[Noisebridge-discuss] Target's data breach.

Norman Bradley pryankster at gmail.com
Mon Jan 13 14:13:51 UTC 2014


The data breach at Target stores is getting more and more interesting. 
What is coming out is that they were following the industry standards 
for encryption and data security. Some how the bad guys managed to get a 
"RAM Scraper" between the device that you slide your card through and 
the register where the data is encrypted. This had the effect of setting 
up all of their PoS registers as a specialized bot-net.

Just on the news Target has joined Abode and Sony in the 100 million 
plus club.

Sophos has a couple of articles on the situation:

http://nakedsecurity.sophos.com/2014/01/13/target-admits-there-was-malware-on-our-point-of-sale-registers/
and
http://nakedsecurity.sophos.com/2013/07/16/a-look-at-point-of-sale-ram-scraper-malware-and-how-it-works/

-- 
You are entitled to your own opinion.
You are NOT entitled to your own facts.

Norman



More information about the Noisebridge-discuss mailing list