Retail News, Articles and Updates

Russian web hub Deer.io offering stolen goods and exploit services, report

Russian web hub Deer.io offering stolen goods and exploit services, report

By

A robust underground marketplace for the sale of stolen products from compromised accounts as well as shady online services has been detected in Russia.

Cicis Pizza delivers the bad news, confirms breach at 138 locations

Cicis Pizza delivers the bad news, confirms breach at 138 locations

By

Cicis Pizza has officially acknowledged a payment card data breach in 138 of its restaurant locations, after reports of a point-of-sale malware attack first came to light last month.

Hackers compromising checkout process on retail sites, redirecting shoppers to phishing page

Hackers compromising checkout process on retail sites, redirecting shoppers to phishing page

By

Researchers at Sucuri has uncovered a sampling of novel e-commerce attacks that combine the classic duplicity of phishing schemes with the insidiousness of malicious webpage redirects.

Malware on Omni Hotel POS systems scarfed payment card info

Malware on Omni Hotel POS systems scarfed payment card info

By

Omni Hotels & Resorts said guests had to physically present payment cards at one of its affected POS systems to be affected by malware stealing payment card information during a six-month period.

Wendy's revises data breach figures; over 1K locations compromised by POS malware

Wendy's revises data breach figures; over 1K locations compromised by POS malware

By

Wendy's yesterday identified over 1,000 U.S. franchised locations that were affected by two variants of point-of-sale malware discovered earlier this year.

Spike in cyberattacks expected to exploit upcoming Olympics, report

Spike in cyberattacks expected to exploit upcoming Olympics, report

By

An Israel-based security firm has issued a warning to fans of the upcoming Olympics to be wary of phony offers.

Clinton pledges tech evolution

Clinton pledges tech evolution

By

Democratic presidential hopeful Hillary Clinton called for administrative reform to help bring the U.S. copyright system into the digital age.

Air India frequent flier miles hacked

Air India frequent flier miles hacked

By

Unidentified individuals hacked into the loyalty program of at least 20 accounts at Air India to steal nearly $24,000 worth of frequent flier miles.

Twitter, HealthCare.gov top annual list of most trustworthy websites

Twitter, HealthCare.gov top annual list of most trustworthy websites

By

At one time ridiculed over lax cybersecurity, the federal health insurance exchange site HealthCare.gov scored second-highest out of approximately 1,000 websites in the Online Trust Alliance's eighth annual Trust Audit and Honor Roll.

Wendy's POS breach 'considerably' bigger than first thought

Wendy's POS breach 'considerably' bigger than first thought

By

Even more fast-food patrons may have a beef with The Wendy's Company, after the restaurant chain announced yesterday that the number of restaurants affected by a POS data breach may be "considerably higher" than first thought.

Consumers taking their business elsewhere after a hack, Centrify survey

Consumers taking their business elsewhere after a hack, Centrify survey

By

A new study examines consumer attitudes toward corporate hacking and companies should take heed.

Finish Line leverages IT auditing service to secure increase in cyber budget

Finish Line leverages IT auditing service to secure increase in cyber budget

By

In the perennial corporate tug-of-war over budget, Finish Line's director of security and compliance Cory Deeter recently relied on an independent security assessment service to influence upper-level executives to increase funding for cybersecurity initiatives.

FastPOS malware instantly delivers stolen credit card data

FastPOS malware instantly delivers stolen credit card data

By

Cybercriminals must be feeling the need for speed by brewing up a new point-of-sale (POS) malware family called FastPOS that is much faster at snatching and disseminating stolen credit card information.

New Locky ransomware campaign sets sights on Amazon customers

New Locky ransomware campaign sets sights on Amazon customers

By

Amazon customers are the target of a wide-ranging phishing email scam intended to fool recipients into opening up a malicious attachment that results in the downloading of Locky ransomware.

Flaws on Visa's HTTPS-protected sites allow hackers to insert JavaScript code

Flaws on Visa's HTTPS-protected sites allow hackers to insert JavaScript code

By

Vulnerabilities allow attackers to use an exploit known as the "forbidden attack," affecting dozens of Visa Inc.'s HTTPS-protected websites.

