In reply to Anonymous. non rekvalite sitems uniti problems v doskonalenie sistemi kattorie bolhe net na simle besapas...
https://blogs.cisco.com/security/talos/poseidon#comment-2311960
To answer the question about how stations get infected. Many POS malware infections start with insecure remote access. For example, over the past 12 months, LogMeIn was used insecurely by several...
https://blogs.cisco.com/security/talos/poseidon#comment-2301657
In reply to Douglas Held. Correction; service name "WinHost"....
https://blogs.cisco.com/security/talos/poseidon#comment-2299954
Authors, thank you for this well written information. I'm really interested to know whether the Loader service stays resident once the attack is underway? In that case, I think the simplest way t...
https://blogs.cisco.com/security/talos/poseidon#comment-2299897
Can you please provide MD5 Hash for IOC's above?
https://blogs.cisco.com/security/talos/poseidon#comment-2299655
In reply to Marpos. Likely USB or the like, you'd be surprised how effective localized infection vectors can be. Ask ...
https://blogs.cisco.com/security/talos/poseidon#comment-2296693
Mildar is on point. How is this malware propagating? What's the attack vector.
https://blogs.cisco.com/security/talos/poseidon#comment-2292040
How does these PoS systems get infected? It is uncommon to search web pages or receive emails on Pay terminals. So USB? (not very effective?) or not updated system -> exploit?
https://blogs.cisco.com/security/talos/poseidon#comment-2291033
In reply to Joel. You mean google wallet?
https://blogs.cisco.com/security/talos/poseidon#comment-2290705