An arbitrary file upload vulnerability exists in the WordPress plug-in MailPoet Newsletters. The vulnerability is due to lack of access control validation. A remote unauthenticated attacker could exploit this vulnerability by sending specially crafted request to the server.
Monthly Archives: August 2014
Jenkins Groovy Script Console Remote Code Execution
A Code Execution vulnerability has been reported in the Jenkins Groovy Script Console. The vulnerability is due to an insecure script execution on the Jenkins console. A remote attacker could trigger this flaw by sending a crafted HTTP request to the vulnerable system.
Adobe Flash Player Use After Free Code Execution (APSB14-18; CVE-2014-0538)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error while loading specially crafted SWF files. A remote attacker can exploit this issue by enticing the victim to open a specially crafted SWF file.
Adobe Flash Player Memory Leakage (APSB14-18: CVE-2014-0540)
A memory leakage vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file.
Back to school…for the rest of us
“You’ll never know everything about anything, especially something you love.â€
–Julia Child
All across the nation, parents are breathing sighs of relief as their children head back to school.
But how about ourselves? As I’ve mentioned before, I’m a strong believer in lifelong learning. It keeps us focused, interested, and engaged. It helps our communities. And whether you want to teach or learn, there’s a place for you, either in person or online.
While I have the greatest respect for traditional universities and our wonderful community colleges, there are so many resources available online today that make it easy to stay active and engaged in learning. Back in the early 2000s when I started an early online learning company that did classes for consumers on all sorts of topics sponsored by major brands – we were a bit ahead of our time. Now technologies –specifically video applications- have evolved so much to support and make online classes truly visual, interactive and engaging.
Though we juggle our work, projects, kids and other commitments and it can be crazy, many of the online courses are self-paced, making them more manageable. And BTW, a report by the U.S. Department of Education has found that classes with online learning (either solely or as a component) on average produce stronger student learning outcomes than do classes with solely face-to-face instruction – especially among older learners.
Here are some of the best distance learning apps and sites that I’ve come across. These can be used whether you want to share your knowledge or want to learn…or, ideally, both! Here are five I recommend, with a bonus thrown in for good measure!
Canvas
Canvas is an open source platform for online collaboration that’s designed to be easy to use. It’s free and used by more than 800 colleges and universities. A sampling of courses shows a wide range of diverse material from “The Great Depression to the War on Terror,†a history course presented by a Seattle Central Community College Professor, to “Parenting in the Digital Age,†a course by the director of technology from an Indiana school district. These self-paced courses include video lectures, discussion forums, group work and more. Canvas’ motto is Keep Learning, something I think we can all agree with!
Coursera
The Coursera online portal also hosts classes from major universities around the country and the world, basically providing a way for you to learn at your own pace or audit classes from the comfort of your desktop. It currently boasts 9 million students, 737 courses and 110 partners, with both free and paid courses. In its specialization area you can take a group of courses, for example, to earn a Cybersecurity Certificate from the University of Maryland (for a fee). They also offer financial aid, by the way!
ePals
ePals says it’s “where learners connectâ€. It maintains a community of collaborative classrooms engaged in cross-cultural exchanges, project sharing and language education. It’s a sharing site that offers a way for groups of students around the world to be matched up and paired with other classrooms, and allows teachers to create their own projects or collaborate on others. It’s all about learning through experience.  I think this site is what the future is going to look like…at its best: People all over the world sharing knowledge together.
edX
edX is one of the leading sites for accessing free, open online courses. Harvard and MIT founded this platform, and offers classes from those amazing institutions, as well as classes from a growing list of partners. One course coming this week that caught my eye is UT Austin’s course on “Ideas of the Twentieth Century.â€
iTunes U
Apple’s site and app for online and connected learning, iTunes U provides thousands of audio and video courses on-demand and the world’s largest catalog of free education content. You can access learning and presentations from many top schools and universities worldwide, including Stanford, Harvard, MIT and more.
And now for the bonus…
Don’t have time to commit to a class this fall? There’s an awesome YouTube presentation featuring Carl Sagan, Arthur C. Clark and Stephen Hawking here about “God, The Universe, and Everything Else.†Now that’s education in less than an hour.
Happy back to school, everyone!
Microsoft Office 365 service module offers MSPs the best of both worlds
Life for a managed services provider (MSP) is seldom straightforward.  Support staff in the service center have long had to juggle between screens as they log in and out of numerous applications from different vendors in the course of their day-to-day remote management operations. Over the years advances in technology have created ever more diverse technical environments for them to manage. Nowadays it’s commonplace for customers to have a mix of traditional on-premise IT along with mobile devices and the latest cloud-based applications. The number of management screens just keeps on multiplying – all the while pushing up the time and costs of administration.
The Microsoft® Office 365™ cloud-based collaboration, communications and productivity software platform is a good example. Its combination of Exchange e-mail, SharePoint online, Lync VoIP and conferencing online, web hosting via SharePoint and the Office Web Apps has proved extremely popular with businesses of all sizes. Indeed Microsoft’s own executives have described it as the fastest growing business in its history. Little surprise, then, that it has also gained a strong channel following with more than 60 percent of top MSPs seeking to wrap their services around one of the market’s current best sellers.
Yet managing this along with a multitude of other applications is no picnic. Our MSP partners have been telling us that they would like a more convenient way to administer hybrid physical and online environments so that they can add value for customers with the Office 365 cloud platform. In view of the large numbers of MSPs using Office 365, developing a solution to help our customers support and obtain recurring revenue streams from supporting Office 365 with ease and simplicity has been a priority.
The Microsoft Office 365 service module for AVG Managed Workplace®, just released, goes some way towards addressing this issue. It allows our channel partners to provide management services such as user password resets and mailbox policies – which Microsoft typically will not do – via a single screen through AVG Managed Workplace. In fact the module allows MSPs to remotely perform five of the most popular management tasks. Apart from the two already mentioned you can also set license expiration alerts, receive service down notifications and managing users without using Windows PowerShell®. Other administrative tasks can be accessed without any additional logins.
Allowing administrators to view all the essential information they need about cloud-based and on-premise applications together within the same screen in this way gives IT services providers the best of both worlds. In so doing it neatly solves problem of multiple logins for partners and helps them to run their operations more efficiently.
Our simplification of Office 365 management for services providers is a clear demonstration of our commitment to our channel partners. We will continue to add modules to AVG Managed Workplace that allow IT service providers reap productivity benefits and deliver long-term value to their customers.
In summary, the Office 365 service module represents a first step in developing easy ways to manage cloud data within AVG Managed Workplace – something that appears destined to become commonplace as more everyday objects and devices are IP-connected to form the Internet of Things. It also further enhances the wide range of productivity benefits already available to MSPs who use AVG Managed Workplace to remotely manage the IT of their entire customer-base through the same, single pane of glass.
Week in Security: Game over in Korea, cellphone snoops and phishy Bitcoins
Gamers and cellphone users were targeted by criminal groups around the world in our security news this week – with results varying from slightly eerie surveillance towers, to a gigantic data breach in which 220 million records were traded. The former were struck with a series of irritating service outages caused by a hacktivist group, plus a data breach of enormous proportions, which swept up half of South Korea’s population in a scam designed to steal virtual money and goods.
Cellphone users were left looking over their shoulders as a security news report highlighted the sale and use of tools which could track a user with high accuracy from town to town and even to other countries – and these tools are being bought not only by oppressive regimes, but by gangs.
Even more disconcerting was the discovery of at least 17 ‘fake’ cellphone towers which hacked into nearby handsets to either eavesdrop, or install spyware. The fake towers, found, oddly enough, by a company which markets handsets immune to such attacks, were found throughout America – with one, puzzlingly, in a casino….
Meanwhile, POS malware continues to multiply, and a new phishing attack highlighted how social engineering can strike anyone…
Security news: Half of South Korea breached
By anyone’s standards, it was a massive data breach – involving 27 million people, half the population, and 220 million private records changing hands. It also highlighted just how much South Korea loves playing games, as it hit adults and children alike – the breach targeted registration pages and passwords for six online gaming sites, with the aim of selling game currency and virtual goods.
The breach affected 70% of the population between the ages of 15 and 65, according to Forbes.
The sixteen hackers who were jailed had used 220 million items of personally identifying information, with the goal of breaking into online game accounts. A 24-year-old man, surname Kim, bought these records from a Chinese hacker he met in another online game in 2011, according to the Korea JoonGang Daily.
Kim and his associates are thought to have used a hacking tool known as an “extractor†to log in to accounts and steal virtual currency to and items to sell – earning in the process 400 million won ($390,919).
1,000 U.S. firms infected with credit-card-stealing POS malware
An official warning issued this week highlighted the rise and rise of malware targeting point-of-sale systems in retail outlets, with the goal of stealing credit card details – with Secret Service operatives warning that one particular strain had infected a vast number of American firms.
The United States Computer Emergency Readiness Team issued a statement saying that the “Backoff†malware was rife in U.S. businesses, taking over administrator accounts and removing customer data from several hundreds of companies. Their information was based on Secret Service estimates, after conversations with POS software vendors in America.
ESET Malware Researcher Lysa Myers says, “Malware attacks on Point of Sale (PoS) systems are coming thick and fast right now.â€
Cellphone users targeted by cyber-snoops
Cellphone users, you may be being watched – by a surveillance industry which one privacy group claims is worth $5 million a year.  This week saw an in-depth report into the export of equipment  which can track the movements of anyone carrying a cellphone – from town to town and even into other countries.
It also saw the discovery of “fake†cellphone towers known as “interceptors†in active use on U.S. soil, according to Popular Science. The technology is known, but expensive, and it’s unclear who is operating the towers, or why.
High-end surveillance technologies which penetrate networks to track users are freely on sale not only to oppressive regimes, but also to criminal gangs, according to a report by the Washington Post.
Third-party surveillance apps are, of course, widely available which allow suspicious spouses and more nefarious individuals to track the owner of a phone by surreptitiously installing and hiding such an app. Such ‘domestic spyware’ is often involved in domestic violence cases.
The gear used by oppressive regimes is of a higher level altogether. “Surveillance systems are secretly collecting these records to map people’s travels over days, weeks or longer, according to company marketing documents and experts in surveillance technology,†the Washington Post reports.
“The capabilities of surveillance technology have grown hugely in the past decade – in the hands of a repressive regime, this equipment eradicates free speech, quashes dissent and places dissidents at the mercy of ruling powers as effectively as guns and bombs, if not more so,†Privacy International says in its report.
Game Over, man! PSN taken down, other networks under attack
A new hacktivist gang disrupted and brought down several gaming services this week, including Sony’s PSN network, and the Twitch gamer-TV service, which returned only after presenters Tweeted photographs of themselves with the group’s name written on their foreheads.
Most of the attacks were basic denial-of-service attacks, and no information was lost during Sony’s network outage. The FBI took an interest when a reported bomb threat by the same group caused the diversion of a flight carrying a Sony executive, according to Reuters report.
Sony summed up in a blog post, “The networks were taken offline due to a distributed denial of service attack. We have seen no evidence of any intrusion to the network and no evidence of any unauthorized access to users’ personal information.â€
It is as yet unclear what the group’s motivation is – with DDoS attacks also aimed at popular PC titles such as Blizzard’s Battle.net, Riot’s League of Legends and Grinding Gear Games’ Path of Exile.
Bitcoin phishing a cryptic success with non-users
How hot is Bitcoin right now? So hot that even non-Bitcoin users are tempted to click on phishing links referring to Bitcoin wallet sites (which they don’t use). The relative success of the attacks shows how social engineering can take many forms – and that clicking on links in ANY unsolicited email is a bad idea.
Previous Bitcoin wallet phishing campaigns usually targeted known lists of Bitcoin users. The new waves of phishing emails were targeted at corporations, rather than those with an interest in cryptocurrency. The tactic has proved a success for the criminals behind it – with nearly 2.7% of victims clicking on the malicious link embedded in the two waves of 12,000 emails.
Proofpoint, which monitored the attack, said that the high success rate proved how much the hype behind the Bitcoin wallet had caught the imagination of the general population.“Unregulated and designed for anonymity, Bitcoin represents an attractive, $6.8 billion target to cyber criminals,†Proofpoint said.
The Register’s John Leyden reported, “This high click-through rate is a concern because crooks could easily switch from Bitcoin scams to targeting curious users with DDoS malware, remote access Trojans, corporate credential phish, or other threats.â€
Some things, of course, don’t change: the emails took the form of a classic “account warning†phishing email, just using a Bitcoin site instead of a bank.
The post Week in Security: Game over in Korea, cellphone snoops and phishy Bitcoins appeared first on We Live Security.
Internet privacy: Seven rules to keep secrets safe
Internet privacy is something consumers are increasingly aware of, but which is near-impossible to achieve. You are never truly invisible on the internet – just witness how quickly the Blackphone, made by encryption legends Silent Circle met its match at DEF CON.
But while the free internet relies on “watching youâ€Â to sell ads, and others watch you just because they like it, there are a few steps sensible internet users should take for those moments when a little internet privacy IS required.
Most are the basics of internet privacy -Â password hygiene – and good security practice on social networks.
But when it comes to things you might want to keep private – business conversations that would be of interest to a rival, hobbies such as motorcycling that might be of interest to an insurer, a few basic steps can help.
If you ARE James Bond, no security tip in the world will stop your enemies watching you – that’s their job. For most of us – from college students to small businesses to people afraid of one particular watcher, such as domestic violence survivors – some basic steps will help you stay private.
Tinfoil hats are not required. Nor is switching to a “private†browser such as Tor – although privacy-conscious users may find it surprisingly fast these days.
Rule one: Use the internet privacy tools provided by ‘the watchers’
There are good reasons to revisit the internet privacy menus on your Facebook account – and it’s highly unwise to post anything to the network that is in any way sensitive. Facebook  is not content with the trove of data provided by its own users – it deals with third-party “data broker†companies, who provide the company with encrypted lists of email addresses (for instance, of users who have bought a vacuum cleaner), which Facebook then matches against its own encrypted list. This means the company may ‘know’ more than you think it does. The only defense is to be cautious with data both inside and outside Facebook.
There are other good reasons behind people’s distrust of Facebook, and to ensure your account is locked up as much as possible. This year, the social site added hidden tracking in its ubiquitous ‘Like’ button to track users outside of Facebook pages. The new tracking method actually ignores users’ Do Not Track preference settings (the browser setting where users can choose “ask websites to not track meâ€). Staying logged out as much as possible is a good idea to increase your internet privacy.
Google is a major player in collecting data – every Google service from YouTube to Search collects information on signed-in users, and collates it to refer to one user profile. This is used to tailor Google ‘adwords’ – the text adverts that appear around searches and above Gmail’s Inbox – to the user. Google, however, is very open about how it all works, and you can opt out of almost everything, even if you’re a heavy user. If you do so, the only service you’ll really be unable to use is the excellent Google Now on Android, which relies heavily on search history and location history. It poses its own privacy risks, of course, if anyone looks over your shoulder…
Google itself offers a clear explanation of how its data collection works – and provides a dashboard of tools web users may wish to use to prevent themselves being tracked. For Google, personalized adverts are a service, and one you can choose not to use. Facebook’s approach is more opaque. Facebook said that it would also ignore “do not track†signals sent by browsers – a measure put in place to offer users choice on privacy – because “because currently there is no industry consensus.”
Rule two: Don’t tell the internet your age, or if you went to college
Sharing information too openly online is a bad idea – leaving you open to spear phishing attacks. But data also falls into the hands of companies which trade in it – billions of data points at once, sold to advertisers and other companies. Most of these are perfectly normal companies. Some are not. The Federal Trade Commission is investigating ‘data brokers’. The industry is thus far largely unregulated, and brokers will offer anything from anonymous data gleaned from browsing, to a mix of data, some publicly available, some from website cookies and other tracking tools. You are significantly more likely to be identifiable from your data if you share things publicly – even the fact you own a dog, or your address, or if you geolocate pictures. Take control of this data. Don’t share when you don’t have to.
Consumers are increasingly concerned about privacy, a Silent Circle poll found
Social networks are a prime example, but “overfilling†a profile on a blog or corporate site can also reveal details. If there’s ever a box about sharing data with other companies, make sure you tick (or don’t tick) so your data isn’t shared. Whatever happens to it, it isn’t going away. Some, not all data brokers categorise customers in a way which may impact future eligibility for financial products – categorising them as uneducated, or putting them in a category of older people, or instance. This is information you should not share publicly, as it may impact your financial future.
Rule Three: Don’t trust ‘Do Not Track’ – Incognito or Private mode are better
Many companies ignore a browser’s request not to be tracked – including high profile firms such as Facebook. The only fix is to use Incognito or Private browsing, and not log in to Facebook as you browse.
You will still be followed by trackers (cookies and scripts embedded in most websites) as you browse, but the profile that’s built up applies to a user who disappears when the session ends. You are still, of course, not truly ‘private’ – your IP address can still be traced as having visited a particular website, but it helps. Setting your browser to delete cookies on closing also helps in this regard – but it’s not a silver bullet.
