The holiday brings cheer, tears and fear of the next PoS malware.  Just this week, two published PoS malware discoveries "Pro Pos" and "ModPOS". Don't let those pesky PoS malware affect your retail sales, stay protected from them and future malware that may be hitting this holiday season.
Highlighting the cyber-security news from the past week in a 120 sec. read. Starting now.



PoS Malware

Underground forums are pushing a new strain of malware “Pro PoS” to hit the vulnerable retailers just in time for the holiday season.  Also, a newly discovered PoS that has gone undetected for 3 years termed ModPOS with the prefix “Mod” referring to the modular structure with an undetermined amount of modules creating a malicious bundle of undetectable elements.

Why is this signficant?

  1. Pro PoS is 76KB containing a potent strain of malware including a root-kit functionality, mechanisms to throw off antivirus analytics and a polymorphic engine creating different signatures according to InfoArmor.  This point-of-sales malware was created by eastern European threat actors that are current targets are retailers and SMBs located in U.S. And Canada.
  2. ModPOS discovered by researchers at iSIGHT, say that this particular malware is so sophisticated that software has a "modular code base that places a very heavy emphasis on obfuscation and persistence.”  Detection of ModPOS is difficult, due to the technical details being different for each target.  For example, if data (credit/debit) sent an infected device was determined valuable the malware C&C server instructs the downloader to retrieve other modules, stemming from the infected system’s technical makeup.
  3. With scarce technical breakdown documentation of ModPOS, the enSilo researchers have broken down its capabilities here - http://breakingmalware.com/malware/a-technical-breakdown-of-modpos/

Read the full story on The Register

**enSilo customers are protected from Pro Pos and ModPOS**

Cost of Breaches

The FCC had to get involved for the first time ever with a cable provider, Cox Communication. The breach occurred in August 2014 and Cox Communication failed to follow the report within 7 days as required by law. 

Why is this signficant?

  1. Cox Communication is settling in court for a reported $595,000 civil penalty. In addition, the Enforcement Bureau will be monitoring a new comprehensive compliance plan including: information security program with annual system audits, internal threat monitoring, penetration testing, and additional breach notification systems and processes to protect customers' personal information and proprietary network information.           
  2. The cost of breaches are adding up for companies such as Target. The latest on the 2013 Target breach that exposed 40M credit/debit cards to fraud is still being sought out in court. Target agreed to settle claims costing $39M to financial institutions, in which $20.3M is divided to settlement class members and $19M to MasterCard’s Account Data Compromise program.  In August, Target’s settlement with Visa amounted to a $67M agreement.  There was also a $19M settlement with MasterCard that did not go through. According to the earning report, the net expense is $162 million, with the actual total grossing at $191M, with an offset of $46M from insurance.

Read the full story on ZDNet

Cybersecurity Awareness

Biggest retail data breaches and learning from the past will make a better future for enterprise initiatives in the cyber landscape.

Why is this signficant?

  1. Lessons to be learned, if the database contains any form of sensitive or private information, invest in more advanced and modern forms of cyber security. A good rule of thumb is that all companies big and small are targets for malicious activities.  While the bigger the company, the bigger the risk, smaller companies are also in risk. Invest in cyber security before the inevitable happens, sending your company to the media headlines that will affect your bottom line. 
  2. Security education and cyber hygiene are great initiatives for an enterprise, although there will ALWAYS be holes in cyber infrastructures.  Prevent the consequences and invest in the modern technology that generates just one alert per one active threat.  Looking forward, exfiltration prevention is the newest approach to repelling threat actors from exposing sensitive data. 

Read the full story from WorkFlow Studios