Blog

Blog

Home Depot – Right on Target? Not Quite.

The Home Depot breach could have been much, much worse. And the emerging details surrounding the breach have taken on a theatrical air. Similar Tactics, Different Haul In many ways, the breach perpetrated on Home Depot rings familiar to watchers of the Target breach. Point-of-Sale, or POS, machines were compromised by a version of the same BlackPOS malware used to infiltrate Target. Unlike that breach this attack had time to get nestled in as hackers skimmed data undetected from April

Read More >

The Target Breach Eight Months On – Who were the Biggest Losers?

Target was one of the largest victims of recent security breaches until the recent Home Depot breach this past September. Before we look at the Home Depot’s perfect security storm (tune back next week!), let’s review Target’s timeline. Timeline Target, like several other retailers was hacked not by approaching the central, well-secured network, but by coming up from the roots. Hackers installed malware on the Point-of-Sale machines in 1,800 stores using a program called BlackPOS – one that would later

Read More >

MITM

Bypassing Passwords with Man-in-the-Middle

MITMMan-in-the-middle is a type of attack used by spy organizations and professional criminals alike to bypass passwords, steal login information, record private messages, move funds… Essentially, man-in-the-middle attacks can have an effect on any aspect of web-traffic. They are invisible and very difficult to detect. How it works: Normal web traffic should flow from a user’s computer (Point A) to a web app or service (Point B). The response then flows back. Man-in-the-middle attacks exploit the space between those points to

Read More >