Web Services Security, E-Commerce Security news, articles & updates| SC Media Web Services Security, E-Commerce Security

Web Services Security, E-Commerce Security

New Magecart skimmers practice steganography, data transfer via WebSocket

A researcher has discovered a pair of new Magecart-style web skimmers, each one featuring an evasion technique that’s not typically employed by this breed of malware: steganography and the transfer a data via the WebSocket protocol. The researcher, who uses the handle @AffableKraut, posted his two findings on Twitter last month, prompting the team from…

Magecart skimmer group guns for Smith & Wesson’s Black Friday sales

The e-commerce website of weapons manufacturer Smith & Wesson has been targeted by a Magecart payment card-skimming group that’s been using lookalike domain names to impersonate payment anti-fraud company Sanguine Security. The Smith & Wesson website was compromised with a JavaScript-based skimmer last Wednesday, Nov. 27 – in time to steal card information for any…

Skimming operation creates fake 3rd-party payment processing page to phish victims

Cybercriminals have devised a card-skimming scheme that involves creating a phishing page that impersonates a retailer’s third-party payment service platform (PSP). Certain e-commerce websites outsource their financial transactions by redirecting customers to a secure page operated by PSP companies. But in this scam, discovered by researchers at Malwarebytes, the malicious actors swap out the genuine…

DDoS attack sidelines AWS DNS web service for hours

Amazon Web Services’ Router 53 domain name system (DNS) service was waylaid by a prolonged distributed denial of service attack earlier this week, affecting a number of online sites and services that rely on AWS. According to multiple reports, a flood of fake traffic disrupted legitimate attempts to resolve DNS requests to connect to Amazon…

Magecart attack on e-commerce service impacts Sesame Street store and many more

Magecart hackers found out how to get to Sesame Street’s online store – and in all likelihood thousands more merchants – by initially compromising e-commerce and shopping cart service provider Volusion to deliver the credit card-skimming code. Israel-based security researcher Marcel Afrahim, who for his day job works as a research developer at Check Point…

VBulletin

Reports: Actively exploited zero-day found in vBulletin forum software

The vBulletin internet forum software package reportedly contains a critical zero-day remote code execution vulnerability that attackers have been actively exploiting, possibly as far back as three years ago. Multiple news organizations are reporting that a researcher studying the well-known forum software published a pre-auth RCE exploit for the bug on vBulletin’s Full Disclosure security mailing…

Eight cities’ payment records impacted in Click2Gov portal breach

For the second time since 2017, the third-party government bill-payment portal Click2Gov has experienced a significant data breach affecting thousands of individuals in multiple cities across the U.S. Government entities use the Click2Gov portal to accept payments for permits, licenses, fines and utilities. Discovered by fraud intelligence experts at Gemini Advisory, this latest attack compromised…

hotel

Hotel websites infected with skimmer via supply chain attack

A Magecart card-skimming campaign this month sabotaged the mobile websites of two hotel chains by executing a supply chain attack on a third-party partner, researchers have reported. The third party in both instances was Roomleader, a Barcelona-based provider of digital marketing and web development services. One of the ways Roomleader helps hospitality companies build out…

Miscreants infected a poker player's laptop malware that monitored his every online gambling move.

New way to lose at poker? Card game domains infected with Magecart skimmer

Cybercriminals are upping the ante when it comes to compromising websites with Magecart payment card skimmers, as evidence by the recent discovery of two infected web domains used by poker enthusiasts. A Malwarebytes blog post this week identified the two affected web pages as pokertracker.com and its subdomain pt4pokertracker.com. Both are related to a software…

Data dump suggests that Evite data breach affected 100M accounts

A new addition to the data breach reference website “Have I Been Pwned?” seemingly reveals that more than 100 million accounts were compromised in this year’s data breach of the event-planning service Evite. “Have I Been Pwned?” founder Troy Hunt added a database of 100,985,047 affected accounts to his site on July 14, and in…

Next post in Data Breach