A Magecart credit card skimmer was found injected into hundreds of counterfeit, brand-name shoe stores—a one-two punch of victimization for users first duped with fake goods then stripped of their personal data.
Cybercriminals are abusing platform-as-a-service (PaaS) cloud provider Heroku to build web skimming apps and steal customer data.
Threat actors combine phishing with a web skimmer to create a devious scheme designed to lift credit card data from unaware shoppers.
Bread crumbs left behind open up a possible connection between Magecart Group 5 and Carbanak.
A roundup of the latest cybersecurity news for the week of August 19–25, including Magecart attacks on poker software, a new Bluetooth vulnerability, continuing ransomware attacks on US cities, Bitcoin sextortion, and a look back at one researcher’s DEF CON experience.