[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Retailers warned to act now to protect against Backoff malware
From: InfoSec News <alerts () infosecnews ! org>
Date: 2014-08-28 7:54:23
Message-ID: alpine.DEB.2.02.1408280754100.26558 () infosecnews ! org
[Download RAW message or body]
http://www.computerworld.com/article/2599724/data-security/retailers-warned-to-act-now-to-protect-against-backoff-malware.html
By Jaikumar Vijayan
Computerworld
Aug 27, 2014
The Payment Card Industry Security Standards Council on Wednesday issued a
bulletin urging retailers to immediately review their security controls to
ensure point-of-sale systems are protected against "Backoff," a malware
tool that was used in the massive data theft at retailer Target last year.
The bulletin instructed all covered entities to update their antivirus
suites and to change default and staff passwords controlling access to key
payment systems and applications.
The council, which is responsible for administering the PCI security
standard, also urged merchants to inspect system logs for strange or
unexplained activity, especially those involving transfers of large data
sets to unknown locations.
"The PCI Council additionally recommends that merchants consider
implementing PCI-approved point-of-interaction (POI) devices" for
encrypting credit and debit card data as the card is swiped or dipped into
a payment terminal. Merchants should also consider deploying
point-to-point encryption technologies to ensure that card data remains
protected until received by a secure decryption facility, the advisory
noted.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic