Security Alerts & News
by Tymoteusz A. Góral

History
#1549 FastPOS updates in time for the retail sale season
Most point-of-sale (PoS) threats follow a common process: dump, scrape, store, exfiltrate. FastPOS (initially detected by Trend Micro as TSPY_FASTPOS.SMZTDA) was different with the way it removed a middleman and went straight from stealing credit card data to directly exfiltrating them to its command and control (C&C) servers.

FastPOS was true to its moniker—pilfer data as fast as possible, as much as it can, even at the expense of stealth. The malware is a reflection of how PoS threats, though no longer novel, are increasingly used against businesses and their customers. As such, FastPOS’s update does not come as a surprise—in time for the oncoming retail season to boot.

The samples we analyzed were compiled during the second week of September, and feedback from our Smart Protection Network confirmed that they are already deployed against small-medium businesses. FastPOS’s developer also seemed to have wasted no time validating his code by confirming its functionality in a full infection. It only took about a month from when its C&C domain was registered (mid-August) to the launch of its new campaign, making it faster than their previous operation in 2015.
Read more
#1551 Boy, 12, gets €100k bill from Google after confusing Adwords with Adsense
#1550 Enabling on-body transmissions with commodity device (PDF)
#1549 FastPOS updates in time for the retail sale season
#1548 Unmasking Tor users with DNS
#1547 Facebook rolls out opt-in encryption for 'secret' Messenger chats
#1546 Our insulin pumps could be hacked, warns Johnson & Johnson
#1545 Feds accuse two 19-yo of hacking for Lizard squad and PoodleCorp
#1544 This new Mac attack can secretly monitor your webcam, microphone
#1543 Why the latest Windows 10 cumulative update is failing and how you can recover
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12