DDOS
December 2014
North Korea
7/2/2015
Evil Maid Attack - http://searchsecurity.techtarget.com/definition/evil-maid-attack
12/2014
Credit Cards
Card Present vs Card not present
Chip and PIN is supposed to be very valuable for Card Present transactions.
- AKA: EMV
- Chip cannot be read contactlessly, you must insert the card into a chip reader.
RFID is not the same
http://security.stackexchange.com/questions/49306/bank-cards-chips-vs-mag-stripe-security
Because it is being implemented without requiring a PIN, to promote speed of transaction. And the card can be read contactlessly.
CNP - Card Not Present
MO/TO - Mail Order / Telephone Order
MOTOEC -
Track Formats
http://www.acmetech.com/documentation/credit_cards/magstripe_track_format.html
Track 1 - IATA
Track 2 - ABA
Track 3 - THRIFT-TTS
Beware of Wireless PIN and Card readers
https://afterlife.wordpress.com/2006/05/11/chip-and-pin-vs-rfid/
... restaurants have implemented wireless POS devices so the waiter can bring the POS device to the cardholder for them to enter their PIN. This sounds great until you start to question what wireless protocol is being used by the POS device, and sounds even worse when you learn that it's over unencrypted 802.11.
But this would require a MiM hack at the local facility. Probably not worth the effort.
Definitions
DDOS - Distributed Denial of Service
MiM - Man In The Middle
Spear Phishing - User clicks on a link in their messages that take them to a bogus login page – into which they type their usernames and passwords, providing hackers with the keys.
Watering Hole Attack - http://krebsonsecurity.com/2012/09/espionage-hackers-target-watering-hole-sites/#more-16707
2/5/2015
Anthem Healthcare
2014
http://threatpost.com/slide-shows/a-look-back-at-the-year-of-the-breach
12/25/2014 - Sony and Playstation DDOS
White Lodging
Hilton, Marriott, Sheraton and Westin
2013
Target
BlackPOS
October 2013
Neiman Marcus
2013
CHS - Community Health Systems: 4.5 million ID’s taken, Dave Kennedy from Trusted Sec report
Heartbleed vulnerability allowed access to user credentials from Juniper device.
https://www.trustedsec.com/august-2014/chs-hacked-heartbleed-exclusive-trustedsec/
http://www.sec.gov/Archives/edgar/data/1108109/000119312514312504/d776541d8k.htm
SonicWall says they have protected against this.
http://www.dell.com/learn/us/en/04/campaigns/heartbleed-remediation
August 2014 - PF Chang's
July 2014 - JP Morgan
http://www.theregister.co.uk/2014/12/23/jpmorgan_breach_probe_latest/?mt=1419441541068
September 18, 2014
Home Depot
New variant of BlackPOS AKA “KAPTOXA”
March 18, 2014
Sally's Beauty Supply
Card Present, Track 2 data
Jan 2, 2014
Snapchat
Jan 2014
Michael’s Craft Store
http://krebsonsecurity.com/2014/01/sources-card-breach-at-michaels-stores/
POS Skimmer
October 14, 2014
KMart
"Payment Security Incident"
October 10, 2014
Dairy Queen
Backoff POS Malware
September 2014
Staples
1.16 Million Credit Cards
http://krebsonsecurity.com/2014/12/staples-6-month-breach-1-16-million-cards/
Same criminal infrastructure as Michael’s Craft Store
August 19, 2014
Possibly hackers got Sys Admin password.
Dark Seoul malware
https://krebsonsecurity.com/2014/12/the-case-for-n-koreas-role-in-sony-hack/
Destover Wiper Malware
https://threatpost.com/details-emerge-on-sony-wiper-malware-destover/109727
November 11
US Postal Service
http://threatpost.com/u-s-postal-service-breach-affects-employees-customers/109289
December 17, 2014
ICANN
http://www.theregister.co.uk/2014/12/17/icann_hacked_admin_access_to_zone_files/
Old School Spear Phishing.
December 1, 2014
Sony Pictures