(Getty Images) For Magecart groups and other credit-card skimmers, old and new opportunities abound The entry points for Magecart and other e-commerce skimmers are changing, but the attackers are getting more clever, too. Mar 21, 2022 By Joe Warminsky
(Getty Images) Double-dipping scammers don’t need malware to grab card numbers and turn a profit, report says A China-based e-commerce scam appears to be harvesting payment information not through direct hacks on companies or using pernicious malware to skim data, but with a simpler… Nov 19, 2020 By Joe Warminsky
Tokopedia claimed to serve 93% of the population of Indonesia. Indonesian e-commerce giant probes reported breach of 91 million credentials The government summoned the board of directors to clarify the current state of the investigation in a meeting Monday. May 4, 2020 By Jeff Stone
(Getty) Automated Magecart spree hit thousands of sites via misconfigured cloud servers, RiskIQ says The crooks are scanning the web for vulnerable Amazon Web Services S3 buckets, according to security vendor RiskIQ. Jul 11, 2019 By Jeff Stone
(Getty Images) Magecart is the most infamous payment skimmer. But it’s hardly the only one. The infamous Magecart is used by just 12 of the 38 JavaScript-sniffer groups analyzed by the security company Group-IB Apr 3, 2019 By Jeff Stone
(Pixabay) Chinese e-commerce giant Gearbest leaks millions of records, researcher finds “Gearbest’s database isn’t just unsecured. It’s also providing potentially malicious agents with a constantly-updated supply of fresh data.” Mar 14, 2019 By Jeff Stone
(James LeVeque)/remixed by Greg Otto) Up to 40 percent of traffic on ticket sites is automated. Here’s why that’s bad for security. Bad bots made up 39.9 percent of ticket-buying traffic between September and December 2018, according to Distil Networks. Feb 28, 2019 By Jeff Stone
Shopify’s office (Flickr) Shopify pays $15,250 bug bounty for a Christmas Eve vulnerability "The bug was filed on Christmas Eve, and within 12 hours the Shopify team rolled out a fix to address the immediate issue." Feb 8, 2018 By Patrick Howell O'Neill