Demystifying two common misconceptions with e-commerce security

HTTPS and iframe containers augment security, but are not a panacea for online shoppers and merchants.

Read more

Lock and Code S1Ep17: Journalism’s role in cybersecurity with Alfred Ng and Seth Rosenblatt

On the latest episode of Lock and Code, we talk to reporters Seth Rosenblatt and Alfred Ng about the role of journalism in cybersecurity.

Read more

Credit card skimmer targets virtual conference platform

Criminals have gone after an online conference platform to steal credit card data from virtual attendees.

Read more

Mobile network operator falls into the hands of Fullz House criminal group

The Fullz House threat group has struck again, this time inserting a credit card skimmer into a mobile phone operator and seller.

Read more

New web skimmer steals credit card data, sends to crooks via Telegram

Criminals steal payment data from online shoppers by abusing the Telegram instant messaging API, inserting credit card skimming code.

Read more

Inter skimming kit used in homoglyph attacks

Threat actors load credit card skimmers using a known phishing technique called homoglyph attacks.

Read more

Credit card skimmer targets ASP.NET sites

This unusual web skimmer campaign goes after sites running Microsoft’s IIS servers with an outdated version of the ASP.NET framework.

Read more

Web skimmer hides within EXIF metadata, exfiltrates credit cards via image files

This credit card skimmer hides in plain sight, quite literally, as it resides inside the metadata of image files.

Read more

Lock and Code S1Ep7: Sounding the trumpet on web browser privacy with Pieter Arntz

This week on Lock and Code, we talk to Pieter Arntz about web browser privacy—an often neglected subcategory of data privacy.

Read more

Credit card skimmer masquerades as favicon

Criminals register fake domain to hide their web skimmer as an innocuous image file.

Read more

Select your language