Heartland Sniffer Hid In Unallocated Portion Of Disk

[Arshad Noor <arshad.noor@strongauth.com>]

"The sniffer malware that surreptitiously siphoned tons of payment card 
data from card processor Heartland Payment Systems hid in an unallocated 
portion of a server’s disk. The malware, which was ultimately detected 
courtesy of a trail of temp files, was hidden so well that it eluded two 
different teams of forensic investigators brought in to find it after 
fraud alerts went off at both Visa and MasterCard, according to 
Heartland CFO Robert Baldwin".

http://www.storefrontbacktalk.com/securityfraud/heartland-sniffer-hid-in-unallocated-portion-of-disk/

Here is another quote from the same article that speaks to the work that
the EKMI TC is doing; JD/Derol, since this is from a public site, I
imagine, some quote from this article in the flash-demo will be
considered appropriate use.  I particularly like the last sentence of 
the CEO's comment that speaks to the EKMI TC's vision.  (Jamie, can
you confirm that we would not be violating this site's copyrights by
using a quote (with a link to it) in our work?  Thanks).

"Heartland on Tuesday (Jan. 27) announced that it will be creating a new 
department [group] that will be “dedicated exclusively to the 
development of end-to-end encryption.”

“PCI is a good and effective standard, but the bad guys have become more 
sophisticated to the point where encryption of data in motion appears to 
be one of the next required steps. There is no single silver bullet that 
will secure payment systems, and constant vigilance and monitoring of 
the infrastructure will always be required,” Heartland CEO Robert Carr 
said in a statement. “Nevertheless, I believe the development and 
deployment of end-to-end encryption will provide us the ability to 
implement increasing levels of security protection as they become needed.”

Arshad