Security News

Criminal IP Elevates Payment Security with PCI DSS Level 1 Certification
2023-09-14 14:02

AI Spera is pleased to announce its attainment of the highest global compliance certification level, PCI DSS Level 1 for Criminal IP, its in-house developed and serviced Cyber Threat Intelligence search engine. The Payment Card Industry Data Security Standard is a global information security standard designed to safeguard card payment information and transactions.

Latest fraud schemes targeting the payments ecosystem
2023-09-13 03:30

Threat actors continued to exploit technical misconfigurations through various fraud schemes, according to a new report from Visa. While the global fraud rate trended lower than normal expected fraud levels during the report's time period, Visa shared that it helped to proactively block $30 billion in those time periods.

Health, payment info for 1.2M people feared stolen from Purfoods in IT attack
2023-08-28 21:45

Purfoods has notified more than 1.2 million people that their personal and medical data - including payment card and bank account numbers, security codes, and some protected health information - may have been stolen from its servers during what sounds like a ransomware infection earlier this year. According to documents filed with the Maine Attorney General's office and a notification letter mailed to 1,237,681 individuals, criminals broke into Purfoods' network in January 16, encrypted some files containing customer information, and may have stolen others.

Navigating the gray zone of ransomware payment practices
2023-08-07 03:30

Ransomware remains a lucrative tool for cybercriminals as attackers continue to target a wide array of businesses. In response to this growing threat, an increasing number of organizations are compelled to meet ransom demands, perceiving it as their only viable course of action.

Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites
2023-07-18 05:56

Threat actors are actively exploiting a recently disclosed critical security flaw in the WooCommerce Payments WordPress plugin as part of a massive targeted campaign. "Large-scale attacks against the vulnerability, assigned CVE-2023-28121, began on Thursday, July 14, 2023 and continued over the weekend, peaking at 1.3 million attacks against 157,000 sites on Saturday, July 16, 2023," Wordfence security researcher Ram Gall said in a Monday post.

Hackers exploiting critical WordPress WooCommerce Payments bug
2023-07-17 21:08

Hackers are conducting widespread exploitation of a critical WooCommerce Payments plugin to gain the privileges of any users, including administrators, on vulnerable WordPress installation. WooCommerce Payments is a very popular WordPress plugin allowing websites to accept credit and debit cards as payment in WooCommerce stores.

Ransomware payments on record-breaking trajectory for 2023
2023-07-12 13:00

Data from the first half of the year indicates that ransomware activity is on track to break previous records, seeing a rise in the number of payments, both big and small. "In fact, ransomware attackers are on pace for their second-biggest year ever, having extorted at least $449.1 million through June.".

Flaw in Revolut payment systems exploited to steal $20 million
2023-07-10 14:00

Organized criminal groups exploited a flaw in Revolut's payment systems and made off with $20+ million of the company's money, the Financial Times reported on Sunday, citing people with knowledge of the situation. Revolut is a privately held financial technology company that offers a variety of services to over 30 million customers around the globe.

Revolut Faces $20 Million Loss as Attackers Exploit Payment System Weakness
2023-07-10 05:20

Malicious actors exploited an unknown flaw in Revolut's payment systems to steal more than $20 million of the company's funds in early 2022. The development was reported by the Financial Times, citing multiple unnamed sources with knowledge of the incident.

WordPress Stripe payment plugin bug leaks customer order details
2023-06-13 16:02

The WooCommerce Stripe Gateway plugin for WordPress was found to be vulnerable to a bug that allows any unauthenticated user to view order details placed through the plugin. WooCommerce Stripe Payment is a payment gateway for WordPress e-commerce sites, which currently has 900,000 active installations.