Target’s data breach last December was the second largest in U.S. history, with more than 100 million people affected. Now it is reported that the huge hacking attack may have started with just one email.
KrebsOnSecurity has published a report that the hackers accessed Target’s network by using authentication gained from a heating and ventilation subcontractor.
The contractor, once infected by malware spread by the attackers, left the virus undetected due to its anti-malware protection being a scan-only program with no preventative firewall.
Shotgun blast When an order was placed by Target, the vendor had to log into a Target portal to confirm, connecting the two systems and spreading the infection.
Krebs states that the hackers may not have initially made Target its primary goal, but sent malicious emails out ‘like a shotgun blast’ to see who would be infected. Once the contractor had been infected and then spread the malware to Target, the hackers went to work.
Target made the job no harder, too, according the report, with easy to glean domain names and user info posted onto its dedicated websites. Investigations into the breach continue.
Via ArsTechnica * Target point-of-sale machines infected with malware
Square launched Square Cash last fall as a simple way to send money to people via email. All you have to do is send the recipient an email with the amount in the subject line and Cc: firstname.lastname@example.org. As mentioned
Ask and you shall receive Mobile payments company Square announced that users of Square Cash, the company’s personal payment app, can now use the service to charge individuals or groups through the app or via email. For example, someone collecting money for an upcoming birthday party could send out payment requests to partygoers See also: 10 Startups to Watch in 2014 Users can request cash from as many as 25 people at one time, and anyone already signed up on Square Cash can pay off requests with the click of one button. Users who haven’t used the app or service before will need to provide debit card information in order to make payments Read more…
More about Square, Mobile Payments, Startups, Tech, and Apps Software
fplatten writes “I would definitely call this unethical manipulation of the ratings system: the Worst Company in America, EA is routing all ratings made in game of 1 to 4 stars as an email that is sent to EA, but all 5 star ratings are routed to the Google Play store where it’s rating is currently 4.3 out of 5.”
Read more of this story at Slashdot.