Iran-linked #Handala hackers claim cyber attacks on Stryker and Verifone. Stryker confirms a network disruption while Verifone says it found no evidence of a breach. Hackers say PoC for the alleged attack is coming soon.

Read: https://hackread.com/iran-handala-hackers-verifone-stryker-hacks/

#CyberSecurity #CyberAttack #DataBreach #Stryker #Verifone #Iran

For those who have read #Handala's claims that they hacked #Verifone, Verifone sent me the following statement:

"Verifone closely monitors the security and integrity of its systems worldwide. We have observed recent allegations on March 11, 2026 from threat actors claiming an intrusion into our systems in Israel. Verifone has found no evidence of any incident related to this claim and has no service disruption to our clients."

#databreach

Handala is claiming Verifone today as well.

#verifone #breach

so...I wanted to tell you a story about a client I had when I was 15/16. a family client, to be procise.
so we used to have this ruby supersystem. now if you worked in convenience back then, this was your POS system, because we still had a dialup connection back then. believe it or not, this was deployed back in 2021/2022 where we were.
it was offered by #verifone and worked pretty well, it had a terminal with cereal ports.
now when the power went out, the thing would stop working. if you attempt to call verifone, it would not help at all. they wouldn't even give you dialin support, and those that tried to diagnose it couldn't. it used volatile memmery, the same ram used in projects like tails OS for secure systems. it had no backup, we didn't have the verifone PCM CIA card to back things up.
at the end of the day, we had to call a guy from (redacted) which was hundred miles away to get it fixed. he was pissed, but friendly nonetheless. he knew how to service the thing. probably the only person in the state of (redacted) thatk nows how to work it, probably one of theo nly ones remaining.

fast-forward to 2023 and we had a new system. i'd like to imagine it was the verifone ruby2 which is the successer to the supersystem. now this one was a touch screen, and I think there was the verifone commander, which is basically the controller.
so the clients convenience store was not owned directly y them, they were owned by a different company, she just managed it.
they had an IT company eventually come in and put in a brand new ump system.
so I ask the person doing it, because I need to know how this works, "what remote configuration software do you use? if we can't get the system to work, what do we do?"
and he tells me we use, weight for it....
....
#teamviewer remote support.
what, the, fuck?
now I couldn't say much because I wasn't the IT guy that did that, I was just kinda the basic IT guy. but I knew one thing for sure: TeamViewer was an extremely bad idea! if someone got into the network via a TeamViewer ID, they could've walked right into the system.
keep in mind, they didn't even have a dedicated IP for the box. in fact , it was running off that clients normal ISP router.
that's how bad it was.
I think even someone like @kkarhan would've probably said the same thing, bad idea.
if you put TeamViewer on any critical infrastructure, IT company or not, you need to not exist anymore. should be a corporate death penalty right there!
I was on site every day, they could've gave me some commands or a manual to work with, but nooooooo, they insisted "sorry, we have to do it, not you".

Сенсорный пин-пад и как он работает

Приветствую всех! Ещё пару лет назад Android POS и прочие платёжные терминалы с сенсорным экраном вместо традиционной клавиатуры были у нас редкостью. Но всё меняется, и вот уже обычные терминалы во многих магазинах навсегда ушли в историю. Меня неоднократно спрашивали, каким образом осуществляется защита ключей в таких устройствах и есть ли она вообще, так что я раздобыл несколько таких девайсов, дабы окончательно с этим разобраться. Итак, в сегодняшней статье поговорим про Android POS и про то, чем такие девайсы отличаются от обычных терминалов. Заодно разберём такой экземпляр и посмотрим, как он устроен и какими методами защиты обладает.

https://habr.com/ru/companies/timeweb/articles/855826/

#timeweb_статьи #verifone #ingenico #telpo #aqsi #pos #эвотор #касса #ккм #пинпад #тампер #ключи #3des #pin #терминал #троллейбус_из_буханки_хлеба

Der Ausfall der #Verifone #H5000 Kartenterminals ab 24.5.2022 scheint wohl beseitigt

https://www.borncity.com/blog/2022/07/31/ausfall-der-verifon-h5000-kartenterminals-wohl-weitgehend-behoben-juli-2022/