FIN6 Compromised E-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands of Online Shops
We discovered that the online credit card skimming attack known as Magecart or E-Skimming was actively operating on 3,126 online shops. Our data shows that the attack started on September 7, 2019. All of the impacted online shops are hosted on the cloud platform of the e-commerce service provider “Volusion,” one of the top e-commerce […] more…New Magecart Attack Delivered Through Compromised Advertising Supply Chain
by Chaoying Liu and Joseph C. Chen On January 1, we detected a significant increase in activity from one of the web skimmer groups we’ve been tracking. During this time, we found their malicious skimming code (detected by Trend Micro as JS_OBFUS.C.) loaded on 277 e-commerce websites providing ticketing, touring, and flight booking services as […] more…Are Your Online Mainframes Exposing You to Business Process Compromise?
by Roel Reyes (Senior Threat Researcher) Legacy mainframes are still used by enterprises to handle big data transactions across a range of industries, from financial institutions, telecoms, and internet service providers (ISPs) to airlines and government agencies. Why are they still in use? As the saying goes: “if it ain’t broke, don’t fix it”. But […] more…More information
- Lenovo Power Management Driver CVE-2019-6192 Local Buffer Overflow Vulnerability
- What to do when you are on the receiving end of a data breach
- Exploiting Google’s Chromecast
- Court: FTC can bring down the hammer on companies with sloppy cybersecurity
- This Samsung patent could solve the iPhone X’s notch problem
- State-Actors Likely Behind Singapore Cyberattack: Experts
- Developers leak benchmarks from the Apple silicon Mac transition kit
- Researcher Finds Malicious Web Shell on Facebook Server
- Literary-minded phishers are trying to pilfer publishers’ manuscripts
- Five Must-Haves for Enterprise Sync & Share Flexibility