Security News

Gangs hit 5% of all Adobe Commerce, Magento-powered stores, Sansec says Ray-Ban, National Geographic, Whirlpool, and Segway are among thousands of brands whose web stores were reportedly...

Cybersecurity researchers have uncovered new Android malware that can relay victims' contactless payment data from physical credit and debit cards to an attacker-controlled device with the goal of...

Fraudsters can add stolen payment cards to digital wallet apps and continue making online purchases even after victims' report the card stolen and the bank blocks it, computer engineers with University of Massachusetts Amherst and Pennsylvania State University have discovered. Adding the card to a different wallet and making fraudulent purchases is made possible by the trust banks have in the digital wallet apps' security mechanisms.

Japanese police placed fake payment cards in convenience stores to protect the elderly targeted by tech support scams or unpaid money fraud. The cards are labeled "Virus Trojan Horse Removal Payment Card" and "Unpaid Bill Late Fee Payment Card," and were created by the Echizen Police in the Fukui prefecture in Japan as an alert mechanism.

Multiple npm packages are being used in an ongoing malicious campaign dubbed LofyLife to infect Discord users with malware that steals their payment card information. "All these packages contained highly obfuscated malicious Python and JavaScript code. We dubbed this malicious campaign 'LofyLife'."

PCI DSS is a global standard that provides a baseline of technical and operational requirements designed to protect account data. This Help Net Security video introduces the most important PCI DSS 4.0 changes.

Thales has announced what it claims is the "World's first" payment card to include an onboard fingerprint sensor, promising improved security and usability - and an end to contactless payment limits. The Thales Gemalto Biometric Sensor Payment card, the company explained, replaces the traditional PIN with an on-card fingerprint sensor and requires no modifications to existing point-of-sale payment terminals.

This new card, which integrates a biometric sensor, provides users with increased security and convenience. The contactless biometric card simplifies proximity payments and also provides an essential level of privacy and confidence.

A so-called "Pen-tester" for the financial cybergang known as FIN7 will spend seven years in the slammer after being convicted for payment-card theft. FIN7 is a well-known threat that's been circulating since at least 2015.

The U.S. Justice Department this week announced indictments against 22 individuals who allegedly purchased and used payment cards stolen from a national retail chain. Using point-of-sale malware installed at multiple retail locations of the target company, threat actors stole information of over three million payment cards, including credit, debit, and gift cards used at over 400 of the company's retail stores.