A week in security (December 7 – December 13)
A roundup of cybersecurity news from December 7 – 13, including tax scams, FireEye breach, K12 security, and many other topics.
Fintech industry developments, differences between Europe and the US
The developments in fintech differ between regions due to legislation. How does that effect the industry and the safety of their customers?
Credit card skimmer targets ASP.NET sites
This unusual web skimmer campaign goes after sites running Microsoft’s IIS servers with an outdated version of the ASP.NET framework.
Important tips for safe online shopping post COVID-19
Online shopping can be convenient, especially during a total lockdown. But shopping online in the middle of the COVID-19 crisis brings with it other dangers. Here’s what to watch out for.
Fraudsters cloak credit card skimmer with fake content delivery network, ngrok server
Criminals set up fraudulent infrastructure that looks like a typical content delivery network—except it isn’t. Behind it hides a credit card skimmer injected into Magento online stores.
Fintech security: the challenges and fails of a new era
The fintech industry has gone through some dramatic changes during the last decade and is still trying to adapt. Is security still one of their priorities?
6 ways hackers are targeting retail businesses
Whether it’s a high-volume shopping season or not, retail businesses are at risk from cybercriminals in a number of ways. Learn how hackers target retailers and shoppers alike.
New evasion techniques found in web skimmers
As Magecart credit card skimmers become exposed by security researchers, their authors are refining evasion techniques to go undetected.
Hundreds of counterfeit online shoe stores injected with credit card skimmer
A Magecart credit card skimmer was found injected into hundreds of counterfeit, brand-name shoe stores—a one-two punch of victimization for users first duped with fake goods then stripped of their personal data.
There’s an app for that: web skimmers found on PaaS Heroku
Cybercriminals are abusing platform-as-a-service (PaaS) cloud provider Heroku to build web skimming apps and steal customer data.
