FIN6 Compromised E-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands of Online Shops
We discovered that the online credit card skimming attack known as Magecart or E-Skimming was actively operating on 3,126 online shops. Our data shows that the attack started on September 7, 2019. All of the impacted online shops are hosted on the cloud platform of the e-commerce service provider “Volusion,” one of the top e-commerce […] more…New Magecart Attack Delivered Through Compromised Advertising Supply Chain
by Chaoying Liu and Joseph C. Chen On January 1, we detected a significant increase in activity from one of the web skimmer groups we’ve been tracking. During this time, we found their malicious skimming code (detected by Trend Micro as JS_OBFUS.C.) loaded on 277 e-commerce websites providing ticketing, touring, and flight booking services as […] more…Are Your Online Mainframes Exposing You to Business Process Compromise?
by Roel Reyes (Senior Threat Researcher) Legacy mainframes are still used by enterprises to handle big data transactions across a range of industries, from financial institutions, telecoms, and internet service providers (ISPs) to airlines and government agencies. Why are they still in use? As the saying goes: “if it ain’t broke, don’t fix it”. But […] more…More information
- Facebook cookie case: Why even the ‘Like’ button infringes EU ‘informed consent’ privacy law
- Wenlock, Mandeville and you *
- Google ups bug bounty to $20,000
- Russia? China? Who Hacked Yahoo, and Why?
- Don’t wear your Google Glass or other wearables when watching a movie
- Serious MySQL authentication bypass vulnerability found – Metasploit module already released
- Redux: Metadata Matters
- Researchers trick Tesla’s Autopilot into driving into oncoming traffic
- Microsoft Windows Graphics Component CVE-2015-1645 Remote Code Execution Vulnerability
- Building Threat Intelligence to Detect APTs in Lateral Movement