Point-of-Sale | Breaking Cybersecurity News | The Hacker News

Two point-of-sale (PoS) malware variants have been put to use by a threat actor to steal information related to more than 167,000 credit cards from payment terminals. According to Singapore-headquartered cybersecurity company Group-IB, the stolen data dumps could net the operators as much as $3.34 million by selling them on underground forums. While a significant proportion of attacks aimed at gathering payment data rely on  JavaScript sniffers  (aka web skimmers) stealthily inserted on e-commerce websites, PoS malware continues to be an ongoing, if less popular, threat. Just last month, Kaspersky detailed new tactics adopted by a Brazilian threat actor known as  Prilex  to steal money by means of fraudulent transactions. "Almost all PoS malware strains have a similar card dump extraction functionality, but different methods for maintaining persistence on infected devices, data exfiltration and processing," researchers Nikolay Shelekhov and Said Khamchiev  said . Trea

Threat actors known for keeping a low profile do so by ceasing operations for prolonged periods in between to evade attracting any attention as well as constantly refining their toolsets to fly below the radar of many detection technologies. One such group is  FIN8 , a financially motivated threat actor that's back in action after a year-and-a-half hiatus with a powerful version of a backdoor with upgraded capabilities including screen capturing, proxy tunneling, credential theft, and  fileless execution . First documented in 2016 by FireEye, FIN8 is known for its attacks against the retail, hospitality, and entertainment industries while making use of a wide array of techniques such as spear-phishing and malicious tools like  PUNCHTRACK  and  BADHATCH  to steal payment card data from point-of-sale (POS) systems. "The FIN8 group is known for taking long breaks to improve  TTPs  and increase their rate of success," Bitdefender researchers  said  in a report published

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto , a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use snapshots, agents, or any other periodic data protection methodology. Zerto has no impact on production workloads and can achieve RPOs in the region of 5-15 seconds across thousands of virtual machines simultaneously. For example, the environment in the image below has nearly 1,000 VMs being protected with an average RPO of just six seconds! Application-Centric Protection: Group Your VMs to Gain Application-Level Control   You can protect your VMs with the Zerto application-centric approach using Virtual Protection Groups (VPGs). This logical grouping of VMs ensures that your whole applica