MasterCard and Visa payment processor compromised, up to 10 million cards stolen

Card Terminal photo courtesy of Shutterstock

Brian Krebs is reporting that MasterCard and Visa are warning member-banks of a payment processor breach that may impact more than 10,000,000 credit cards.

It is important to note that MasterCard and Visa's own networks were not involved in the attack, it appears to be related to payment processor Global Payments.

Reuters is reporting that Global Payments stock was suspended for trading after falling more than 9% on the Nasdaq stock exchange.

Krebs reported that one of the financial institutions he spoke with had to cancel 56,455 credit cards, of which fraud was detected on 876, or 1.5%.

There is much speculation about the source of the breach as many are reporting that the majority of the fraud is occurring in the greater New York City area, yet cards are being cancelled around the country.

What is a payment processor? Payment processors provide merchants (stores) with access to payment brokering networks like MasterCard, Visa, American Express and Discover. The terminal that processes your card sends the details of the transaction to the payment processor to facilitate the purchase.

It is being reported that the attackers got "full Track 1 and Track 2 data". This is very bad as it would allow for the attackers to fully produce cards including the CVV/CCV code you often need to enter for online transactions.

Strangely, law enforcement contacts told Krebs they believe the breach is related to a Dominican gang in New York and primarily targeted corporate credit and debit cards.

Card statement image courtesy of Shutterstock

Fortunately consumers don't need to worry too much. Card issuing banks (Bank of America, Chase, etc.) are cancelling cards that are involved in the theft and card holders will not be held responsible for any fraudulent activity.

I wouldn't cancel my card or ask for a new one, but it would certainly be prudent to keep a close eye on your statements to be sure nothing suspicious shows up.

As we find out more details on how this heist came about, we will post information here. From the sound of it the card information sounds like it may not have been encrypted or they wouldn't need to cancel so many cards.

Credit card processing terminal image and card statement image courtesy of Shutterstock.

Cool Tool – AlarmVM


AlarmVM is used by VMware Administrators to detect problems in the VMware environment and proactively notify administrators. alarmVM is a 24/7 alarm monitoring tool that detects problems in VMware objects, including VMs, hosts, clusters, datastores and vCenter Servers. When alarm conditions are detected, alarmVM notifies VMware Administrators via email and/or SNMP trap.
  • alarmVM can be installed and set up to monitor a VMware environment in less than 20 minutes.
  • It automatically activates out-of-the-box alarms so an entire VMware environment is being monitored simply by registering a vCenter Server.
  • By default, alarmVM notifies all configured contacts about each alarm, eliminating the need to set up contacts for each alarm.
  • Using inheritable alarm policies, it is easy to change default alarm behavior on entire sets of vSphere objects (e.g. all VMs in a datacenter or all VMs in a folder).
  • A 30 day history of alarms is kept, so you can see what happened in the past. During this period, alarmVM shows graphs for metric-based alarms with the underlying detailed data that would not be available in vSphere Client.
  • alarmVM shows how alarms are trending so you can see if trouble is easing or mounting in your VMware environment.
alarmVM consists of a multi-tiered architecture consisting of an alarmVM Server, Web Clients, a Repository database and Monitored vSphere Servers.
  • alarmVM: The alarmVM Server performs two key functions. First, it collects data from the monitored VMware servers. Second, it presents web pages to alarmVM users and sends notifications (emails and SNMP traps) when alarm conditions are detected. It is installed on a server that has network access to the Repository and each of the monitored servers. Although this process performs many functions, it appears as a single process on the operating system.
  • alarmVM Repository: The Repository database instance is accessed by the alarmVM Server, and holds all of the collected alarm information. A default Repository is installed with alarmVM, but alarmVM can be configured to use another database instance for the Repository.
  • Monitored Servers: alarmVM’s agentless monitors remotely connect to each VMware vCenter Server or ESX/ESXi host and cause less than 1% overhead on the monitored systems. No software is installed in the vCenter Server, ESX/ESXi host or Virtual Machines. A vSphere user (aka monitoring user) with administrator privileges is needed for monitoring.
  • Web Browsers: alarmVM users view alarm data in a web browser. From this interface, users register VMware servers, configure alarms and contacts for alarm notification.

