PoS Flaws Allow Hackers to Steal Card Data, Change Prices

Eduard Kovacs | August 25, 2017

PoS Flaws Allow Hackers to Steal Card Data, Change Prices
Point-of-sale (PoS) systems developed by SAP and other vendors have serious vulnerabilities that can be exploited by hackers to steal payment card data from the targeted organization’s network and change the price of items they want to purchase. Researchers at ERPScan discovered that SAP’s POS product, which is part of the company’s SAP for Retail offering, was affected by several flaws. Specifically, the system’s server component, Xpress Server, lacked important authorization checks for critical functionality.

Spotlight

Software developers need to fundamentally rethink the coding process to include an explicit focus on the privacy and security aspects of their code rather than simply regarding it as an afterthought.
A globally recognized application security expert, Dan Cornell has over 15 years of experienc


Other News
DATA SECURITY

Cowbell Cyber Unites Cybersecurity Giants and Cyber Insurance Industry with Launch of Cowbell Rx

Cowbell Cyber | September 21, 2021

Cowbell Cyber, the industry's first AI-powered cyber insurance provider for small to medium enterprises (SMEs), today announced the launch of its cyber risk exchange marketplace, Cowbell Rx. Cowbell Rx closes insurability gaps by providing cyber insurance applicants with resources to meet eligibility requirements while also enabling active policyholders to continuously improve their organization's risk profile. This comprehensive list of partners is the first of its kind in the cyber insurance industry. Cyberattacks continue to proliferate and damage business operations, with predictions that new attacks will happen every 2 seconds by 2031. However, cybersecurity and c...

Read More

DATA SECURITY

Cynalytica Delivers New Solution to Help Combat Cyber Threats to Maritime Navigation and Communication Systems

Cynalytica | September 20, 2021

Cynalytica Inc. announces its SerialGuard AnalytICS Platform now offers monitoring, deep packet inspection (DPI) support, and intrusion detection for legacy NMEA protocols. Its latest extension provides enhanced situational awareness and security to vulnerable maritime Industrial Control Systems (ICS) through NMEA-specific packet evaluations, analysis, and intrusion detection capabilities. "In addition to the serious threats posed to their OT network, one of the maritime industry's biggest security challenges today is the protection of their navigation and communications systems from persistent cyber threats. Vessels are increasingly vulnerable to cyber attacks that c...

Read More

SOFTWARE SECURITY

IPKeys Power Partners Announces New Grid Cyber Security Breakthrough

IPKeys | September 09, 2021

IPKeys Power Partners, the leading cybersecurity, cyber compliance, and smart grid technology company, announced today the release of its groundbreaking SigmaFlow Beacon platform to provide utilities, generators, and grid operators a simple, unified solution for cybersecurity monitoring and compliance requirements. The SigmaFlow Beacon platform is built specifically to help organizations align with North American Electric Reliability Corp. (NERC) compliance mandates. It provides NERC registered entities with a single solution to advance, simplify and improve existing cybersecurity and monitoring requirements. "We are pleased to provide utilities, generators...

Read More

PLATFORM SECURITY

Stellar Cyber Partners with SonicWall for Advanced Prevention, Response

Stellar | September 08, 2021

Stellar Cyber, the innovator of Open XDR, the only intelligent, next-gen security operations platform, announced today that it has joined the SonicWall SecureFirst Partner Program to integrate Stellar Cyber’s advanced threat detection and response with SonicWall’s award-winning prevention technology. This combination of prevention, detection and response provides an outstanding platform for enterprises that want to stop many attacks before they occur while detecting and remediating complex threats. “As a customer of both SonicWall and Stellar Cyber, it’s great to see these two solutions working together,” said Michael Crean, CEO of Solutions Grant...

Read More

Spotlight

Software developers need to fundamentally rethink the coding process to include an explicit focus on the privacy and security aspects of their code rather than simply regarding it as an afterthought.
A globally recognized application security expert, Dan Cornell has over 15 years of experienc

Resources

Events