A major vendor of point-of-sale terminals has not changed the default passwords used on its devices in a quarter of a century, researchers have revealed at RSA 2015.
More than a thousand U.S. businesses have been affected by point-of-sale malware – malicious software written specifically for online fraud, to steal information such as credit card details from businesses and their customers.
New malware targeting point of sale (PoS) systems, detected by ESET as Win32/Spy.Agent.OKG is described in a warning and analysis distributed by US-CERT, a reminder to increase security around PoS access.
Read how to protect yourself if you’ve been shopping with credit or debit cards (and who hasn’t?). As the scope of the latest cyber crime spree expands beyond Target and Neiman Marcus, malicious software is suspected.
Further to an earlier blog about the "broken" Chip & PIN credit card security system (strictly speaking, the primary problem described is with EMV), it's noticeable that, as John Leyden puts it, "Industry groups [have] leap[t] to Chip and PIN's defence." In fact, the response has been a bit more mixed than that. But there
[Update: added some extra links at http://avien.net/blog/?p=422] Here, so to speak, is a bit of hot potato*. Flippancy notwithstanding, this isn't really funny. For several years now, Brits have enjoyed a banking card system called chip and PIN, a simple form of two-factor authentication for in-person credit and debit card transactions. In countries where the