http://angelsofsecurity.com/blog Musings of an infosec renegade Fri, 03 Sep 2010 13:41:07 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 http://angelsofsecurity.com/blog/2009/12/10/ram-skimmers/ http://angelsofsecurity.com/blog/2009/12/10/ram-skimmers/#comments Fri, 11 Dec 2009 03:26:53 +0000 admin http://angelsofsecurity.com/blog/?p=545 In Verizon Business’ most recent data breach investigation report they mentioned a new class of malware which I’d never heard of before but found interesting – RAM scrapers. The basic idea is that they grab data straight from RAM. Verizon goes on the conclude that the recent increase in the use of encryption and limitations on what data can be permanently stored (mostly thanks to PCI), scammers have had to start looking to other areas to gain access to unencrypted data. I guess this shouldn’t really surprise anyone too much – we already know that for every measure there is another countermeasure. This is also another good example of Shamir’s third law of cryptography – “Cryptography is typically bypassed, not penetrated”.

]]> http://angelsofsecurity.com/blog/2009/12/10/ram-skimmers/feed/ 0