Segway store compromised with Magecart skimmer
Magecart Group 12 is still alive and well in the latest attack against popular brand Segway.
Card skimmers strike Sotheby’s in Brightcove supply chain attack
Web skimmers gained access to a cloud video platform and used that access to perform a supply chain attack on Sotheby real estate sites.
Check your passwords! Synology NAS devices under attack from StealthWorker
Synology is warning users of its NAS devices to beware of brute force attacks from the StealthWorker botnet.
A week in security (May 10 – 16)
A roundup of the previous week’s most interesting secrurity stories alongside the very best of our own research, from May 10 – 16.
Newly observed PHP-based skimmer shows ongoing Magecart Group 12 activity
This skimmer is using a hybrid approach to bypass detection and target vulnerable e-commerce websites.
Credit card skimmer piggybacks on Magento 1 hacking spree
It’s double trouble for Magento 1 sites when skimmers find themselves competing for resources.
Demystifying two common misconceptions with e-commerce security
HTTPS and iframe containers augment security, but are not a panacea for online shoppers and merchants.
Credit card skimmer targets virtual conference platform
Criminals have gone after an online conference platform to steal credit card data from virtual attendees.
Mobile network operator falls into the hands of Fullz House criminal group
The Fullz House threat group has struck again, this time inserting a credit card skimmer into a mobile phone operator and seller.
New web skimmer steals credit card data, sends to crooks via Telegram
Criminals steal payment data from online shoppers by abusing the Telegram instant messaging API, inserting credit card skimming code.