Point-of-Sale Terminals Compromised at 63 Barnes & Noble Locations

UPDATE – America’s largest book retailer, Barnes & Noble, announced this morning it has detected evidence of tampering in 63 PIN-pad devices used in as many stores by criminals trying to steal payment card information. Barnes & Noble claims to have disconnected all the affected devices from service on Sept. 14. The retailer did not disclose how many customers may have been affected by the tampered devices.

Judge Rules Against Consumers’ Claims in PlayStation Hack Lawsuit

A Southern California judge has rejected several key claims in a class-action lawsuit filed in response to Sony’s handling last year of a data breach that left millions of users at risk.In a ruling released by Courthousenews.com, U.S. District Court Judge Anthony Battaglia ruled users did not have an expectation of “perfect security” when they signed on with the company’s PlayStation Network.

Generations of hobbyists hardware hackers have spent countless hours messing with piles of radio gear, happily tinkering away in garages and basements looking for new ways to connect to people around the world. Now, a researcher has put together a new radio called HackRF that is a kind of all-in-one hacker’s dream with functionality to intercept and reverse-engineer traffic from a wide range of frequencies and sources.

A zero-day vulnerability in Novell ZENworks Asset Management Software 7.5 gives access to any files with system privileges and could also allow an attacker to grab configuration parameters, including the backend credentials in clear text, according to Rapid7 exploit developer Juan Vazquez who discovered the vulnerability and wrote an exploit module for Metasploit

Security researchers and hackers have spent the last 20 years or so tearing apart all manner of software and hardware, looking for vulnerabilities, attack vectors and bugs, and the advent of embedded and implantable devices has now drawn their attention to this new class of targets. Medical devices, both implantable and external, have become the subjects of quite a lot of research lately, and the results are not encouraging. 

Scared is a strong word, but the reality, according to a Websense analysis by Patrik Runald, is that spear-phishers, like the ones that compromised a White House network last week, are implementing new evasion tactics, fundamentally changing their attack strategies, and revolutionizing the targeted threat model, giving business executives plenty of reason to worry.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.