Target breach



There are stack buffer overflows in two components of a Honeywell point-of-sale software package that can allow attackers to run arbitrary code on vulnerable systems. The vulnerabilities lie in the HWOPOSScale.ocx and HWOPOSSCANNER.ocx components of Honeywell’s OLE for Retail Point-of-Sale package, which is designed to help integrate PoS hardware with Windows PoS systems. Versions of the Honeywell […]

Malware capable of infecting point-of-sale devices once was a novelty, but it’s quickly becoming more common. Researchers at Arbor Networks have unearthed a new strain of PoS malware called Soraya that can scrape memory and has the ability to intercept information sent from Web forms, a specialty of the Zeus malware family. Soraya also has […]

Dennis Fisher and Mike Mimoso talk about the big security stories of the last couple of weeks, including the developments in the Target data breach, the president’s speech on NSA surveillance reforms and SCADA security woes.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.