Security News
Victims of the Easyjet hack are now being told their entire travel itineraries were accessed by hackers who helped themselves to nine million people's personal details stored by the budget airline. Easyjet kept quiet about the hack until mid-May, though around 2,200 people whose credit card details were stolen during the cyber-raid were told of this in early April, months after the attack.
Budget British airline Easyjet has been hacked, it has told the stock markets, admitting nine million people's details were accessed and more than 2,000 customers' credit card details stolen. Easyjet insists that the passport and credit card details of nearly all of those people were not affected.
Budget British airline Easyjet has been hacked, it has told the stock markets, admitting nine million people's details were accessed and more than 2,000 customers' credit card details stolen. Easyjet insists that the passport and credit card details of nearly all of those people were not affected.
Cyber crooks deploying web credit card skimmers on compromised Magento websites have a new trick up their sleeve: favicons that "Turn" malicious when victims visit a checkout page. Favicons is a file containing one or more small icons associated with a website and are usually displayed in the browser's address bar, on the tab in which a website has been opened, and in the bookmarks.
A website seemingly offering images and icons for download is actually a cover-up for a credit card skimming operation, says Malwarebytes. A new malware campaign analyzed by cybersecurity firm Malwarebytes employs a particularly deceptive strategy to empower credit card skimming attacks.
A piece of Android ransomware uses a scareware tactic to extort money from victims: it asks them to provide their credit card information to pay a "Fine," Check Point reveals. Dubbed Black Rose Lucy, or simply Lucy, the malicious program was initially discovered in 2018 as a Malware-as-a-Service botnet and dropper for Android devices.
British hardware chain Robert Dyas' website has been hit by credit-card stealing malware that siphoned off customers' payment details including the long card number, expiry date and security code. Between 7 and 30 March a card skimmer was present on Robert Dyas' payment processing page, the chain admitted in an email sent to affected customers that was seen by The Register.
People who made purchases from the official Tupperware website over the past couple of weeks may have had their payment card information stolen, cybersecurity firm Malwarebytes warned on Wednesday. The credit card skimmer was planted on the main website and some of its localized versions, Malwarebytes said.
Infosec firm Malwarebytes, which made the discovery, has gone public with its findings today after alleging Tupperware ignored attempts to alert it and to get the malware removed from its payment processing pages. "On March 20, Malwarebytes identified a targeted cyberattack against household brand Tupperware and its associated websites that is still active today. We attempted to alert Tupperware immediately after our discovery, but none of our calls or emails were answered," said Malwarebyes in a statement.
Online guitar tutoring website TrueFire has apparently suffered a 'Magecart' style data breach incident that may have potentially led to the exposure of its customers' personal information and payment card information. TrueFire is one of the popular guitar tutoring websites with over 1 million users, where wanna-be-guitarists pay online to access a massive library of over 900 courses and 40,000 video lessons.