Target Breach: 8 Facts On Memory-Scraping Malware

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

50%

MarkSitkowski,
User Rank: Moderator
1/16/2014 | 6:28:29 PM

Target Breach

I posted this against another article, but I think it's important enough to repeat here.

Before the hackers damage another retailer, let me suggest a way of preventing this happening again. The benefit of this solution, originall designed for internet purchasing, is that it saves the credit card companies from having to invest in expensive EMV cards and, as a side benefit, a lost or stolen card will be useless to the thief. Also, very little modification needs to be made to the POS terminal. Further, the customer never sends his credit card details to the retailer, and the retailer's transaction records contain no usable information.
1. Remove all data from the credit card and its magnetic stripe, except for a simple User ID and, perhaps, the expiry date.
2. The credit card company installs a fraudproof authentication system, as described in www.designsim.com.au/What_is_SteelPlatez.ppsx, in its data centre.
3. The customer and retailer have accounts on the authentication system.
4. When the customer needs to make a purchase, he logs in to the authentication system belonging to the appropriate credit card company, giving his user ID and the amount of the purchase.
5. The retailer also logs in to the system, giving his merchant number, or User ID, and the customer's User ID (taken from the POS in use)
6. The credit card company knows the user's card number, so if he's been authenticated, it checks for a match with the retailer's submission.
7. If there's a match, it performs the usual checks for limits, expiry etc, issues an approval, pays the retailer etc.
Simple

Reply | Post Message | Messages List | Start a Board

50%

PaulS681,
User Rank: Apprentice
1/15/2014 | 7:30:13 PM

Re: Another reason...

Interesting concept. Paying with cash would make these POS machines obsolete however hackers would probably focus their efforts on financial institutions and hack you that way. I say that in jest as cards are not going away anytime soon but you make a good point.

Reply | Post Message | Messages List | Start a Board

50%

Mathew,
User Rank: Apprentice
1/15/2014 | 7:11:53 AM

Re: Another reason...

Indeed. The convenience factor of using a debit/credit card would also be offset by having to carefully review one's statement online every 24-48 hours for signs of abuse.

Reply | Post Message | Messages List | Start a Board

50%

Thomas Claburn,
User Rank: Ninja
1/14/2014 | 8:18:24 PM

Another reason...

...to pay with cash. I wonder what the relative risk of being robbed is compared to the risk of being hacked.

Reply | Post Message | Messages List | Start a Board

Hot Topics

Editors' Choice

Why Cyber-Risk Is a C-Suite Issue

Marc Wilczek, Digital Strategist & CIO Advisor, 11/12/2019

Black Hat Q&A: Hacking a '90s Sports Car

Black Hat Staff, , 11/7/2019

The Cold Truth about Cyber Insurance

Chris Kennedy, CISO & VP Customer Success, AttackIQ, 11/7/2019

Live Events

Webinars

[Video] Shaping the Future of IT CIO Lightning Series - Interop19

[Video] An (Ir)rational Approach to Interoperability - Interop19

Get Insights: Cisco vs Microsoft & More at EC20 Orlando

More Informa Tech Live Events

White Papers

Identifying Web Attack Indicators

Getting Started With Emerging Technologies

Modern Applications and Architectures Demand a New Web Application Firewall

4 Ways Developers Can Deliver Better Software Faster

Assessing Cybersecurity Risk in Today's Enterprise

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: I think Bob has taken "Roleplay as an attacker", to a all new high...

Cartoon Archive

Current Issue

7 Threats & Disruptive Forces Changing the Face of Cybersecurity

This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Rethinking Enterprise Data Defense

Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industry’s conventional wisdom. Here’s a look at what they’re thinking about.

Download Now!

Assessing Cybersecurity Risk in Today's Enterprise

0 comments

2019 Online Malware and Threats

0 comments

The State of IT Operations and Cybersecurity Operations

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-18954
PUBLISHED: 2019-11-14

Pomelo v2.2.5 allows external control of critical state data. A malicious user input can corrupt arbitrary methods and attributes in template/game-server/app/servers/connector/handler/entryHandler.js because certain internal attributes can be overwritten via a conflicting name. Hence, a malicious at...

CVE-2019-3640
PUBLISHED: 2019-11-14

Unprotected Transport of Credentials in ePO extension in McAfee Data Loss Prevention 11.x prior to 11.4.0 allows remote attackers with access to the network to collect login details to the LDAP server via the ePO extension not using a secure connection when testing LDAP connectivity.

CVE-2019-3661
PUBLISHED: 2019-11-14

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute database commands via carefully constructed time based payloads.

CVE-2019-3662
PUBLISHED: 2019-11-14

Path Traversal: '/absolute/pathname/here' vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to gain unintended access to files on the system via carefully constructed HTTP requests.

CVE-2019-3663
PUBLISHED: 2019-11-14

Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the system.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]