Target Breach: 5 Unanswered Security Questions

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

<< < Page 2 / 2

50%

rradina,
User Rank: Apprentice
1/22/2014 | 8:47:46 PM

Re: PIN numbers

Based soley on how the RAM scraping works, stealing the PIN codes is certainly possible if they were transmitted from the pin pad to an infected system. I too read they were encrypted but I don't know if that was fact or damage control to prevent panic.

I don't know if we would know by now. The criminals could be waiting for a future opportunity. Right now this is highly publicized. If I had millions of valid cards, I'd would think using them in an "Office Space" manner (Superman 2, Richard Pryor stealing fractional pennies) would be lucrative and potentially repeatable for a long duration. Better to stay below the radar by adding a $5.13 charge from Starbuks (pun intended) to millions of accounts...

Reply | Post Message | Messages List | Start a Board

50%

Shane M. O'Neill,
User Rank: Apprentice
1/22/2014 | 6:30:04 PM

PIN numbers

I'm curious about PIN numbers for debit cards. Target said PIN numbers were taken in the breach, but that the numbers were encrypted. And that claim has not backfired as far as I know.

Do we know if encrypted PIN numbers can be accessed when BlackPOS malware is running on the POS device and/or the payment servers? I guess if stolen PIN numbers were being exploited we would know by now.

Reply | Post Message | Messages List | Start a Board

50%

rradina,
User Rank: Apprentice
1/22/2014 | 4:23:17 PM

Exploiting Payment Servers vs. POS Controllers

"Exploited payment servers not POS systems, not store controllers running Windows..."

Isn't BlackPOS Windows malware? At least I thought it was. Perhaps I'm mistaken. If it is Windows malware, what difference does it make that they didn't compromise POS systems or store controllers running Windows? Either way they still compromised Windows.

I guess it's probably worse if they compromised payment servers since by design, they should be even more critically protected than an individual POS as they are a much higher value target.

Reply | Post Message | Messages List | Start a Board

<< < Page 2 / 2

Hot Topics

Editors' Choice

COVID-19: Latest Security News & Commentary

Dark Reading Staff 5/27/2020

The Problem with Artificial Intelligence in Security

Dr. Leila Powell, Lead Security Data Scientist, Panaseer, 5/26/2020

How an Industry Consortium Can Reinvent Security Solution Testing

Henry Harrison, Co-founder & Chief Technology Officer, Garrison, 5/21/2020

Webinars

IT Automation: Scaling to the Future

How Secure is Your Azure Cloud Security Environment?

Thinking Like an Attacker: Strategies for Defense

Webinar Archives

White Papers

3 Reasons Why Your Remote Workforce is Vulnerable

Security Intelligence: Driving Security From Analytics to Action

Global Application and Network Security Report

2020 Security Trends to Watch

How Cybersecurity Incident Response Programs Work (and Why Some Don't)

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: I read online that Anthrax kills Coronavirus, so I made my own spray. Hope you don't mind.

Cartoon Archive

Current Issue

How Cybersecurity Incident Response Programs Work (and Why Some Don't)

This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

State of Endpoint Security: How Enterprises Are Managing Endpoint Security Threats

Download this report to find out what organizations are doing to secure their endpoints and to protect themselves against malware, hackers, and social engineering attacks.

Download Now!

State of Cybersecurity Incident Response

0 comments

How Enterprises Are Developing and Maintaining Secure Applications

0 comments

How Enterprises are Attacking the Cybersecurity Problem

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-11059
PUBLISHED: 2020-05-27

In AEgir greater than or equal to 21.7.0 and less than 21.10.1, aegir publish and aegir build may leak secrets from environment variables in the browser bundle published to npm. This has been fixed in 21.10.1.

CVE-2020-10936
PUBLISHED: 2020-05-27

Sympa before 6.2.56 allows privilege escalation.

CVE-2020-6774
PUBLISHED: 2020-05-27

Improper Access Control in the Kiosk Mode functionality of Bosch Recording Station allows a local unauthenticated attacker to escape from the Kiosk Mode and access the underlying operating system.

CVE-2020-13633
PUBLISHED: 2020-05-27

Fork before 5.8.3 allows XSS via navigation_title or title.

CVE-2020-10945
PUBLISHED: 2020-05-27

Centreon before 19.10.7 exposes Session IDs in server responses.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]