Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
mstdn.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A general-purpose Mastodon server with a 500 character limit. All languages are welcome.

Administered by:

Server stats:

15K
active users

mstdn.social: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.4

#MageCart

1 post1 participant0 posts today
Public
Pyrzout :vm:

Client-Side Security Breach Alert: Blue Shield of California Exposes 4.7 Million Members’ Health Data Through Web Analytics Configuration – Source: securityboulevard.com ciso2ciso.com/client-side-secu #rssfeedpostgeneratorecho #SecurityBloggersNetwork #CyberSecurityNews #SecurityBoulevard #eskimming #Resources #Magecart #Blog #csp #SRI

client-side-security-breach-alert:-blue-shield-of-california-exposes-47-million-members’-health-data-through-web-analytics-configuration-–-source:-securityboulevard.com
CISO2CISO.COM & CYBER SECURITY GROUP · Client-Side Security Breach Alert: Blue Shield of California Exposes 4.7 Million Members’ Health Data Through Web Analytics Configuration – Source: securityboulevard.comSource: securityboulevard.com - Author: Scott Fiesel by Source Defense A recent incident at Blue Shield of California highlights the critical importance
Public
Guardians Of Cyber

🚨 Did you know that cybercriminals are casually chatting within compromised code to split profits? 😳 The "Mongolian Skimmer" campaign reveals just that, using JavaScript obfuscation and anti-debugging tactics to evade detection.

🔒 Cybersecurity Tip: Stay ahead of threats by regularly auditing your JavaScript for obfuscated code and setting strong Content Security Policies (CSPs) to prevent unauthorized scripts from running.

🛡️ How confident are you in the security of your client-side scripts? Have you seen anything suspicious lately? Let’s discuss!

📖 Dive deeper into the story and learn how to protect yourself: guardiansofcyber.com/threats-v

#Cybersecurity#GuardiansOfCyber#Guardians
Public *
Kevin Karhan :verified:

@nieldk @jerry TBH, I'm not that concerned about this re: @internetarchive ...

  • I just think that attacking the #InternetArchive is an asshole move that is unjustifyable at best and a waste of resources at worst.

Like aside from some hashed passwords there is nothing for the taking! This ain't like some #MageCart-style #malware where they siphon off payment details.

  • "EVERYONE HATES THAT" is the reaction re: #InternetArchiveHack because there's neither #profit nor #fame in it, so mostl likely a case of "weapons-grade boredom"...
#internetarchivehack#profit#fame
Public
Pyrzout :vm:

Magecart Adds Middle East Retailers to Long List of Victims – Source: www.darkreading.com ciso2ciso.com/magecart-adds-mi #rssfeedpostgeneratorecho #DarkReadingSecurity #CyberSecurityNews #DARKReading #Magecart #Middle

CISO2CISO.COM & CYBER SECURITY GROUP · Magecart Adds Middle East Retailers to Long List of Victims - Source: www.darkreading.comSource: www.darkreading.com – Author: Robert Lemos, Contributing Writer Source: Metamorworks via Shutterstock Retailers in the Middle East and Africa account for a greater number of victims of Web-skimming attacks, but with a small fraction of the total number of consumer victims. In the latest discovery of such an attack, an independent researcher claims to have […]
Public
🛡 H3lium@infosec.exchange/:~# :blinking_cursor:

"⚠️ ATMZOW's Sophisticated Skimming: 40 New Domains Uncovered ⚠️"

Sucuri's Denis Sinegubko (@unmaskparasites on Twitter) has found 40 new domains linked to the ATMZOW skimmer group. They're known for infecting Magento sites since 2015. These new domains use Google Tag Manager to hide their malicious activity, making it hard to detect and prolonging their attack. ATMZOW keeps coming up with new ways to steal credit card info, showing how cyber threats keep evolving. This reminds us to keep an eye on unfamiliar website scripts.

A recent report revealed that ATMZOW compromised 40 new Google Tag Manager domains, affecting thousands of sites. They target Google Tag Manager because it's widely used and can insert code. The breach involves complex code in the GTM-TVKQ79ZS container, making it tough to decipher. The attackers also use a naming strategy for their domains to avoid detection. They've created new containers like GTM-NTV2JTB4 and GTM-MX7L8F2M with the same bad code, reinfecting compromised websites. Stay informed and stay safe! 💻🔍🛡️

Source: Sucuri Blog

Tags: #ATMZOW #Magecart #CyberSecurity #Malware #EcommerceSecurity #ObfuscationTechniques #GoogleTagManager #InfosecCommunity

Sucuri Blog · 40 New Domains of Magecart Veteran ATMZOW Found in Google Tag ManagerAn in-depth analysis of how Magecart Group ATMZOW exploits Google Tag Manager to spread ecommerce malware. Learn about their latest tactics, evolution, obfuscation techniques, and steps to protect sites against Magecart and ecommerce infections.
Public
Benjamin Carr, Ph.D. 👨🏻‍💻🧬

A new #Magecart card #skimming campaign hijacks the #404 error pages of online retailer's websites, hiding malicious code to steal customers' #creditcard information.
#Akamai says the campaign focuses on #Magento and #WooCommerce sites, with some victims linked to renowned organizations in the food and #retail sectors.
bleepingcomputer.com/news/secu

Public
Mika Rautio

"BlackBerry has discovered a new campaign we’ve dubbed “Silent Skimmer,” involving a financially motivated threat actor targeting vulnerable online payment businesses in the APAC and NALA regions. The attacker compromises web servers, using vulnerabilities to gain initial access. The final payload deploys payment scraping mechanisms on compromised websites to extract sensitive financial data from users."

blogs.blackberry.com/en/2023/0

BlackBerrySilent Skimmer: Online Payment Scraping Campaign Shifts Targets From APAC to NALABy The BlackBerry Research & Intelligence Team
#skimming#magecart
ExploreLive feeds
About