<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;}
span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>For those of you not aware of the Target point-of-sale terminal data breach that occurred here in the United States recently, this information may be of some interest. Of relevance to us is the fact that the potential for malware on browser and CA/RA systems continues to be a threat and that all authentication and data communication mechanisms for enterprise systems need to use PKI and be well-engineered with security in mind.<o:p></o:p></span></p><div><div><div><pre><span style='color:#1F497D'><o:p> </o:p></span></pre><pre>--Target Says Malware Found of Point-of-Sale Terminals<o:p></o:p></pre><pre>(January 12 & 13, 2014)<o:p></o:p></pre><pre>Target is now acknowledging that there was malware on its point-of-sale<o:p></o:p></pre><pre>terminals. In addition, the breach, already one of the largest known<o:p></o:p></pre><pre>breaches of payment card data to date, affected as many as 110 million<o:p></o:p></pre><pre>Target customers, nearly three times the initial estimate. Target CEO<o:p></o:p></pre><pre>Gregg Steinhafel says the company is planning "significant changes" in<o:p></o:p></pre><pre>response to the breach, but did not elaborate.<o:p></o:p></pre><pre><a href="http://www.scmagazine.com/target-ceo-confirms-malware-on-pos-machines-talks-chip-cards/article/329166/" target="_blank">http://www.scmagazine.com//target-ceo-confirms-malware-on-pos-machines-talks-chip-cards/article/329166/</a><o:p></o:p></pre><pre><a href="http://news.cnet.com/8301-1009_3-57617106-83/target-confirms-malware-used-on-point-of-sale-terminals/" target="_blank">http://news.cnet.com/8301-1009_3-57617106-83/target-confirms-malware-used-on-point-of-sale-terminals/</a><o:p></o:p></pre><pre><a href="http://krebsonsecurity.com/2014/01/target-names-emails-phone-numbers-on-up-to-70-million-customers-stolen/" target="_blank">http://krebsonsecurity.com/2014/01/target-names-emails-phone-numbers-on-up-to-70-million-customers-stolen/</a><o:p></o:p></pre><pre><a href="http://www.computerworld.com/s/article/9245330/Update_Breach_exposes_data_on_110_million_customers_Target_now_says?taxonomyId=17" target="_blank">http://www.computerworld.com/s/article/9245330/Update_Breach_exposes_data_on_110_million_customers_Target_now_says?taxonomyId=17</a><o:p></o:p></pre><pre><a href="http://ca.news.yahoo.com/target-planning-quot-significant-changes-quot-data-breach-043426651--sector.html" target="_blank">http://ca.news.yahoo.com/target-planning-quot-significant-changes-quot-data-breach-043426651--sector.html</a><o:p></o:p></pre><pre>[Editor's Note (Murray): This is simply not a coherent report. "CCVs,"<o:p></o:p></pre><pre>and "names and addresses" do not appear at the "point-of-sale" while<o:p></o:p></pre><pre>"PINs" are in the clear at the point-of-sale. Moreover contaminating<o:p></o:p></pre><pre>enough point-of-sale devices to compromise more than a 100 million cards<o:p></o:p></pre><pre>in two weeks would seem a daunting task. It seems far more likely that<o:p></o:p></pre><pre>the payment card processing system was compromised but six weeks after<o:p></o:p></pre><pre>the event, we are left with as many questions as answers. Steinhafel may<o:p></o:p></pre><pre>be the right executive to assure us of Target's good intentions but not<o:p></o:p></pre><pre>the one to enlighten us as to what happened.]<o:p></o:p></pre><p class=MsoNormal> SANS NewsBites Vol. 16 Num. 004<br><br><o:p></o:p></p></div></div></div><p><o:p> </o:p></p></div></body></html>