![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
thewayneThe only good thing to say is that it appears that they have done the sensible thing of isolating their corporate network from their payment terminal network. The penetration happened approximately six months ago but was just detected in January. They're in the process of investigating and cleaning up their act.
Target, when they were hacked a few years ago, had not separated their network. Testers were able to access 2,000 cash registers by compromising a digital scale at a deli counter.
The sad thing is that almost all initial infections that lead to these breaches can be avoided by one thing: do not give users administrator access to their computers! There is no good reason why they should, and if you have software that requires admin to run, then you need to hold the vendor's feet to the fire and force them to fix their bad code so it does not!
The other is for Microsoft to get off their butt and fix their stupid macro system! Macros hidden in Word document and Excel spreadsheets is how most of these infections get started. This article has an excellent example: email received by a hotel that says we have a dozen people arriving for a week and this document contains the specifications of the rooms that we need. No hotel is going to hesitate opening a document that promises booking a dozen rooms for multiple days. Apparently the scammers will go to the trouble of creating a web site to add verisimilitude so that the email doesn't arrive from a Gmail account. It all looks above board, so why not open the email?
https://krebsonsecurity.com/2017/03/payments-giant-verifone-investigating-breach/
Target, when they were hacked a few years ago, had not separated their network. Testers were able to access 2,000 cash registers by compromising a digital scale at a deli counter.
The sad thing is that almost all initial infections that lead to these breaches can be avoided by one thing: do not give users administrator access to their computers! There is no good reason why they should, and if you have software that requires admin to run, then you need to hold the vendor's feet to the fire and force them to fix their bad code so it does not!
The other is for Microsoft to get off their butt and fix their stupid macro system! Macros hidden in Word document and Excel spreadsheets is how most of these infections get started. This article has an excellent example: email received by a hotel that says we have a dozen people arriving for a week and this document contains the specifications of the rooms that we need. No hotel is going to hesitate opening a document that promises booking a dozen rooms for multiple days. Apparently the scammers will go to the trouble of creating a web site to add verisimilitude so that the email doesn't arrive from a Gmail account. It all looks above board, so why not open the email?
https://krebsonsecurity.com/2017/03/payments-giant-verifone-investigating-breach/
