point of sale

(get it in RSS or Atom)

Trump Hotel chain investigates potential payment card breach

Trump Hotel Properties investigates breach claims

Credit card hackers are said to have targeted a number of hotels, possibly as far back as February 2015.

Retailers are "overconfident" about their security, majority have fundamental gaps

Checkout. Image courtesy of Shutterstock.

Happy holidays! Lots of us are shopping away, but a new report finds that retailers aren't doing enough to keep impish cyber crooks out of our business.

It's only logical - the BIGGER the bank, the BIGGER the breach! 60 Sec Security [VIDEO]

Here's the latest 60 Second Security for your viewing pleasure.

News, advice, opinion and research - and it only takes a minute...

Point-of-Sale vendor loses password, causes breaches at 324 US restaurants

In its own words, a US point-of-sale vendor "acts to Block Payment Card Security Incident."

Bit late for the 324 restaurants that were breached for between 3 days and 3 months in the incident...

Home Depot says, "Er, yes, we did have a breach actually"‏

Home Depot

Just how big and bad it will turn out to be is still unknown...all we know so far is that Home Depot has officially confirmed that, yes, there was indeed a breach.

SSCC161 - What do you mean, "Trade him for Edward Snowden"? [PODCAST]

Here's the latest Chet Chat security podcast!

Sophos experts Chester Wisniewski and Paul Ducklin once again turn plain old news into advice you can use.

US won't release Russian MP's son being held on PoS hacking charges

US won't release Russian MP's son being held on PoS hacking charges

A US federal court has refused to release Roman Seleznev, arrested in the Maldives under suspicion of rigging retail PoS systems to rip off credit card details. Prosecutors say he was caught with over 2 million stolen cards on his laptop and that he'd been searching the US federal court electronic filing system for charges against him.

SSCC 159 - What can we learn from the "honeybot"? [PODCAST]

For your listening pleasure!

Here's this week's episode of the Sophos Security Chet Chat podcast...

Bad passwords on PoS terminals lead to card stealing Backoff malware


This time the crooks are distributing their point-of-sale malware through remote control applications like Microsoft's RDP. No exploits, no social engineering, just good, old-fashioned password guessing.

SSCC 155 - cybercrime bust, cloud laws, phishing and malware back from extinction [PODCAST]

In this episode, Sophos experts John Shier and Paul Ducklin tackle the week's interesting security stories.

John and Duck get stuck into: a high-profile cybercrime arrest; how mainstream brands help phishers; and why macro malware is making a comeback.

US arrests Russian MP's son for PoS hacking; Russia calls it kidnapping

US arrests Russian MP's son for PoS hacking; Russia calls it kidnapping

The Russian man's father conjectures that, for all he knows, this may be a ploy for the US to get bait to exchange for Snowden.

Remote access breach via POS system sparks yet more consumer data leak fears

Remote access breach via POS system sparks yet more consumer data leak fears

A US supplier of point-of-sale (POS) equipment has informed its clients of a security breach in the remote access system it uses to log into clients' networks, meaning hackers could have used the system to steal payment data.

Credit and debit card fraud targets US hotel guests

PoS breaches target US hotel guests

White Lodging runs businesses such as gift shops and restaurants within big US hotel brands. Guests at one of those hotel brands, Marriott, are advised to check their card statements following the discovery of a 9-month-long card suctioning operation.

Target says hackers got in by using a vendor's credentials

Target says hackers got in through a vendor

The company has reportedly shut down remote access to at least two internal systems: one for HR and one for suppliers. And yes, the DOJ is investigating this, one of the biggest breaches of all time.

FBI warns of crimewave hitting cash registers

FBI warns of crimewave hitting cash registers

The US Federal Bureau of Investigations (FBI) has warned retailers to harden their defences against cyber-heists - particularly those that latch onto credit card details from shoppers

Europol and Canadian cops round up POS terminal tampering gang

Europol and Canadian cops round up POS terminal tampering gang

Pan-European law enforcement agency Europol has announced the take-down of a global gang of cybercrooks thought to be responsible for compromising POS terminals in Europe and North America, netting 30,000 sets of card details.

Cybercrooks can buy hacked POS device and money-laundering bundle for $2,000

PoS breaches target US hotel guests

The bundles are one-stop shops for point of sale fraud, including a rigged reader, a network of grey merchants who'll transform ill-gotten goods into cash, and various purchase options. The only missing ingredient: a larcenous waiter or store clerk.

Monday review - the hot 21 stories of the week

Monday review

Catch up with everything we've written in the last seven days - it's weekly roundup time.

Small businesses beware! Point-of-sale malware is after you


Malware targeting point-of-sale (POS) systems has been a major trend for the last six months. With easy pickings to be had from mom-and-pop shops, this pattern is only going to grow until people start fighting back with better system security, and ideally better payment card systems.

Virus Bulletin's Technical Director John Hawes takes a look....

California duo charged with selling ready-to-hack Point-of-Sale systems to Subway branches

A pair of former Subway franchisees from California have been charged with cyberfraud against their former fellows.

The DoJ alleges they sold pre-compromised PoS systems that allowed them to plunder gift card credits from afar...