More news and details out on the Target Breach…and even more POS malware attacks go public…
- ForSec News SuperPost - GSD post that covers the initial Target breach news.
- POS attack - a bit more now known - GSD post that went into more detail.
- Target not the only one wearing a target apparently… - One’s company, two is a crowd, and even more mean an industry-wide issue.
So new this week:
- New Clues in the Target Breach — Krebs on Security
- Target Hackers Broke in Via HVAC Company — Krebs on Security
- Email Attack on Vendor Set Up Breach at Target — Krebs on Security
- Target hackers may have exploited backdoor in widely used server software - Ars Technica
- Target traces security breach to stolen vendor credentials - ZDNet
- How hackers stole millions of credit card records from Target - ZDNet
…and it just continues like wildfire for others…
- Hotel Franchise Firm White Lodging Investigates Breach — Krebs on Security
- RSA Uncovers New POS Malware Operation Stealing Payment Card & Personal Information - Speaking of Security - The RSA Blog and Podcast
- More card-stealing malware found - ZDNet
Some technical details for the curious…
- Meet “ChewBacca,” the point-of-sale malware that infected dozens of retailers - Ars Technica
- These Guys Battled BlackPOS at a Retailer — Krebs on Security
- What the future of purchasing might look like - Malwarebytes Unpacked
- Payments experts assure Senate that swipe-and-sign cards will disappear in 2015 - Ars Technica
…and with some “perspective” tossed in for dessert.