Ex-black hat Alissa Knight recently joined Aite Group's new cybersecurity practice, and among her first tasks: a hard look at the security of major financial institutions' mobile banking apps. The results may surprise you.
If you run a Magento-powered e-commerce site, it's time to patch again. E-commerce sites continued to be targeted by cybercriminals seeking to steal payment card data, and experts recommend moving quickly to plug the most critical flaw, a SQL injection vulnerability.
An essential component of protecting payment information is devaluing the data that is transmitted so it's of no use to hackers, says Lance Johnson, executive director of the PCI Standards Security Council.
Some 96 percent of all compromised payment cards have been issued by U.S. banks, reflecting not only the prevalence of credit cards held by Americans, but the relative ease with which they can be used for fraud, says Liv Rowley, a threat intelligence analyst at Blueliv.
The latest edition of the ISMG Security Report discusses the recent ransomware attack on aluminum giant, Norsk Hydro. Plus, confessions of a former LulzSec and Anonymous hacktivist, and the growing problem of cyber extortion.
Script-based payment card malware continues its successful run, impacting a range of e-commerce sites, security researchers warn. With fraudsters continuing to refine their tactics, countering card-sniffing scripts continues to be difficult.
A closely held type of point-of-sale malware, DMSniff, is spreading further while another, GlitchPOS, has also emerged. Despite a surfeit of stolen payment card details on the black market, efforts to steal more continue, highlighting the continuing challenges around card security.
Facebook is edging closer to launching its own cryptocurrency, with a rollout expected this year, The New York Times reports. But some critics argue that the project seems more like a trendy and unnecessary redressing of a PayPal-like system with a blockchain.
The notorious carder site Joker's Stash is featuring a fresh batch of Pakistani banks' payment card data with an estimated street value of $3.5 million. Nearly all of the 70,000 bank cards are advertised as being from Meezan Bank, the country's largest Islamic bank, Group-IB reports.
A famed British computer security researcher has lost several key motions in a federal hacking case that stems from his alleged contribution to two types of banking malware. The rulings could complicate the challenges for the defense team of Marcus Hutchins, who remains in the U.S.