Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Vendors Self-Censor Target Breach Details

Posted by samzenpus on from the what-security-breach? dept.

angry tapir writes "At least three security companies have scrubbed information related to Target from the Web, highlighting the ongoing sensitivity around one of the largest-ever data breaches. How hackers broke into Target and installed malware on point-of-sale terminals that harvested up to 40 million payment card details is extremely sensitive. Now, details that give insight into the attack are being hastily removed or redacted by security companies."

4 of 115 comments (clear)

  1. Closing the Barn Door... by pcwhalen · · Score: 5, Informative

    ...after all the cows got out.

    Day late and a dollar short to worry about BlackPOS. Variants of "Dexter, first documented by Seculert in December 2012, is a Windows-based malware used to steal credit card data from PoS systems."

    http://www.arbornetworks.com/a...

    They have had 3 flavors so far:
    1.] Stardust (looks to be an older version, perhaps version 1)
    2.] Millenium (note spelling)
    3.] Revelation (two observed malware samples; has the capability to use FTP to exfiltrate data)

    I can buy any of these programs with a Tor browser, an ICQ client and some Bitcoin at any carder site on line.

    A little late to be worried about snippets of code.

    --
    Pay no attention to the man behind the curtain with all your metadata.
  2. Re:One thing they are keeping quiet by pcwhalen · · Score: 4, Informative

    Maybe. They do have a lot of job openings in Karnataka, Bangalore, India.

    https://targetcareers.target.c...

    --
    Pay no attention to the man behind the curtain with all your metadata.
  3. read TFA. Target IPs, passwords not helpful by raymorris · · Score: 4, Informative

    > By deleting the info what the so-called 'security companies" are doing is to depriving the legitimate
    > business owners a way to beef up their own security measures by learning from the mistakes of Target.

    I can only guess that you didn't rtfa? Target's IP addresses, passwords, and other details are of little use to any legitimate business beefing up their own security. To secure YOUR network I need YOUR IP addresses, not Target's IP addresses.

    They left the information about HOW Target was breached. They redacted victim-specific details like the IPs of specific vulnerable servers.

    > Hackers already know the way to do it, or they
    > wouldn't be able to break into Target's databases.

    99.99% of hackers are not able to break into Target's databases. It would be good to keep it that way.

    By deleting the info what the so-called 'security companies" are doing is to depriving the legitimate business owners a way to beef up their own security measures by learning from the mistakes of Target.

  4. Re:Your data is in everyone else's hands by xaxa · · Score: 4, Informative

    (Public key cryptography for credit cards)

    I think you've more-or-less described the EMV standard, which is widely used pretty much everywhere except the USA.

    http://en.wikipedia.org/wiki/E...

    I just bought some food by credit card, and the receipt says:
    Visa Credit £6.34
    [ICC] **** **** **** 3435
    AID: A0000000013039
    PAN SEQUENCE: 03
    MERCHANT: **41872
    AUTH CODE: 146972

    PIN Verified

    I have a smart card reader for validating online banking transactions, I think the administration and transport costs were probably more than the cost of the reader -- the bank sent it for free. The card has NFC, for low-value transactions (under £20, I think) I can pay contactlessly without a PIN. London is trialling accepting this for train/underground travel, it's already accepted for buses.

    My card still has a magnetic strip, but I don't think it's ever been used.