[Noisebridge-discuss] Target's data breach.
Norman Bradley
pryankster at gmail.com
Mon Jan 13 14:13:51 UTC 2014
The data breach at Target stores is getting more and more interesting.
What is coming out is that they were following the industry standards
for encryption and data security. Some how the bad guys managed to get a
"RAM Scraper" between the device that you slide your card through and
the register where the data is encrypted. This had the effect of setting
up all of their PoS registers as a specialized bot-net.
Just on the news Target has joined Abode and Sony in the 100 million
plus club.
Sophos has a couple of articles on the situation:
http://nakedsecurity.sophos.com/2014/01/13/target-admits-there-was-malware-on-our-point-of-sale-registers/
and
http://nakedsecurity.sophos.com/2013/07/16/a-look-at-point-of-sale-ram-scraper-malware-and-how-it-works/
--
You are entitled to your own opinion.
You are NOT entitled to your own facts.
Norman
More information about the Noisebridge-discuss
mailing list