Device Hardening and Continuous Compliance Monitoring CONTINUOUS COMPLIANCE

Research from IntelCrawler reveals electronic kiosks and ticketing systems, typically for public transport systems, are being targeted by the “d4re|dev1|” malware.

This advanced backdooor malware provides remote administration capabilities, RAM scraping and keylogging features designed to infect a ticketing network and steal payment card data.

One of the findings from the research is that ticketing terminals are sometimes being used inappropriately by staff, for example, for general web surfing, e-mail and social network interaction.This provides multiple opportunities for either unintended or intentional infection of the ticketing terminal.

"These cases have a common denominator of weak passwords and logins, many of which were found in large 3rd party credential exposures"

Standard PCI DSS security best practice is to limit device functionality to its minimum, so browser software should be disabled or removed if not required and firewalling used to restrict web access for any POS systems unless necessary. Similarly POS file integrity monitoring should be used to maintain system integrity and detect malware activity.

Read the full article here

Share this blog post

Products
USA Offices
New Net Technologies Ltd
Naples
9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
email USinfo@nntws.com
NNT Logo
UK Office
New Net Technologies Ltd
Spectrum House, Dunstable Road
Redbourn,
St Albans

Herts
AL3 7PR

Tel: 08456 585 005
Fax: 08456 122 031
email info@newnettechnologies.com
Connect with NNT
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
Sign up to NNT's IT security and compliance monthly newsletter. Get breaking security news, how-to tips, trends and commentary direct to your inbox.

Sign up to the NNT newsletter