Overview
Explore the world of point-of-sale security in this 59-minute Black Hat conference talk. Delve into the recent surge of point-of-sale breaches and understand why many organizations remain vulnerable to simple exploits. Learn about compromise methods from both retailer and software vendor perspectives, with a focus on the challenging issue of memory scraping. Witness a demonstration of memory scraping techniques and discover effective mitigation strategies. Journey through various security concepts, examining both ineffective and promising approaches without naming specific vendors. Cover topics such as architecture, credit cards, e-commerce, retail environments, cyber intelligence, malicious software, sandboxing, operating system obfuscation, and security layers. Gain insights into advanced threats like cashier-initiated hacks and Rubber Ducky attacks. Conclude with a comprehensive summary and engage in a Q&A session to deepen your understanding of point-of-sale protection.
Syllabus
Introduction
Architecture
Credit Cards
ECommerce
Retail Environment
Threads
Memory Scraper
Credit Card
Demo
Cyber Intelligence
Screenshot
Black Pause
Malicious Software
Visit of Offer
PIN
Response
Sandboxing
Normal Detection
Operating System Obfuscation
Solutions
Security Layers
Drivers
Family Signing
Obfuscation
Predicting
Memory squaring
Cashier is hacker
Rubber Ducky
Summary
Questions
Taught by
Black Hat