Web Services Security, E-Commerce Security news, articles & updates| SC Media

Web Services Security, E-Commerce Security

Open redirect on Dept. of HHS website benefits COVID-19 phishing scam

A coronavirus-themed phishing campaign designed to infect victims with Raccoon information-stealing malware has reportedly been leveraging an open redirect vulnerability found on the U.S. Department of Health and Human Services’ website, HHS.gov. As defined by Trustwave here, an open redirect occurs when a website’s “parameter values (the portion of URL after “?”) in an HTTP…

MS13-061 was scrapped after Microsoft became aware that installing it causes problems.

Report: Account takeover and data scraping attacks on e-retailers up as COVID-19 surges

Masses of global citizens have been retreating to their homes and relying on online services to stock up their domiciles during the coronavirus pandemic, and it could be having an influence on cyberattacks against websites. Researchers at application protection company PerimeterX have reported a two-month increase in account takeover attacks against online home goods retailers,…

Report: NutriBullet’s website injected with skimmer three times by Magecart Group 8

Since February, a prominent Magecart cybercriminal group has injected the same Java-based payment card skimmer program not one, not two, but three times into the compromised international website of blender manufacturer NutriBullet, researchers from RiskIQ have reported. Each time a skimmer was removed from nutribullet.com, the criminal actors, known as Magecart Group 8, would reintroduce…

COVID-19 decoy doc, Cloudflare service used to spread ‘BlackWater’ malware

Researchers have uncovered a new malware campaign that uses the COVID-19 pandemic as a lure, and also abuses platform-as-a-service web infrastructure tools to apparently thwart attempts at blocking command-and-control communications. Dubbed BlackWater, the backdoor malware specifically takes advantage of Cloudflare Workers — an offering of Cloudflare, a popular provider of website operators with content delivery…

Don’t install that security certificate; it’s a malware scam

Cybercriminals have been compromising websites to display a fake security certificate error message in hopes of tricking visitors into downloading the Mokes backdoor or the Buerak downloader. Researchers from Kaspersky who discovered the scam said in a blog post that the ruse is a new twist on the old technique of hacking a website so…

Botnet2

Report: Extortionists threaten websites with AdSense ban caused by bot traffic

A new email-based extortion campaign is reportedly threatening to flood websites with bot-generated fake traffic so that Google’s anti-fraud mechanisms block their AdSense advertising service accounts. According to security researcher Brian Krebs, the extortionists are telling email recipients that they will soon see a message from Google warning them that the number of ads they…

New Magecart skimmers practice steganography, data transfer via WebSocket

A researcher has discovered a pair of new Magecart-style web skimmers, each one featuring an evasion technique that’s not typically employed by this breed of malware: steganography and the transfer a data via the WebSocket protocol. The researcher, who uses the handle @AffableKraut, posted his two findings on Twitter last month, prompting the team from…

Magecart skimmer group guns for Smith & Wesson’s Black Friday sales

The e-commerce website of weapons manufacturer Smith & Wesson has been targeted by a Magecart payment card-skimming group that’s been using lookalike domain names to impersonate payment anti-fraud company Sanguine Security. The Smith & Wesson website was compromised with a JavaScript-based skimmer last Wednesday, Nov. 27 – in time to steal card information for any…

Skimming operation creates fake 3rd-party payment processing page to phish victims

Cybercriminals have devised a card-skimming scheme that involves creating a phishing page that impersonates a retailer’s third-party payment service platform (PSP). Certain e-commerce websites outsource their financial transactions by redirecting customers to a secure page operated by PSP companies. But in this scam, discovered by researchers at Malwarebytes, the malicious actors swap out the genuine…

DDoS attack sidelines AWS DNS web service for hours

Amazon Web Services’ Router 53 domain name system (DNS) service was waylaid by a prolonged distributed denial of service attack earlier this week, affecting a number of online sites and services that rely on AWS. According to multiple reports, a flood of fake traffic disrupted legitimate attempts to resolve DNS requests to connect to Amazon…

Next post in Web Services Security, E-Commerce Security