Hackin9
A new Coinye logo that's been, ahem, floating around.

The most high-profile hack in recent months has no doubt belonged to mega-retailer Target, which suffered the theft of over 40 million credit card numbers around Thanksgiving. The hack is still being investigated, but independent journalist Brian Krebs discovered "memory-scraping" malware hiding on Target's POS this week. You can find all the details in Dan Goodin's story, Point-of-sale malware infecting Target found hiding in plain sight.

Ars readers, of course, had plenty of theories as to how that malware got there. nijave wrote, "The registers probably either network boot or periodically contact a server to check for updated versions automatically. I'm guessing they compromised the server that the POS systems boot/get updates from. That system is probably fairly easily accessible. Running a network vulnerability scanner probably would find an exploitable server they could install their command and control server on. This could have been one of the inventory management servers the registers are allowed to communicate with."

Spazmodica had a more big-picture view: "Target got completely hosed on this. There definitely seems to be an insider element, plus a fair amount of incompetency. But aside from some IT staff who will lose their jobs, the only harm is to the consumers whose data has been compromised. The corporation itself won't face any real consequences, since it's perfectly legal to lose consumer data in the USA (unless it's medical data), and of course here in America corporate executives are never held accountable for anything." And Scallywag quipped, "POS systems are, indeed, well named."

Read 12 remaining paragraphs | Comments

 
The so-called "Internet of Things" will be littered with multiple, warring, incompatible standards and systems for connectivity, making it very unlike the actual Internet, which is a shame, writes columnist Mike Elgan.
 
CIOs are waiting anxiously for Microsoft to pick a new CEO, but they don't mind that it's taking its time; the way they see it, Microsoft can't afford to make a mistake in the selection process.
 
Cybercriminals have stolen payment card data from six more U.S. retailers using similar point-of-sale malware that compromised Target, a computer crime intelligence company said Friday.
 
Internet Storm Center Infocon Status