Forgot your password?
typodupeerror
Security

Target Confirms Point-of-Sale Malware Was Used In Attack 250

Posted by samzenpus
from the weapon-of-choice dept.
wiredmikey writes "According to Target Chairman and CEO Gregg Steinhafel, point-of-sale (POS) malware was used in the recent attack that compromised millions of credit and debit card account numbers of customers across the country. Steinfhafel told CNBC's Becky Quick in an interview that malware was used in attacks that compromised the company's point of sale registers. According to a report from Reuters, Target and Neiman Marcus may not be alone, as other popular U.S. retailers may have been breached during the busy the holiday shopping season. According sources who spoke to Reuters, attackers used RAM scraper, or Memory parser malware to steal sensitive data from Target and other retail victims. Visa issued alerts about attacks utilizing these types of malware in April 2013 and again in August 2013. Memory parser malware targets payment card data being processed 'in the clear' (unencrypted) in a system's random access memory (RAM). 'The malware is configured to hook into a payment application binary responsible for processing payment transactions and extracts the systems memory for full track data,' Visa explained in a security advisory."

Comment: Passwords are intened to keep people out (Score 1) 599

by teknosapien (#45347551) Attached to: Withhold Passwords From Your Employer, Go To Jail?

As was stated - The new employee was not that technically savvy,according to Childs - so what would cause more damage, giving the password to a person that probably has no clue as to what they are doing and with root access to all of your systems(remembering that these are 911 systems that at the time were working) - or vetting the person out and ensuring that they understood how the system worked.

As for a private company, My CIO asked for the admin password for our systems, once - I refused based on his qualifications - we passed our SOX security audit.

An important thing to remember that security audits also include social networking - so holding out for the mayor to release the passwords to him, in my estimation was the correct thing to do.

Comment: So like slashdotters to miss the point (Score 1) 204

by teknosapien (#43890141) Attached to: WY Teen Cut From Science Fair For Entering Too Many

I believe that the point is that this kid is so into science that he was penalized for actually using his mind and entering science fairs. A lot of them. Guess they think he should be on the street corner selling or doing drugs instead

I wonder if this is the same brilliant kid that gave the Ted talk a while ago on a break through of nuke tech

You are always doing something marginal when the boss drops by your desk.

Working...