Cool Tool – IgniteVM

IgniteVM is used by database administrators to ensure service and availability of database instances running in VMware virtual machines. It shows the DBA what the database response time delays are, and what the contributing causes are at the instance, virtual machine, and physical layers. 

IgniteVM is a 24/7 monitoring tool, based on industry best practice Performance Intelligence and Wait-Time analysis methods. IgniteVM supports Oracle, SQL Server, DB2 LUW and Sybase databases across all operating systems, running in VMware vCenter Server or stand-alone ESX/ESXi host environments.

Wait-Time Analysis and Virtualization Visibility

Wait-time analysis is an approach to application and database performance improvement that allows users to see where users are waiting the most. Traditionally, database performance is measured in the number of events and hit ratios. While somewhat meaningful and easy to capture, these statistics do not reflect a relevant view of the end-user experience nor do they reveal with any precision where the problem originated.

IgniteVM gives DBAs visibility to see virtual server operation correlated with database instance wait-time analysis data. Assessing database performance without visibility leaves database administrators (DBAs) guessing about the root cause, hampering their ability to take action to address their most important user-oriented problems.

Free version of Veeam ONE

Veeam is pleased to offer a free version of Veeam ONE, its single solution for powerful, easy-to-use and affordable virtualization management. Now everyone can experience the benefits of realtime monitoring, change tracking, documentation and management reporting used by more than 50,000 VMware professionals.
Veeam ONE Free Edition includes all the core functionality of the full version of Veeam ONE, including full data collection, multi-user support, and a Microsoft SQL Server backend. There are no limits on the number of hosts, virtual machines (VMs), users or the size of your data archive. By simply installing a purchased license key, Veeam ONE Free Edition can easily be upgraded to the full version of Veeam ONE to gain these and other additional capabilities:
  • Alarm modeling and custom alarms
  • Full access to the knowledge base
  • Management of guest, host and vCenter processes
  • Historical change management beyond the most recent 24 hours
  • Microsoft Visio reports for multipathing, network, vMotion and datastore utilization
  • Automated report generation and distribution
This PDF details the features and differences between Veeam ONE Free Edition and the full version of Veeam ONE.

vCenter Operations Video – Drilldown & Alerts

Standard emoticons like :-) and ;-) are converted to images.

E-Mail addresses will not be displayed and will only be used for E-Mail notifications.


To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

VMware vSphere Blog: Have you seen vBenchmark yet? Free tool for evaluating your virtualized infrastructure and comparing you to peers!

VBenchmarkScreen-tiff

vBenchmark is a free tool to measure the performance of a VMware virtualized infrastructure across three categories: efficient resource utilization, operational agility, and quality of service. Please visit labs.vmware.com/flings/vbenchmark to download the application.

vBenchmark directly queries existing vCenter Server data to provide a succinct set of metrics to help you measure and communicate configuration, activity and availability of your VMware virtualized private cloud.  vBenchmark takes a snapshot of configurations, tasks and events from vCenter Server databases and returns a succinct set of metrics in each category. Snapshots are a quick and easy way to communicate key measures within your organization.  As your private cloud evolves, measure changes over time by taking periodic snapshots and comparing your metrics. In addition, contribute your metrics to a community repository and in return, receive Peer Group benchmarks to see how your results compare. 

Key features of vBenchmark:
•    Retrieve metrics across one or multiple vCenter Servers
•    Include or exclude hosts at the Cluster level to further refine your analysis
•    Save queries and compare over time to measure changes as your environment evolves
•    Define your Peer Group by geographic region, industry and company size, then see how you stack up

What can you do with vBenchmark?
•    Easily collect and evaluate operational metrics on ongoing basis to gauge efficiency
•    Provide valuable insight to customers around their IT environment
•    Help identify promising areas for IT initiatives
•    Recommend products and services to improve areas to affect metrics

We continue to seek feedback from our user base as vBenchmark is downloaded and deployed. Please let us know your questions and concerns as they arise. We will listen to your feedback, prioritize requests and introduce new features and functions in the next release.

Thanks!