With the coming holidays also come news of various credit card breaches that endanger the data of many industries and their customers. High-profile breaches, such as that of the Hilton Hotel and other similar establishments, were accomplished using point-of-sale (PoS) malware, leading many to fear digital threats on brick-and-mortar retailers this Thanksgiving, Black Friday, Cyber…
Read MoreJay Yaneza
Threats Analyst
We discovered GamaPoS, a new breed of point-of-sale (PoS) threat currently spreading across the United States and Canada through the Andromeda botnet. GamaPoS is the latest in a long list of threats that scrape off credit card data from PoS systems. Compared to its predecessors, GamaPoS uses malware coded using the .NET framework—a first in PoS…
Read MoreWe first discovered MalumPoS, a new attack tool that threat actors can reconfigure to breach any PoS system they wish to target. Currently, it is designed to collect data from PoS systems running on Oracle® MICROS®, a platform popularly used in the hospitality, food and beverage, and retail industries. Oracle claims that MICROS is used in…
Read MoreProper network segmentation is the most critical proactive step in protecting networks against targeted attacks. It is also important for organization to properly identify and categorize their own users and the networks they access. This is an important task as it allows an administrator to properly segment both user privileges and network traffic. Some users will…
Read MoreIn the first part of this series, we discussed about the macro malware we have recently seen in the threat landscape. This second entry will delve deeper into the techniques or routines of macro malware. Unintended consequences Let us put things into perspective – by itself, macros are not harmful to the user. Its intended function is…
Read More