Credit card skimmer targets ASP.NET sites
This unusual web skimmer campaign goes after sites running Microsoft’s IIS servers with an outdated version of the ASP.NET framework.
Credit card skimmer masquerades as favicon
Criminals register fake domain to hide their web skimmer as an innocuous image file.
Criminals hack Tupperware website with credit card skimmer
This latest hack from Magecart threat actors was well planned and executed.
Lock and Code S1Ep2: On the challenges of managed service providers
On episode 2 of Lock and Code, we discuss the latest security news, including how to secure remote workers, security conferences cancelled because of coronavirus, and Google Play’s poor performance on stopping malware. Plus, we speak to two MSP representatives on the daily challenges of managing thousands of endpoints.
Rocket Loader skimmer impersonates CloudFlare library in clever scheme
URLs can be deceiving, but the one used to mimic CloudFlare’s Rocket Loader in the latest Magecart attack takes it to a whole new level.
A week in security (December 30 – January 5)
A roundup of the previous week’s most notable security stories and events, including new web skimmer techniques, an explanation of edge computing, and more.
New evasion techniques found in web skimmers
As Magecart credit card skimmers become exposed by security researchers, their authors are refining evasion techniques to go undetected.
There’s an app for that: web skimmers found on PaaS Heroku
Cybercriminals are abusing platform-as-a-service (PaaS) cloud provider Heroku to build web skimming apps and steal customer data.
The forgotten domain: Exploring a link between Magecart Group 5 and the Carbanak APT
Bread crumbs left behind open up a possible connection between Magecart Group 5 and Carbanak.
Magecart criminals caught stealing with their poker face on
This blog post details the curious case of a web skimmer encountered in a poker application.
