Midwestern U.S. retailer Hy-Vee disclosed investigation findings this week from a data breach announced in mid-August impacting millions of customers utilizing its food and service point-of-sale (PoS) transaction machines. The investigation identified the operation of malware designed to access payment card data from cards used on PoS devices at certain Hy-Vee fuel pumps, drive-thru coffee
With the new era of Windows as a service, Microsoft is rolling out changes to the operating system twice a year. Many of those changes will allow you to improve your security posture and offer more security choices. You no longer have to wait for a new operating system to deploy new security features. Below
A new attack is found that uses MySQL as part of the attack chain in a GandCrab ransomware infection. A new type of attack by the pervasive GandCrab ransomware could open the door to more juicy targets — database servers. Researchers at Sophos Labs discovered a new attack using GandCrab against one of its honeypots.
More fallout from the compromise of Asus’s automated software update. When a platform is attacked, there are well-practiced tools and strategies for response. When servers that provide software and firmware updates get hit as in the recent ShadowHammer attack that hit Asus and its customers, remediation can be much more of a challenge technologically and behaviorally.
ShadowHammer campaign latest to highlight dangers of supply chain attacks.
Taiwanese computer maker ASUS may have inadvertently distributed malware to over 1 million users of its systems worldwide after attackers compromised software update servers at the company last year, Kaspersky Lab said in a report Monday. Available telemetry shows the attackers planted the malware,