Tag: POS
BAI Security Audit

Retail PoS Systems, Ancient Passwords – What You Need To Know Now

You’ve probably seen coverage of the big RSA reveal regarding the fact that point of sale devices from a specific vendor have used the same pre-set administrator password for the last quarter of a century. Security researchers Charles Henderson and David Byrne, at their RSA presentation, were the ones who shared this discovery. More troubling, according to Henderson and Byrne, 90% of the systems they see have retained that exact admin username and the password: 166816. You’d wonder why retailers aren’t changing the default admin and password when they deploy the system, but it seems like many assumed that the 166816 password was uniquely assigned to them. The PoS system in question is widely used, but the vendor isn’t the

Read More »
BAI Security May 1, 2015
Malware

New Retail PoS Malware Discovered

A new malware family targeting point-of-sale (PoS) systems, is infecting machines in order to scrape [payment card iinformation from memory. The malware, dubbed PoSeidon, was initially spotted by researchers from Cisco’s Security Solutions (CSS) team. PoSeidon, like most point-of-sale Trojans, scans the RAM of infected terminals for unencrypted strings that match credit card information. End-to-end encryption technology would protect payment card data from these sorts of attacks, but few PoS terminals have this capability right now. Cisco’s researchers say that PoSeidon is comprised of a keylogger, a loader and a memory scraper that also has keylogging functionality. As one would expect, the keylogger is designed to steal credentials for the LogMeIn remote access application. It deletes encrypted LogMeIn passwords and

Read More »
BAI Security April 21, 2015

Recent Posts

Keywords

CONTACT

READY TO LEARN MORE?

We’re here to discuss your upcoming IT security assessment and compliance audit needs.

CONTACT US
SCHEDULE A CALL

Let´s network on

Linkedin Twitter

BAI Security

ABOUT US

SERVICES

Contact