POS

(get it in RSS or Atom)

SSCC161 - What do you mean, "Trade him for Edward Snowden"? [PODCAST]

chet-chat-logo-featured-250

Here's the latest Chet Chat security podcast!

Sophos experts Chester Wisniewski and Paul Ducklin once again turn plain old news into advice you can use.

The data breach apocalypse that wasn't - 60 Sec Security [VIDEO]

60ss-video-250

Malware, spam and hacking - and not all bad news, either!

Watch 60 Second Security for Aug 9, 2014...

SSCC 159 - What can we learn from the "honeybot"? [PODCAST]

chet-chat-logo-featured-250

For your listening pleasure!

Here's this week's episode of the Sophos Security Chet Chat podcast...

Bad passwords on PoS terminals lead to card stealing Backoff malware

MS-RDP250

This time the crooks are distributing their point-of-sale malware through remote control applications like Microsoft's RDP. No exploits, no social engineering, just good, old-fashioned password guessing.

Monday review - the hot 22 stories of the week

dow-250

It's weekly roundup time!

Here's all the great stuff we've written in the past seven days.

Remote access breach via POS system sparks yet more consumer data leak fears

Remote access breach via POS system sparks yet more consumer data leak fears

A US supplier of point-of-sale (POS) equipment has informed its clients of a security breach in the remote access system it uses to log into clients' networks, meaning hackers could have used the system to steal payment data.

Carwash POS systems hacked, credit card data drained

Carwash POS systems hacked, credit card data drained

Police in the US state of Massachusetts have busted what they say is a gang of thieves who were buying stolen credit cards and using them to buy gift cards that were then sometimes exhausted of their balance, washed clean of data and reloaded with more stolen credit card data.

Data-drained Target hurries to adopt chip-and-PIN cards

Data-drained Target hurries to adopt chip-and-PIN cards

The US has been dragging its heels on the expensive, laborious task of swapping its payment infrastructure for the more secure chip-and-PIN security used abroad. Still smarting from recent data theft, Target's now apparently leading the way, promising the new cards in 2015.

Target missed multiple warnings that credit card data breach was underway

Target logo

Target's sophisticated security system went on full alert after detecting malware on the company’s network on 30 November last year and could have prevented the theft of 40 million credit and debit card numbers a few days later, according to a new report.

Target told to carry out security review just months before breach

Target was warned of payment system vulnerabilities before data breach

Former employees and others familiar with the breach investigation said at least one analyst recommended a thorough security review prior to Target's upgrading its payment system. Did the review actually happen, or was it lost in the cacophony of warnings security teams and government agencies constantly put forth?

Credit and debit card fraud targets US hotel guests

PoS breaches target US hotel guests

White Lodging runs businesses such as gift shops and restaurants within big US hotel brands. Guests at one of those hotel brands, Marriott, are advised to check their card statements following the discovery of a 9-month-long card suctioning operation.

Craft store Michaels faces second credit card compromise in 3 years

Michaels-250

The largest craft supply store in North America, Michaels, has indicated it may be the latest retail company to have credit cards compromised in a large scale malware attack.

Europol and Canadian cops round up POS terminal tampering gang

Europol and Canadian cops round up POS terminal tampering gang

Pan-European law enforcement agency Europol has announced the take-down of a global gang of cybercrooks thought to be responsible for compromising POS terminals in Europe and North America, netting 30,000 sets of card details.

NASA hack blunder, doxer jailed, PAYE cybercrime, $20k iPhone prize - 60 Sec Security [VIDEO]

2013-09-21-gummibear-250

Why did Brazilian hackers target NASA? What happens to doxers? How much does it cost to get started in card skimming? And how much is a copy of your fingerprint worth?

Watch 60 Second Security and find out!

Cybercrooks can buy hacked POS device and money-laundering bundle for $2,000

PoS breaches target US hotel guests

The bundles are one-stop shops for point of sale fraud, including a rigged reader, a network of grey merchants who'll transform ill-gotten goods into cash, and various purchase options. The only missing ingredient: a larcenous waiter or store clerk.

Monday review - the hot 21 stories of the week

Monday review - the hot stories of the week

It's weekly roundup time. Here's all the great stuff we've written in the past seven days.

California duo charged with selling ready-to-hack Point-of-Sale systems to Subway branches

A pair of former Subway franchisees from California have been charged with cyberfraud against their former fellows.

The DoJ alleges they sold pre-compromised PoS systems that allowed them to plunder gift card credits from afar...

Point-of-Sale malware attacks – crooks expand their reach, no business too small

pos-device-250

SophosLabs has been tracking a set of incidents involving Point-of-Sale malware.

The crooks have added a few tricks over the last 15 months.

Find out what's new, and why no business can "fly under the radar" of cybercrime...

Point of sale devices and Canadian banks targeted by Citadel malware variant

Point of sale devices and Canadian banks targeted by Citadel malware variant

A new variant of the prevalent Citadel crimeware kit has been discovered to target Point of Sale (POS) devices. Find out more, in this analysis from SophosLabs expert James Wyke.

Thieves rig Barnes & Noble PIN pads to steal credit card data

Thieves rig Barnes & Noble PIN pads to steal credit card data

Hackers tampered with point-of-sale terminals at 63 bookstores to hijack customers' credit card and PIN information.

Keep an eye on your statements and watch for unauthorised transactions.