Target's Magstrip Mayhem – an inside job
A great white paper describing the Malware used against Target is being presented at RSA 2014 by Chester Wisniewski, Sophos Senior Security Advisor, on Wednesday, February 26, 2014 from 8 to 9AM in West Room 3006 -"Buy Candy, Lose Your Credit Card – Investigating PoS RAM Scraping Malware"
After learning of their breach involving the loss of customer data, Target shut down employee and vendor remote access to two computing systems: an HR website called eHR and a database for suppliers called Info Retriever. The Wall Street Journal quoted Target's Molly Snyder as saying
We can confirm that the ongoing forensic investigation has indicated that the intruder stole a vendor's credentials which were used to access our system.
The indication is strong that the malware was delivered via a compromised vendor account somewhere within the invoicing systems. More to follow…
]]>