We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on the Smarttech website. However, if you would like to, you can change your cookie settings at any time.
Security intelligence

Security intelligence

End-to-end system that can stop threats at every stage of an attack.

It’s a new IT world.
How secure are you?

Smarttech helps thousands of clients address the challenges
of securing their people, data, applications and infrastructure.

Read More

Cyber Security Employee Training

Cyber Security Employee Training

Improve Awareness, Change Behaviours and Reduce Risks

Cyber Security Employee Training

Improve Awareness, Change Behaviours and Reduce Risks

Read More

World Class Support

World Class Support

Right choice for high quality Technical Support BPO.

Scalable - Cost effective world class support

Smarttech Helpdesk and NOC is ideal solution for US companies looking for a technical support footprint in EMEA.

Read More

New Threat For Retailers: PoSeidon Targeting POS Systems

A new and sophisticated breed of Point-of-Sale (POS) malware has been discovered by the security researchers at Cisco’s Talos Security Intelligence & Research Group.

PoSeidon malware scrapes memory from Point of Sale terminals to search for card number sequences of principal card issuers like Visa, MasterCard, AMEX and Discover, and goes on using the Luhn algorithm to verify that credit or debit card numbers are valid.
 poseidon
The malware then siphon the captured credit card data off to Russian (.ru) domains for harvesting and likely resale, the researchers say.

The CSS researchers have identified three malware components that are likely associated with PoSeidon: a keylogger, a loader and a memory scraper that also has keylogging functionality.

The keylogger is designed to steal credentials for the LogMeIn remote access application. It deletes encrypted LogMeIn passwords and profiles that are stored in the system registry in order to force users to type them again, at which point it will capture them.

The CSS researchers believe this keylogger is potentially used to steal remote access credentials that are needed to compromise point-of-sale systems and install PoSeidon.

Past studies have showed that PoS terminals are typically compromised through stolen or brute-forced remote access credentials, as many of them are configured for remote technical support.

Once the PoSeidon attackers get access to a PoS terminal, they install a component known as a loader. This component creates the registry keys needed to maintain the infection’s persistence across system reboots and downloads another file called FindStr from a hard-coded list of command-and-control (C&C) servers.

As its name implies, FindStr is used to find strings that match payment card numbers in the memory of running processes.

“The malware only looks for number sequences that start with: 6, 5, 4 with a length of 16 digits (Discover, Visa, Mastercard) and 3 with a length of 15 digits (AMEX),” the CSS researchers said in a blog post.

The Trojan then verifies that the captured strings are actually credit card numbers by using an algorithm known as the Luhn formula, and uploads them to one of several command-and-control servers along with other data captured through its key logging functionality.

Unlike other PoS memory scrapers that store captured payment card data locally until attackers log in to download it, PoSeidon communicates directly with external servers and can update itself automatically. It also has defenses against reverse engineering.

“PoSeidon is another in the growing number of Point-of-Sale malware targeting PoS systems that demonstrate the sophisticated techniques and approaches of malware authors,” the CSS researchers said. “As long as PoS attacks continue to provide returns, attackers will continue to invest in innovation and development of new malware families.”

 

Retrieved from The Hacker News and Network World 

Keep reading
Follow
Tweets
5950
Following
8568
Followers
2465
Share
Shares
62

Smarttech

https://lnkd.in/emJPddu

Enterprise Mobility Management Webinar

inbound.smarttech.ie

(EMM) Enterprise Mobility Management - Webinar Tuesday the 31st of March 10:00 AM

Mar 20th 4:55pm • No Comments

3 ways to implement inbound marketing for your construction company http://hubs.ly/y0D5D20

3 ways to implement inbound marketing for your construction company

inbound.smarttech.ie

Find out about 3 ways you can implement inbound marketing for your construction company.

Mar 19th 5:49pm • No Comments

http://irishtechnews.net/ITN3/why-security-is-a-massive-challenge-in-2015-ronan-murphy-smarttech/

Why security is a massive challenge in 2015, Ronan Murphy, Smarttech

irishtechnews.net

By @SimonCocking and @tecdrInterview with Ronan Murphy @Smarttech01How was 2014? 2014 was a very exciting and productive year for Smarttech. The company opened a new state of the ar

Mar 11th 11:37am • 1 Comment

Like
Friends

it servicesOn-Demand managed IT Services & IT Support for Your Business

Smarttech provides Global IT support and managed services to clients who require world class IT support.

The Smarttech IT Services value proposition is to bring great technology together, using our experience and expertise to deliver the best business strategies for our clients.

Keep Reading