Rule Four: Don’t use Facebook log-ins on apps
Don’t imagine smartphones are any different from PCs – you will be tracked on your browser, just as you are on PC, and there are other security concerns, too. But one step is easy to take. Many apps allow users to log in using their Facebook details, which spares user the time of filling in a form.
However, this allows the social network to use information from the app, and apply this to its advertising profile to target adverts. Any information in the app becomes available to Facebook. If you’re worried about how much Facebook ‘knows’ about you, use email to log in instead.
Rule Five: Turn to Tails if you  really need to be private
If you are determined not to be watched, Tails is a high-end internet privacy tool – although it should be noted that it is not “spy proofâ€. It boots from a DVD or USB stick, and forces internet traffic through the anonymizing service Tor (all non-Tor connections are rejected). Tor is of course not immune from spying – but it’s as secure as it gets, most of the time.
When you’ve finished, Tails deletes all data from the session (it’s stored in RAM rather than in computer storage). It can be used on any computer, and leaves no trace once the session ends. You are, of course, still vulnerable to some techniques – for instance, electronic listening devices could pick up your keystrokes.
Rule Six: If you’re doing business, use a VPN, and encrypt everything you can
If you are using the internet for sensitive business reasons, use VPN software. Either provided by your company, or if you’re a small business or freelancer, use your own VPN client. Likewise, ensure you encrypt as much as you can – from emails to data stored on your PC. ESET researcher Stephen Cobb argues that encryption is now essential for business – and with the rate of data breaches seen over the past few months it’s hard to argue. Malware researcher Lysa Myers says,”The best way to protect your data from prying eyes is to make more of it unreadable to outside parties. And the best way to do this is to encrypt as much as you can both data that is saved on your hard disk, and data that you send out of your machine, via email, web or other methods.”
Rule Seven: You are never invisible online
No matter how paranoid you are, how security-conscious you are, there is always a way round your snoop-proof techniques. Unscrupulous and greedy people will find it. If you want something to stay private, don’t do it online, or on the phone. Do it in the real world. As more consumers use internet privacy tools, new unknown techniques appear to bypass them. ‘Canvas fingerprinting’ is a new technique, invisible to users, which became widespread among companies selling data to advertisers before the media were even aware of it. Requiring PCs to render a fragment of text, it bypasses “do not track†instructions to create a fingerprint which “shatters†current privacy tools, Princeton researchers say. One provider which uses the ‘fingerprinting’ technique,  touted as a replacement for cookies for advertisers keen to track users across the web, uses its scripts in thousands of sites – and reaches 97.2% of the internet population in America, according to Comscore.
The post Internet privacy: Seven rules to keep secrets safe appeared first on We Live Security.
Malware still generated at a rate of 160,000 new samples a day in Q2 2014
- The second quarter of 2014 has seen the creation of 15 million new strains of malware
- Trojans are still the most common type of malware, though they are losing ground thanks to the rise of PUPs (Potentially Unwanted Programs)
- Smartphones, both Android and iOS, are still under attack
- The global infection rate during this period was 36.87%, a significant increase on previous quarters, thanks in part to the increase in PUPs
 
Panda Security, The Cloud Security Company, has announced the latest findings of the PandaLabs quarterly report for Q2 2014. The main conclusions of the study include the fact that malware is still being created at the record levels reached in the previous quarter: 15 million new samples were generated, at an average rate of 160,000 every day.
While Trojans are still the most common type of malware, accounting for 58.20% of new malware, this figure is significantly lower than the previous quarter (71.85%). This is not so much due to a drop in number of new Trojans, but more to a substantial increase in PUPs (Potentially Unwanted Programs) during this period.
Attacks on mobile devices have continued to gather momentum over this quarter, though this time they have also targeted the Apple iOS in addition to Android. In the case of the latter, the most notable cases have involved fake antivirus apps and ransomware.
There have also been many notable cases of hacking targeting major companies across different sectors, such as eBay, Spotify or Domino’s Pizza,as well as more attacks by the Syrian Electronic Army (SEA). A security flaw -dubbed Heartbleed– in the OpenSSL library used for encrypting communications made the headlines around the world in April.At the same time, Microsoft ceased to offer support for Windows XP, with serious security implications for users of this OS.
