Online invitation site Evite has been hacked and information on an unspecified number of users stolen. In a data minimization fail, the breach apparently dates from earlier this year, but it's been tied to "an inactive data storage file associated with Evite user accounts" from before 2014.
Criminal gangs have been hitting e-commerce sites hard lately by injecting their malicious code to "skim" customers' payment card details. In a recent twist, Malwarebytes spotted a malicious iFrame that steps in front of the normal payment process to intercept card details.
In the latest incident, an attack targeted about 200 online campus stores in the U.S. and Canada, Trend Micro reports. But this attack apparently was waged by a new group.
Russian national Anton Bogdanov has been charged with stealing more than $1.5 million from the Internal Revenue Service via a tax return fraud scheme. He was arrested last November while on vacation in Thailand, at U.S. request, and subsequently extradited.
The advent of faster payments has helped accelerate authorized push payment fraud schemes in which victims are defrauded under false pretenses. Banking regulators are responding to the trend, and Rob Tharle of NICE Actimize offers advice for multilayered defense.
FIN6, a cybercrime group that has focused on attacking point-of-sale devices to steal credit card numbers, now also is waging ransomware attacks that target businesses with either LockerGoga or Ryuk, according to a new analysis from security firm FireEye.
Ex-black hat Alissa Knight recently joined Aite Group's new cybersecurity practice, and among her first tasks: a hard look at the security of major financial institutions' mobile banking apps. The results may surprise you.
If you run a Magento-powered e-commerce site, it's time to patch again. E-commerce sites continued to be targeted by cybercriminals seeking to steal payment card data, and experts recommend moving quickly to plug the most critical flaw, a SQL injection vulnerability.
An essential component of protecting payment information is devaluing the data that is transmitted so it's of no use to hackers, says Lance Johnson, executive director of the PCI Standards Security Council.
Some 96 percent of all compromised payment cards have been issued by U.S. banks, reflecting not only the prevalence of credit cards held by Americans, but the relative ease with which they can be used for fraud, says Liv Rowley, a threat intelligence analyst at Blueliv.