Cybercriminals plan to make L7 routers serve card stealing code
One of the Magecart cybercriminal groups is testing a new method for grabbing users’ credit card info: malicious skimming code that can be loaded into files used by L7 …
payment cards
Flaws allow attackers to bypass payment limits on Visa contactless cards
Flaws that allow attackers to bypass the payment limits on Visa contactless cards have been discovered by researchers Leigh-Anne Galloway and Tim Yunusov at Positive …
Post-exploitation scanning tool scavenges for useful information
Philip Pieterse, Principal Consultant for Trustwave’s SpiderLabs, has demonstrated at Black Hat Arsenal Europe 2018 a new tool for penetration testers called Scavenger. …
New Magecart victims ABS-CBN and Newegg are just the tip of the iceberg
With the Magecart attackers compromising web shops left and right, online shopping is becoming a risky proposition. After Ticketmaster, British Airways and Feedify, two new …
Magecart presents an unprecedented threat: Here’s what you can do
Recently we learned that the previously disclosed Ticketmaster UK breach from a few weeks ago was not a one-off event but instead part of a widespread website digital credit …
Ticketmaster breach part of massive credit card skimming campaign
RiskIQ researchers have discovered that the recent breach of Ticketmaster was not a one-off event as initially reported, but part of a massive digital credit card-skimming …
Hackers steal payment card data of 5 million Saks, Lord & Taylor customers
Hackers have apparently managed to compromise the cash register systems at Saks Fifth Avenue and Lord & Taylor stores in the US and Canada, and have stolen payment card …
On-card biometric for contactless payments tested in first commercial pilots
Visa has initiated pilots with Mountain America Credit Union and Bank of Cyprus of a new EMV dual-interface (chip- and contactless-enabled) payment card, making these the …
How Magecart attackers monetize stolen payment card info
The Magecart campaign, aimed at compromising online shops with malicious JavaScript code to collects payment card info, is still going strong, and researchers have pinpointed …
Russian carding industry pioneer sentenced to 27 years in prison
32-year-old Roman Valeryevich Seleznev, aka Track2, has been handed the longest US hacking sentence to date: 27 years in prison. He was convicted in August 2016, of 38 counts …
Mastercard introduces cards that work with fingerprints instead of PINs
Mastercard has added fingerprint sensors to its payment cards, in an attempt to make face-to-face payments more convenient and more secure. How does it work? “A …
InterContinental confirms card data breach at over 1,000 locations
InterContinental Hotels Group (IHG) has reported last week that a huge number of their hotels in the US and Puerto Rico have been compromised with payment card …