Security News

Apple Pay with Visa Hacked to Make Payments via Locked iPhones
2021-09-30 15:26

An attacker who steals a locked iPhone can use a stored Visa card to make contactless payments worth up to thousands of dollars without unlocking the phone, researchers are warning. The problem is due to unpatched vulnerabilities in both the Apple Pay and Visa systems, according to an academic team from the Universities of Birmingham and Surrey, backed by the U.K.'s National Cyber Security Centre.

Apple Pay with Visa Hacked to Make Payments via Unlocked iPhones
2021-09-30 15:26

An attacker who steals a locked iPhone can use a stored Visa card to make contactless payments worth up to thousands of dollars without unlocking the phone, researchers are warning. The problem is due to unpatched vulnerabilities in both the Apple Pay and Visa systems, according to an academic team from the Universities of Birmingham and Surrey, backed by the U.K.'s National Cyber Security Centre.

Apple Pay with VISA lets hackers force payments on locked iPhones
2021-09-30 00:37

Academic researchers have found a way to make fraudulent payments using Apple Pay from a locked iPhone with a Visa card in the digital wallet with express mode enabled. Apple Pay solved the problem with Express Transit, a feature that allows a transaction to go through without unlocking the device.

Entrust achieves Visa Ready certification for Instant Financial Card Issuance solutions
2021-06-25 23:30

Entrust announced that it has become a Visa Ready certified partner, offering their portfolio of Instant Financial Card Issuance solutions and expert guidance to help financial institutions create a smart, secure and convenient issuance experience for their cardholders across their branch network. As a Visa Ready certified partner, Entrust has flexible, secure and inspirational single-source instant issuance solutions that are trusted throughout the global payments ecosystem.

Visa invests in LoginID to accelerate FIDO-certified biometric authentication
2021-06-01 22:30

LoginID announced additional investment from Visa on the heels of its $6M seed round from veteran payment and fintech entrepreneurs. Visa recognizes that strong authentication solutions from companies like LoginID help promote its vision to improve integrity around payments - both reducing fraud and helping merchants meet global regulatory and compliance demands.

VISA: Hackers increasingly using web shells to steal credit cards
2021-04-07 21:18

Global payments processor VISA warns that threat actors are increasingly deploying web shells on compromised servers to exfiltrate credit card information stolen from online store customers. Throughout the last year, VISA has seen a growing trend of web shells being used to inject JavaScript-based scripts known as credit card skimmers into hacked online stores in web skimming attacks.

After oil giant Shell hit by Clop ransomware gang, workers' visas dumped online as part of extortion attempt
2021-03-29 23:46

Royal Dutch Shell is the latest corporation to be attacked by the Clop ransomware gang. It attempted to downplay the impact noting that "There is no evidence of any impact to Shell's core IT systems," and the server accessed was "Isolated from the rest of Shell's digital infrastructure." But it did acknowledge that the crooks had probably grabbed "Some personal data and... data from Shell companies and some of their stakeholders."

After oil giant Shell hit by Clop ransomware, workers' visas dumped online as part of extortion attempt
2021-03-29 23:46

Royal Dutch Shell is the latest corporation to be attacked by the Clop ransomware gang. It attempted to downplay the impact noting that "There is no evidence of any impact to Shell's core IT systems," and the server accessed was "Isolated from the rest of Shell's digital infrastructure." But it did acknowledge that the crooks had probably grabbed "Some personal data and... data from Shell companies and some of their stakeholders."

After Oil giant Shell hit by Clop ransomware, workers' visas dumped online as part of extortion attempt
2021-03-29 23:46

Royal Dutch Shell is the latest corporation to be attacked by the Clop ransomware gang. It attempted to downplay the impact noting that "There is no evidence of any impact to Shell's core IT systems," and the server accessed was "Isolated from the rest of Shell's digital infrastructure." But it did acknowledge that the crooks had probably grabbed "Some personal data and... data from Shell companies and some of their stakeholders."

New Hack Lets Attackers Bypass MasterCard PIN by Using Them As Visa Card
2021-02-20 08:01

Cybersecurity researchers have disclosed a novel attack that could allow criminals to trick a point of sale terminal into transacting with a victim's Mastercard contactless card while believing it to be a Visa card. The research, published by a group of academics from ETH Zurich, builds on a study detailed last September that delved into a PIN bypass attack, permitting bad actors to leverage a victim's stolen or lost Visa EMV-enabled credit card for making high-value purchases without knowledge of the card's PIN, and even fool the terminal into accepting unauthentic offline card transactions.