The cybercriminal group tied to numerous payment card breaches including Goodwill and best known by its so-called “RawPOS” malware employed legitimate user credentials to access its targets’ networks. No 0days. No spearphishing. Tim Erlin, director of security and product management at Tripwire have the following comments on it.
[su_note note_color=”#ffffcc” text_color=”#00000″]Tim Erlin, Director of Security and Product Management at Tripwire :
“Using legitimate credentials is a good way to avoid getting caught. When these third-party providers are breached, it’s not their names that end up in the headlines, but the major brands affected instead.
Point-of-sale system security is a challenge for many retailers because criminals have dedicated significant resources to compromising them. Watching the network for malware simply isn’t enough. When attackers are impersonating legitimate users, organizations need to monitor all aspects of the system, from the network to each and every endpoint.”[/su_note][su_box title=”About Tripwire” style=”noise” box_color=”#336588″]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.