Credit Card | SC Media

Credit Card

Favicons found housing credit card skimming malware

Malicious actors set up an entire online repository of malicious, credit card skimmer-laden favicons to lure in companies looking for a graphic to appear their browser tab. Favicons are a branding graphic, also known as a shortcut icon, website icon, tab icon, URL icon or bookmark icon. And while they are normally benign, a cybergang…

Nintendo confirms 160,000 user accounts hacked

Nintendo has confirmed 160,000 user accounts have been accessed exposing a limited amount of PII and possibly access to Nintendo store accounts. The gaming company reported that starting in early April accounts were accessed through the Nintendo Network ID (NNID), which is primarily used for Switch gaming, Nintendo online store accounts and grants access to…

Defending the database

Eight million EU retail sales records exposed on AWS MongoDB

A database hosed on Amazon Web Services holding eight million retail sales records from the European Union was left exposed compromising customer personal and financial information. The open MongoDB database had no password or other authentication set. It was operated by a third-party vendor who pulled sales data from a range of retailers, including Amazon…

Rutter’s convenience stores suffer POS data breach

The Pennsylvania and West Virginia convenience store chain Rutter’s was subjected to a POS skimming attack for at least seven months affecting card readers inside some stores and at gas pumps. Rutter’s was informed of the problem by a third party and on January 14, 2020 a company investigation confirmed a data breach did take…

Cyberattackers bringing more weapons to bear on real estate deals

Traditionally, when it comes to monetizing a real estate deal its all about location, location, location, but malicious actors are now targeting everyone from the home buyer to the lender to steal vital information. Proofpoint recently looked at 600 real estate transactions came across six attacks targeting those involved that utilized a laundry list of…

Three Magecart operatives arrested in Indonesia

Several members of a group allegedly behind hundreds of Magecart-style attacks were arrested last month in Indonesia as the result of an international law enforcement operation. Interpol’s ASEAN Cyber Capability Desk and the Indonesian National Police just announced late last week the December 20, 2019 arrest of three members of a group allegedly behind a…

PayPal scam goes after account info, payment card data

PayPal customers are being hit with a phishing scam designed to steal their login credentials and other PII through a series of well-crafted emails and fraudulent websites. An incident begins with an email stating that there has been some unusual activity on the person’s PayPal account that requires immediate attention in order to properly secure…

Next post in Data Breach