A critical vulnerability in applications made by software giant SAP could affect up to 40,000 SAP customers, offering a pathway for hackers to remotely steal or alter data, researchers warned Tuesday. … The software flaw “could have a significant impact on financial systems or other critical areas of an organization,” said Tony Cole, CTO of …
Attivo issued a report today detailing severe vulnerabilities in the nation’s POS systems that could lead to large breaches during the Holiday shopping period and on into next year. The report, based on primary research, shows how attackers are moving laterally undetected through networks, compromising asset management servers and then using them to plant malware on POS terminals for either timed or remote activation, creating the foundation for wide-scale credit card information theft. Traditional security devices have proven to be ineffective in detecting an attacker’s lateral movement, in providing malware activation visibility between asset servers and POS terminals, and in accurately correlating attack forensic data according to the report.
Thousands of retailers have been hit by credit card detail stealing malware. They way the hackers got in? unpatched software flaws. Over 5,900 e-commerce sites contain malware that steals victim’s credit card details, according to a security researcher. The malicious code has been placed on 5,925 compromised sites by hackers, according to Dutch security analyst Willem De Groot. He said that hackers gained access to a store’s source code using various unpatched software flaws.