• img July 12, 2017

New Point-of-Sale Malware LockPoS Hitches Ride with FlokiBot

Botnets distributing FlokiBot point-of-sale malware have awoken from months of slumber and are back in business spewing a new malware dubbed LockPoS. Researchers say the malware is still flying under the radar of many antivirus and intrusion detection systems because it’s so new. Currently, LockPoS is believed to be targeting Brazilian-based companies, according to Arbor […]

Read More
  • img July 12, 2017

How Magecart attackers monetize stolen payment card info

The Magecart campaign, aimed at compromising online shops with malicious JavaScript code to collects payment card info, is still going strong, and researchers have pinpointed another way threat actors behind it monetize the stolen information. First spotted in October 2016 by RiskIQ and ClearSky researchers, Magecart mainly hits e-commerce sites running outdated and unpatched versions […]

Read More
  • img July 12, 2017

The future of payments: sensor fingerprinting, facial recognition, retinal scanning and voice control

Viewpost surveyed a cross-section of 1,000 U.S.-based consumers, finding that overall, 80 percent of Americans are in support of payments technologies and currencies, including tools like sensor fingerprinting, facial recognition, retinal scanning and voice control, as well as currencies like bitcoin. Electronic payments have become commonplace today, with nearly 51 percent of people reporting that […]

Read More
  • img July 12, 2017

Uber Patches Authentication Bypass Vulnerability on Custom SSO Solution

Uber has addressed a vulnerability that allowed attackers to steal session tokens and hijack accounts. Researcher Arne Swinnen disclosed details Monday after confirming late last week that the issue had been resolved; he earned $5,000 in bounties from Uber. Swinnen said that if exploited at a large scale, an attacker could steal victim data hosted […]

Read More
  • img July 12, 2017

SAP Patches High-Risk Flaws in SAP POS, Host Agent

SAP fixed 23 vulnerabilities across roughly a dozen products on Tuesday, including a series of high-risk flaws that could allow an attacker to gain access to SAP POS, the company’s client/server point-of-sale (PoS) solution. The issues in SAP POS, a series of missing authorization checks, could let an attacker access a service without authorization, according […]

Read More