Hacking POS Systems

TASK Talk

Congratulations to our team at Security Compass for being accepted to present at TASK (Toronto Area Security Klatch) on November 30th at 6:00 PM. Jackson Thuraisamy and Jason Tran will be speaking about Hacking POS Systems. Here is an abstract of what they will be speaking about:

Hacking POS Systems

Hackers try to find the easiest ways to achieve the most impact. When it comes to credit card fraud, compromising Point of Sale (PoS) systems is the latest trend. The presenters will share their experience on how attackers can exploit both technical and policy gaps to breach organizations. This talk will cover approaches to physical security, kiosk breakouts, and the extraction of sensitive data. It’s laced with real-life examples, including a detailed discussion of recently disclosed critical vulnerabilities in Oracle’s hotel management platform.

For more information surrounding the disclosed critical vulnerabilities in Oracle OPERA, keep on the lookout later this month for Jackson’s post about it. His diagram for Sabotaging Cryptosystems is a great read until the post arrives.

About the Speakers

Jason Tran is a Security Consultant at Security Compass. Coming from a Computer Science background, his specialty lies in application security and identifying bugs in code reviews. For one of his notable achievements with an industry leader in online financial services, he has developed a Secure SDLC training program which is currently being used by the developers across the corporation today.

Jackson Thuraisamy is a Security Consultant at Security Compass. His combined experience in software development and security consulting has made him a specialist in compromising and defending application security. He likes to hunt critical vulnerabilities and plan targeted operations. He has also implemented an enterprise-wide secure SDLC initiative for a Fortune 100 client and taught defensive web security courses internationally.

Security Compass is a leading application security firm specializing in solving root application security problems for Fortune 500 companies. Our goal is to help you build secure software by seamlessly unifying your application security needs through eLearning, Security Requirements and Verification. Send us a message, we’d love to see how we can help you.