’Tis the Season to Be Cyber-Wary: How Thales Protects Against Account Takeover During Peak Shopping Season

The holiday shopping season is the busiest time of year for online retailers, and increasingly the most dangerous. As traffic surges and customers rush to place orders, cybercriminals use the distraction and volume to blend in. Account Takeover ATO attacks spike sharply in November and December,...

Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms

U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider , a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The charges came as Jubair and...

A Group of Young Cybercriminals Poses the ‘Most Imminent Threat’ of Cyberattacks Right Now

The Scattered Spider hacking group has caused chaos among retailers, insurers, and airlines in recent months. Researchers warn that its flexible structure poses challenges for defense...

Cyberattacks Hit Top Retailers: Cartier, North Face Among Latest Victims

North Face, Cartier, and Next Step Healthcare are the latest victims in a string of cyberattacks compromising customer…...

Hackers Now Targeting US Retailers After UK Attacks, Google

Hackers from the Scattered Spider group, known for UK retail attacks, are now targeting US retailers, Google cybersecurity…...

It’s All in the Cards: Preventing Payment Abuse for Retailers

Carding attacks have become a serious challenge for retailers. Learn how Akamai Account Protector can help organizations defend against payment abuse...

Hackers Exploit Stripe API for Web Skimming Card Theft on Online Stores

Cybersecurity researchers at Jscamblers have uncovered a sophisticated web-skimming campaign targeting online retailers. The campaign utilizes a legacy…...

Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT

Recent months have seen a surge in mailings with lookalike email attachments in the form of a ZIP archive containing JScript scripts. The script files – disguised as requests and bids from potential customers or partners – bear names such as "Запрос цены и предложения от Индивидуального...

Moroccan Cybercrime Group Steals Up to $100K Daily Through Gift Card Fraud

Microsoft is calling attention to a Morocco-based cybercrime group dubbed Storm-0539 that's behind gift card fraud and theft through highly sophisticated email and SMS phishing attacks. "Their primary motivation is to steal gift cards and profit by selling them online at a discounted rate," the...

Cyber Signals: Inside the growing risk of gift card fraud

In the ever-evolving landscape of cyberthreats, staying ahead of malicious actors is a constant challenge. Microsoft Threat Intelligence has observed that gift cards are attractive targets for fraud and social engineering practices. Unlike credit or debit cards, there’s no customer name or bank...

Cybersecurity considerations to have when shopping for holiday gifts

As I wrote about last week, there are holiday shopping-related scams already popping up all over the place. But another aspect of security that many shoppers dont consider this time of year is the security of the products theyre buying, even through a legitimate online marketplace. This is a...

Five Takeaways from Black Friday & Cyber Monday Cyber Attacks

The online retail industry is one of the prime targets for cybercrime, as detailed in our annual analysis of the cybersecurity threats targeting eCommerce websites and applications. As the 2023 holiday shopping season continues, Imperva Threat Research is closely monitoring how cybercriminals are...

Online Retailers: Five Threats Targeting Your Business This Holiday Shopping Season

As the holiday season approaches, a palpable sense of joy and anticipation fills the air. Twinkling lights adorn homes, the aroma of freshly baked cookies wafts through the kitchen, and the sound of laughter and carolers melodies resonate on frosty evenings. Its a time when families come together...

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

The login page for the criminal reshipping service SWAT USA Drop. One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Heres a closer look at the Russia-based SWAT USA Drop Service,...

Cyberattack on UK IT Firm Swan Retail Affects up to 300 Retailers

By Deeba Ahmed Update: The article was updated on August 23rd, 2023, with new information, and the title was corrected from… This is a post from HackRead.com Read the original post: Cyberattack on UK IT Firm Swan Retail Affects up to 300 Retailers...

retailers.stylepatisserie.com Cross Site Scripting vulnerability OBB-3538738

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Google Vertex AI Vision: Revolutionizing E-Commerce?

By Waqas Google Cloud released its newest AI feature for online retailers in 2023. Their shelf-checking AI solution, Vertex AI… This is a post from HackRead.com Read the original post: Google Vertex AI Vision: Revolutionizing E-Commerce?...

Recent Mobile Payment Trends And How They Are Shaping The Future

By Owais Sultan Consumers, retailers, banks, and payment processors form a complicated network in todays payment processing environment. Recently, there has… This is a post from HackRead.com Read the original post: Recent Mobile Payment Trends And How They Are Shaping The Future...

Data breaches leave customers very shaky, report says

Data breaches are one of the most reported cyberattacks against businesses—regardless of size and industry. And while this has highlighted cybersecurity gaps on so many fronts, some companies are still not prioritizing them as they should. Some have scrambled to be compliant but then find...

Threat Advisory: E-commerce Bots Use Domain Registration Services for Mass Account Fraud

While researching a recent large-scale bot campaign with CQ Prime Threat Research team lead, Dean Lendrum, we found attackers using domain parking and monetization services to register multiple domains, creating a large number of fake eCommerce accounts per domain. TL; DR ------ Analysis of...