Point-of-sale device manufacturers Verifone and Ingenico have released fixes for flaws in some of their devices. Vulnerabilities could have enabled attackers to steal payment card data, clone cards or install malware. Device owners should immediately apply the patches from the vendors, researchers say. The vulnerabilities in the default password settings as well as arbitrary code execution affect the devices, they say. An attack using the methods described in the paper is not likely, an expert says. Small businesses are unlikely to promptly apply POS patches, an analyst says.”]
Source: https://www.cuinfosecurity.com/pos-device-makers-push-patches-for-vulnerabilities-a-15598