Criminals hack Tupperware website with credit card skimmer
This latest hack from Magecart threat actors was well planned and executed.
Lock and Code S1Ep2: On the challenges of managed service providers
On episode 2 of Lock and Code, we discuss the latest security news, including how to secure remote workers, security conferences cancelled because of coronavirus, and Google Play’s poor performance on stopping malware. Plus, we speak to two MSP representatives on the daily challenges of managing thousands of endpoints.
Rocket Loader skimmer impersonates CloudFlare library in clever scheme
URLs can be deceiving, but the one used to mimic CloudFlare’s Rocket Loader in the latest Magecart attack takes it to a whole new level.
A week in security (December 30 – January 5)
A roundup of the previous week’s most notable security stories and events, including new web skimmer techniques, an explanation of edge computing, and more.
New evasion techniques found in web skimmers
As Magecart credit card skimmers become exposed by security researchers, their authors are refining evasion techniques to go undetected.
There’s an app for that: web skimmers found on PaaS Heroku
Cybercriminals are abusing platform-as-a-service (PaaS) cloud provider Heroku to build web skimming apps and steal customer data.
The forgotten domain: Exploring a link between Magecart Group 5 and the Carbanak APT
Bread crumbs left behind open up a possible connection between Magecart Group 5 and Carbanak.
Magecart criminals caught stealing with their poker face on
This blog post details the curious case of a web skimmer encountered in a poker application.
No summer break for Magecart as web skimming intensifies
Despite the heat, criminals are hard at work stealing credit card data from unaware shoppers. July marks a notable increase in web skimmer attacks over previous months.
Magecart skimmers found on Amazon CloudFront CDN
Not all breaches on Content Delivery Networks (CDNs) result in supply-chain attacks, yet, they are often a forgotten entry point for attackers to slip in malicious code, such as web skimmers.
