Many experts continue to speculate on why it took so long for Heartland to identify and disclose the breach. According to the Storefront Backtalk report, the payment processor revealed the breach was first discovered in late October or early November, whereas previous statements indicated that it was only in the fall. The company has had two outside forensics teams and the Secret Service working on the problem for more than two months, and yet the “sniffer” software used to collect the data was located only last week.
Heartland Payment Systems acts as a payment gateway for credit card transactions for over 250,000 businesses. At some point a sniffer was installed in their data center intercepting all transactions. Some media outlets are calling this the “largest data breach ever”. They process “100 million credit card payments a month and more than 4 billion transactions per year” but currently have no idea when the malicious software was installed.
The case against Connecticut substitute teacher Julie Amero has finally come to a close. Prosecutors dropped the felony charges against her, but the agreement called for a guilty plea to a misdemeanor charge of disorderly conduct and surrender of her state teaching credential. Amero had previously been convicted of endangering minors and faced 40 years […]
A Cisco-commissioned study found that employees at businesses in 10 countries around the world are often unaware of their companies’ security polices, or the employees ignore the policies because they hinder productivity. When surveyed about whether their companies had security policies, there was a 20 to 30 percent gap between responses from IT professionals and […]
FoxNews (not one of my normal news sites… I promise) just posted a story entitled “World Bank Under Cyber Siege in ‘Unprecedented Crisis’“. The details are fairly chilling and include some amazingly upbeat quotes like… “While it remains unclear how much data has been pilfered from the bank, it’s a lot. According to internal memos, […]
Arpwatch is an amazingly useful tool that promiscuously listens on a specified interface for arp broadcasts. It takes what it learns and saves the the output in a database for later reference in the following format. mac_address ip unix_date/time hostname It will take any changes/additions and log them to /var/log/messages as well as optionally emailing […]
It would be funny if it weren’t so damn plausible. 🙂 Diebold Accidentally Leaks Results Of 2008 Election Early
I got my IPhone the day after the last post I made. I must admit it was worth the wait and by the far the coolest device ever created by humans. Now all I need is SSH and RDesktop clients for. They have VNC and mainframe/midrange term-emulation, so it can’t be far off.
My wife and I waited in line early morning the day of the IPhone 3G launch. By the time we got in the AT&T store they had sold out of all 16gig models so they put them on order for “direct fulfillment”. She got the white model and received hers two days ago. I got […]
Missy and I hopped in the line at our local AT&T store this morning at 7am to try and get ourselves two iPhone 3Gs (16gig). At this point the line already wrapped around the side of the building. We finally got into the store at about 11am to find that they had sold out of […]