PUPs on the rise
While Trojans are still the most prevalent type of malware (58.20% of new threats), they are losing ground thanks to the rise of PUPs (Potentially Unwanted Programs). In fact, in recent months there has been a notable increase in software bundlers, which install PUPs -without the user’s consent- along with the programs that the user really wants to install.
Trojans are followed a long way behind in the ranking by worms (19.68%), adware/spyware (0.39%) and viruses (0.38%).
Trojans the cause of most infections
Trojans, once again, have accounted for more infections (62.8%) than any other type of malware, although this figure is lower than the previous quarter (79.90%). PUPs are in second place with 24.77% of infections, underlining how these techniques are now being used massively. A long way behind came adware/spyware (7.09%), viruses (2.68%) and worms (2.66%).
Infections by country
The global infection rate during the second quarter of 2014 was 36.87%, a significant rise on recent periods, thanks largely to the proliferation of PUPs. Country by country, China once again had the most infections, with a rate of 51.05%,followed by Peru (44.34%) and Turkey (44.12%).
It’s clear from this ranking that the regions with the highest levels of infections are Asia and Latin America. Spain also has an infection rate above the global average with 37.67%.
On the other hand, Europe is the area with the lowest infection rate, with nine countries ranked among the least infected countries. Sweden (22.13%), Norway (22.26%) and Germany (22.88%) had the lowest rates while Japan, with an infection rate of 24.21%, was the only non-European country in the top ten of this ranking.
The full report is available here.
The post Malware still generated at a rate of 160,000 new samples a day in Q2 2014 appeared first on MediaCenter Panda Security.
Bad news for SMBs: Target’s “Backoff†malware attack hits 1,000 more businesses
avast! Endpoint Protection can protect your network
U.S. merchants advised to protect themselves against same PoS hack that hit Target and Neiman Marcus last year.
More than 1,000 U.S. businesses have had their systems infected by Backoff, a point-of-sale (PoS) malware that was linked to the remote-access attacks against Target, Michaels, and P.F. Chang’s last year and more recently, UPS and Dairy Queen. In the Target breach alone, 40 million credit and debit cards were stolen, along with 70 million records which included the name, address, email address, and phone number of Target shoppers.
The way these breaches occur is laid out in BACKOFF: New Point of Sale Malware, a new U.S. Department of Homeland Security (DHS) report. Investigations reveal that cybercrooks use readily available tools to identify businesses that use remote desktop applications which allow a user to connect to a computer from a remote location. The Target breach began with stolen login credentials from the air-conditioning repairman.
Once the business is identified, the hackers use brute force to break into the login feature of the remote desktop solution. After gaining access to administrator or privileged access accounts, the cybercrooks are then able to deploy the PoS malware and steal consumer payment data. If that’s not enough, most versions of Backoff have keylogging functionality and can also upload discovered data, update the malware, download/execute further malware, and uninstall the malware.
General steps SMBs and consumers can take to protect themselves
- You should use a proper security solution, like avast! Endpoint Protection, to protect your network from hacking tools, malicious modules, and from hackers using exploits as a gateway to insert malware into your network.
- Regularly monitor your bank and credit card statements to make sure all the transactions are legitimate.
- Change default and staff passwords controlling access to key payment systems and applications. Our blog post, Do you hate updating your passwords whenever there’s a new hack?, has some tips.
- Monitor your credit report for any changes. You’re entitled to one free report per year from each of the three reporting agencies.
Specific tips to protect your business and customers
Remote Desktop Access
- Configure the account lockout settings to lock a user account after a period of time or a specified number of failed login attempts.
- Limit the number of users and workstations who can log in using Remote Desktop.
- Use firewalls to restrict access to remote desktop listening ports.
Network Security
- Review firewall configurations and ensure that only allowed ports, services and Internet protocol (IP) addresses are communicating with your network.
- Segregate payment processing networks from other networks.
Cash Register and PoS Security
- Implement hardware-based point-to-point encryption. It is recommended that EMV-enabled PIN entry devices or other credit-only accepting devices have Secure Reading and Exchange of Data (SRED) capabilities.
- Install Payment Application Data Security Standard-compliant payment applications.
- Deploy the latest version of an operating system and ensure it is up to date with security patches, anti-virus software, file integrity monitoring and a host-based intrusion-detection system.
See more mitigation and prevention strategies from DHS.
Learn more about PoS attacks against small and medium-sized business in our blog, Should small and medium-sized businesses be worried about PoS attacks?
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter, Google+ and Instagram. Business owners – check out our business products.