Spearphishing Compromises Point of Sale Systems

FireEye has discovered how the point of sale systems of over 100 North American retail, restaurant and hospitality organizations were compromised. These compromised exposed payment card data to bad guys. In its report, Threat Actor Leverages Windows Zero-day Exploit in Payment Card Data Attacks, FireEye describes in great detail how two zero day exploits are used to steal the payment data.  The first exploit allows the attacker to escalate the attacker's system privileges. The second exploit allows the bad guy to steal data out of the memory of Point of Sale (POS) systems. In order for these new exploits to do anything, the [...]

2017-01-07T17:35:09+00:00 May 20th, 2016|Cybersecurity - General, SP Guard, spear phishing|