A week in security (August 19 – 25)

Credit to Author: Malwarebytes Labs| Date: Mon, 26 Aug 2019 15:38:39 +0000

A roundup of the latest cybersecurity news for the week of August 19–25, including Magecart attacks on poker software, a new Bluetooth vulnerability, continuing ransomware attacks on US cities, Bitcoin sextortion, and a look back at one researcher’s DEF CON experience.

Categories:

Tags:

(Read more…)

The post A week in security (August 19 – 25) appeared first on Malwarebytes Labs.

Read more

Magecart criminals caught stealing with their poker face on

Credit to Author: Jérôme Segura| Date: Tue, 20 Aug 2019 15:00:38 +0000

This blog post details the curious case of a web skimmer encountered in a poker application.

Categories:

Tags:

(Read more…)

The post Magecart criminals caught stealing with their poker face on appeared first on Malwarebytes Labs.

Read more

A week in security (July 29 – August 4)

Credit to Author: Malwarebytes Labs| Date: Mon, 05 Aug 2019 15:44:37 +0000

A roundup of security news from July 29 – August 4 including Capital One breach, Lord Exploit Kit, more Magecart skimming, ATM attacks, QR code scams, and Equifax payout.

Categories:

Tags:

(Read more…)

The post A week in security (July 29 – August 4) appeared first on Malwarebytes Labs.

Read more

No summer break for Magecart as web skimming intensifies

Credit to Author: Jérôme Segura| Date: Thu, 01 Aug 2019 15:00:00 +0000

Despite the heat, criminals are hard at work stealing credit card data from unaware shoppers. July marks a notable increase in web skimmer attacks over previous months.

Categories:

Tags:

(Read more…)

The post No summer break for Magecart as web skimming intensifies appeared first on Malwarebytes Labs.

Read more

A week in security (July 15 – 21)

Credit to Author: Malwarebytes Labs| Date: Mon, 22 Jul 2019 15:50:35 +0000

A roundup of cybersecurity news from July 15–21, including the Zoom camera vulnerability, Extenbro, Sodinokibi, Magecart, and cybersecurity challenges facing the education sector.

Categories:

Tags:

(Read more…)

The post A week in security (July 15 – 21) appeared first on Malwarebytes Labs.

Read more

No man’s land: How a Magecart group is running a web skimming operation from a war zone

Credit to Author: Threat Intelligence Team| Date: Thu, 18 Jul 2019 15:00:13 +0000

We take a look into a Magecart group’s web skimming activities, which are relying on a bulletproof-friendly host in battle-scarred Luhansk, Ukraine to provide cover for their activities, safe from the reach of law enforcement and the security community.

Categories:

Tags:

(Read more…)

The post No man’s land: How a Magecart group is running a web skimming operation from a war zone appeared first on Malwarebytes Labs.

Read more

Skimmer acts as payment service provider via rogue iframe

Credit to Author: Jérôme Segura| Date: Tue, 21 May 2019 15:38:42 +0000

Even e-commerce sites that do not take payment information themselves can be abused by crooks. In this post, we show how a web skimmer is able to inject an artificial iframe into the checkout page to prompt users for their credit card information. Victims will only realize something’s not right when they are redirected to the real (and external) payment form.

Categories:

Tags:

(Read more…)

The post Skimmer acts as payment service provider via rogue iframe appeared first on Malwarebytes Labs.

Read more

GitHub hosted Magecart skimmer used against hundreds of e-commerce sites

Credit to Author: Jérôme Segura| Date: Fri, 26 Apr 2019 16:06:12 +0000

Magecart threat actors upload their skimming code onto GitHub in the latest attack against Magento websites.

Categories:

Tags:

(Read more…)

The post GitHub hosted Magecart skimmer used against hundreds of e-commerce sites appeared first on Malwarebytes Labs.

Read more