Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Target Compromised Via Its HVAC Contractor's Network Credentials
Newest First  |  Oldest First  |  Threaded View
shjacks55
50%
50%
shjacks55,
User Rank: Apprentice
3/7/2014 | 5:20:04 AM
re: Target Compromised Via Its HVAC Contractor's Network Credentials
Fazio wasn't involved in Nieman Marcus exploit. The skeptic in me sees Fazio as misdirection "bread crumbs".
shjacks55
50%
50%
shjacks55,
User Rank: Apprentice
3/7/2014 | 5:18:33 AM
re: Target Compromised Via Its HVAC Contractor's Network Credentials
All the major retailer use Software Automation to push updates from the corporate data center to the individual store servers to the POS equipment. Although many block ports (e.g. 3389), the ability of the corporate data center to manage machines remotely always allows access. Corporations (run by managers) place more emphasis on loss prevention by low level employees and customers than the great magnifying effect of errors by upper management.
cyannella
50%
50%
cyannella,
User Rank: Apprentice
2/13/2014 | 10:06:38 PM
re: Target Compromised Via Its HVAC Contractor's Network Credentials
Anyone at Target ever hear of vlans? Lets just put the entire stores networked devices on one connected switch said no one ever. Probably had the hvac, lrt's, pdt's, registers, workstations, store servers all on one network. Dumb. AP's camera systems are probably all tied in there too. Dumb.
AccessServices
50%
50%
AccessServices,
User Rank: Apprentice
2/10/2014 | 7:34:40 PM
re: Target Compromised Via Its HVAC Contractor's Network Credentials
I agree with problem identified with putting chips in credit cards. Has anyone thought about using PKI from the card to the bank? So my card has a pubic and private certificate inside of it. I would connect the card to the merchant's reader where an encrypted tunnel would be built between the reader and the bank. The PAN and PIN would be sent over this tunnel encrypted. The merchant would only see a response from the bank that the transaction was approved. The only audit would be on the readers. This model breaks down for online purchases where card holders could either purchase home readers or banks would use cell phones or email for two factor authentication.


News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-32094
PUBLISHED: 2021-05-07
U.S. National Security Agency (NSA) Emissary 5.9.0 allows an authenticated user to upload arbitrary files.
CVE-2021-32095
PUBLISHED: 2021-05-07
U.S. National Security Agency (NSA) Emissary 5.9.0 allows an authenticated user to delete arbitrary files.
CVE-2021-32096
PUBLISHED: 2021-05-07
The ConsoleAction component of U.S. National Security Agency (NSA) Emissary 5.9.0 allows a CSRF attack that results in injecting arbitrary Ruby code (for an eval call) via the CONSOLE_COMMAND_STRING parameter.
CVE-2021-32098
PUBLISHED: 2021-05-07
Artica Pandora FMS 742 allows unauthenticated attackers to perform Phar deserialization.
CVE-2021-32099
PUBLISHED: 2021-05-07
A SQL injection vulnerability in the pandora_console component of Artica Pandora FMS 742 allows an unauthenticated attacker to upgrade his unprivileged session via the /include/chart_generator.php session_id parameter, leading to a login bypass.