot says, "Er, yes, we did have a breach actually"‏

Home Depot

Just how big and bad it will turn out to be is still unknown...all we know so far is that Home Depot has officially confirmed that, yes, there was indeed a breach.

SSCC161 - What do you mean, "Trade him for Edward Snowden"? [PODCAST]

chet-chat-logo-featured-250

Here's the latest Chet Chat security podcast!

Sophos experts Chester Wisniewski and Paul Ducklin once again turn plain old news into advice you can use.

US won't release Russian MP's son being held on PoS hacking charges

US won't release Russian MP's son being held on PoS hacking charges

A US federal court has refused to release Roman Seleznev, arrested in the Maldives under suspicion of rigging retail PoS systems to rip off credit card details. Prosecutors say he was caught with over 2 million stolen cards on his laptop and that he'd been searching the US federal court electronic filing system for charges against him.

SSCC 159 - What can we learn from the "honeybot"? [PODCAST]

chet-chat-logo-featured-250

For your listening pleasure!

Here's this week's episode of the Sophos Security Chet Chat podcast...

Bad passwords on PoS terminals lead to card stealing Backoff malware

MS-RDP250

This time the crooks are distributing their point-of-sale malware through remote control applications like Microsoft's RDP. No exploits, no social engineering, just good, old-fashioned password guessing.

SSCC 155 - cybercrime bust, cloud laws, phishing and malware back from extinction [PODCAST]

chet-chat-logo-featured-250

In this episode, Sophos experts John Shier and Paul Ducklin tackle the week's interesting security stories.

John and Duck get stuck into: a high-profile cybercrime arrest; how mainstream brands help phishers; and why macro malware is making a comeback.

US arrests Russian MP's son for PoS hacking; Russia calls it kidnapping

US arrests Russian MP's son for PoS hacking; Russia calls it kidnapping

The Russian man's father conjectures that, for all he knows, this may be a ploy for the US to get bait to exchange for Snowden.

Remote access breach via POS system sparks yet more consumer data leak fears

Remote access breach via POS system sparks yet more consumer data leak fears

A US supplier of point-of-sale (POS) equipment has informed its clients of a security breach in the remote access system it uses to log into clients' networks, meaning hackers could have used the system to steal payment data.

Credit and debit card fraud targets US hotel guests

PoS breaches target US hotel guests

White Lodging runs businesses such as gift shops and restaurants within big US hotel brands. Guests at one of those hotel brands, Marriott, are advised to check their card statements following the discovery of a 9-month-long card suctioning operation.

Target says hackers got in by using a vendor's credentials

Target says hackers got in through a vendor

The company has reportedly shut down remote access to at least two internal systems: one for HR and one for suppliers. And yes, the DOJ is investigating this, one of the biggest breaches of all time.

FBI warns of crimewave hitting cash registers

FBI warns of crimewave hitting cash registers

The US Federal Bureau of Investigations (FBI) has warned retailers to harden their defences against cyber-heists - particularly those that latch onto credit card details from shoppers

Europol and Canadian cops round up POS terminal tampering gang

Europol and Canadian cops round up POS terminal tampering gang

Pan-European law enforcement agency Europol has announced the take-down of a global gang of cybercrooks thought to be responsible for compromising POS terminals in Europe and North America, netting 30,000 sets of card details.

Cybercrooks can buy hacked POS device and money-laundering bundle for $2,000

PoS breaches target US hotel guests

The bundles are one-stop shops for point of sale fraud, including a rigged reader, a network of grey merchants who'll transform ill-gotten goods into cash, and various purchase options. The only missing ingredient: a larcenous waiter or store clerk.

Monday review - the hot 21 stories of the week

Monday review

Catch up with everything we've written in the last seven days - it's weekly roundup time.

Small businesses beware! Point-of-sale malware is after you

shopping_lady_250

Malware targeting point-of-sale (POS) systems has been a major trend for the last six months. With easy pickings to be had from mom-and-pop shops, this pattern is only going to grow until people start fighting back with better system security, and ideally better payment card systems.

Virus Bulletin's Technical Director John Hawes takes a look....

California duo charged with selling ready-to-hack Point-of-Sale systems to Subway branches

A pair of former Subway franchisees from California have been charged with cyberfraud against their former fellows.

The DoJ alleges they sold pre-compromised PoS systems that allowed them to plunder gift card credits from afar...

Point-of-Sale malware attacks – crooks expand their reach, no business too small

pos-device-250

SophosLabs has been tracking a set of incidents involving Point-of-Sale malware.

The crooks have added a few tricks over the last 15 months.

Find out what's new, and why no business can "fly under the radar" of cybercrime...

Point of sale devices and Canadian banks targeted by Citadel malware variant

Point of sale devices and Canadian banks targeted by Citadel malware variant

A new variant of the prevalent Citadel crimeware kit has been discovered to target Point of Sale (POS) devices. Find out more, in this analysis from SophosLabs expert James Wyke.

Thieves rig Barnes & Noble PIN pads to steal credit card data

Thieves rig Barnes & Noble PIN pads to steal credit card data

Hackers tampered with point-of-sale terminals at 63 bookstores to hijack customers' credit card and PIN information.

Keep an eye on your statements and watch for unauthorised transactions.

Men plead guilty to $10 million Subway restaurant hack

Men plead guilty to $10 million Subway restaurant hack

Two men have pleaded guilty to their part in a multi-million dollar scheme which saw the point-of-sale computers of hundreds of Subway restaurant stores hacked into, and the details of customers' payment cards stolen.