APWG report: Phishing surges by 250 percent in Q1 2016

APWG report: Phishing surges by 250 percent in Q1 2016

By

The Anti-Phishing Working Group observed more phishing attacks in the first quarter of 2016 than in any other three-month span since it began tracking data in 2004, according to the anti-cybercrime coalition.

Magento flaw allowed hackers to execute code using APIs

Magento flaw allowed hackers to execute code using APIs

By

Magento released a patch for a critical vulnerability that allowed unauthenticated users to execute PHP code remotely on the server using APIs.

NTIA study: Security threats deter online activities like making purchases and banking

NTIA study: Security threats deter online activities like making purchases and banking

By

A new government survey shows that U.S. households are growing averse to even the most routine online transactions, due to cyberattacks imperiling users' finances, identities and privacy.

DHS issues alert over old SAP vulnerability after 36 organizations infiltrated

DHS issues alert over old SAP vulnerability after 36 organizations infiltrated

By

The DHS yesterday issued its first-ever US-CERT security alert pertaining to the active exploit of an SAP application, after a security vendor determined 36 organizations were infiltrated via an SAP vulnerability that was disclosed over five years ago.

300 Wendy's restaurants affected by POS malware attack earlier this year

300 Wendy's restaurants affected by POS malware attack earlier this year

By

An investigation into a point-of-sale malware attack discovered earlier this year found 300 of the chain's 5,500 locations were impacted.

Kroger warns past, present employees of possible compromise after Equifax W-2Express breach

By

Kroger alerted current and former employees this week that their data - including Social Security numbers and birth dates - may have been compromised as a result of a breach at Equifax's W-2Express website.

First Choice Credit Union files class-action suit against Wendy's over breach

First Choice Credit Union files class-action suit against Wendy's over breach

By

Claiming that Wendy's didn't properly protect data, First Choice Credit Union filed a class action lawsuit against the retailer over a breach experienced last year.

PCI DSS version 3.2 release extends multifactor authentication requirement

PCI DSS version 3.2 release extends multifactor authentication requirement

By

The PCI Data Security Standard version 3.2 released Thursday not only includes new requirements to safeguard payment data, including multifactor authentication.

Online scammers entice wannabe mystery shoppers to disclose personal data

Online scammers entice wannabe mystery shoppers to disclose personal data

By

Beware of fake mystery shopper scams, a new McAfee Labs consumer alert warned.

'Multigrain' variant of POS malware crops up; uses DNS tunneling to steal data

'Multigrain' variant of POS malware crops up; uses DNS tunneling to steal data

By

A variant of the POS malware family known as NewPosThings, called Multigrain, has introduced a twist into its repertoire—exfiltrating stolen payment card data from POS systems via the Domain Name System (DNS).

DōTERRA breach exposes customer info; including SS, DOB, and addresses

DōTERRA breach exposes customer info; including SS, DOB, and addresses

By

DōTERRA International notified the State of California's Attorney General's office that personal information of its customers and wholesale members, or "Wellness Advocates," was breached.

Stolen laptop puts data of CVS customers in Alabama at risk

Stolen laptop puts data of CVS customers in Alabama at risk

By

The personal information of an undisclosed number of CVS customers in Calera, Ala., is at risk after a laptop was stolen from one of its vendors.

Research: Over 6,000 data breaches in key industry sectors since 2005

Research: Over 6,000 data breaches in key industry sectors since 2005

By

The Identity Theft Resource Center (ITRC) and IDT911 said that to date, the financial services, business, education, government and healthcare industrial sectors have experienced over 6,000 data breaches since 2005.

Worldpay merchant portal allowed merchants to view customer card data

Worldpay merchant portal allowed merchants to view customer card data

Worldpay's electronic payment gateway setup pages offer poor security seals on credit card details, according to a security researcher.

UPDATE: Nest disables smart home device, triggers IoT security concerns

UPDATE: Nest disables smart home device, triggers IoT security concerns

By

Nest will disable its smart home product Revolv on May 15th. Revolv founders Tim Enwall and Mike Soucie will re-focus on building Works with Nest.

RECENT COMMENTS

Sign up to our newsletters

FOLLOW US