E-commerce - Security Intelligence

Woman shopping online could be at risk of a recent Magento flaw

news

Magento Flaw Lets Cybercriminals Access E-Commerce Sites Without Authentication

Security researchers discovered a Magento flaw that could enable cybercriminals to penetrate and control features within the popular e-commerce site without authentication.

April 3, 2019 | By Shane Schick

news

Man making an online purchase on laptop infected with Golang brute-forcer

news

New Golang Brute-Forcer Targeting E-Commerce Sites to Steal Personal and Payment Data

Researchers discovered new Trojan malware written in Golang that's targeting e-commerce websites with brute-force attacks.

February 27, 2019 | By David Bisson

news

Man entering credit card information on a laptop: IcedID

article

IcedID Operators Using ATSEngine Injection Panel to Hit E-Commerce Sites

The X-Force research team investigated the IcedID Trojan's two-step injection attack that enables it to steal access credentials and payment card data from e-commerce customers in North America.

February 6, 2019 | By Itzik Chimino

article

Woman shopping online with her credit card: JavaScript attack

news

Magecart Group’s Use of Credit Card-Skimming JavaScript Attack on the Rise

An online retailer was hit by a JavaScript attack from a group associated with Magecart, a collective of cybercriminals that specializes in skimming credit card numbers from compromised websites.

December 14, 2018 | By Shane Schick

news

A woman using a digital tablet: ad malware

article

‘Tis the Season for Spreading Ad Malware

Ad malware ramps up with the surge in online shopping activity during the holiday season. Taking a few precautionary steps can help consumers and security teams protect their devices and networks.

December 3, 2018 | By Kacy Zurkus

article

A woman using a smartphone to make an online purchase: security hygiene

article

Retail Security Hygiene: The Case for Seasonal Checkups

Retail companies should conduct security hygiene checkups as early as possible this holiday season to identify key threats across e-commerce systems, seasonal staffing policies and employee behaviors.

November 27, 2018 | By Douglas Bonderud

article

Illustration of a person purchasing items online during Cyber Monday 2018.

article

Cyber Monday 2018: 5 Best Practices to Protect Consumer Data

Cyber Monday 2018 is just around the corner, and customers and malicious actors alike are gearing up. Is your retail security ready to tackle e-commerce fraud and improve consumer data protection?

November 21, 2018 | By Douglas Bonderud

article

A person adding an item to an online shopping cart on a digital tablet.

news

New Cybercrime Statistics: 1 Billion Bots Involved in 210 Million Fraud Attempts in Q1

According to the latest cybercrime statistics, more than 210 million attempted fraud attacks occurred during the first quarter of this year, representing a 62 percent increase from 2017. In its “Q1 2018 Cybercrime Report,” ThreatMetrix...

May 7, 2018 | By Shane Schick

news

A credit card with an EMV chip sticking out of a wallet.

news

Cybercriminals Use Old-School Tactics to Exploit Credit Card Chip Security

Credit card chip security has improved, but that hasn't stopped cybercriminals from using old-school methods such as mail interception to leverage chip-and-PIN technology for their own gain.

April 11, 2018 | By Douglas Bonderud

news

A man dressed as Santa Claus pointing at a computer screen.

article

Checking It Twice: The Impact of the Time It Takes to Make Decisions About E-Commerce Fraud

During the busy holiday shopping season, retailers must make decisions about e-commerce fraud rapidly to keep pace with demanding delivery schedules.

December 13, 2017 | By Derek Brink

article

Attackers Compromise Admin Account to Infect Manufacturing Company With BitPaymer Ransomware

Spear Phishing Report Card: Perfect Scores in School Security Pen Testing

Google 2FA Approach Turns Android Smartphones Into Security Keys

April Scams May Ruin Plans: Threat Actors Ramp Up for Tax Scam Season

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

How a Cunning Remote Overlay Malware Met Its Match

The US Is Slow to Adopt EHRs, But That Might Actually Be a Good Thing for Healthcare Security

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

Credential Dumping Campaign Hits Multinational Corporations

Cybercriminals Spoof Major Accounting and Payroll Firms in Tax Season Malware Campaigns

Buffer Overflow Vulnerability in TP-Link Routers Can Allow Remote Attackers to Take Control

Podcast: Muscle Memory and Cyber Fitness Training

Podcast: Zero Trust and the Evolving Role of Identity and Access Management

Podcast: Digital Identity Trust, Part 3 — Powering Digital Growth With Digital Identity Trust

Podcast: Monitoring National Cybersecurity Trends With Former NSA Deputy Director Bill Crowell

Webinar: MacOS Management Made Easy with MaaS360

Webinar: Encryption is the Fastest Way to Protect Data

Webinar: Under the Radar: Live Webinar and Demo

Webinar: Facilitating Secure Hybrid Cloud Adoption with Guardium

Tag: E-commerce

Magento Flaw Lets Cybercriminals Access E-Commerce Sites Without Authentication

New Golang Brute-Forcer Targeting E-Commerce Sites to Steal Personal and Payment Data

IcedID Operators Using ATSEngine Injection Panel to Hit E-Commerce Sites

Magecart Group’s Use of Credit Card-Skimming JavaScript Attack on the Rise

‘Tis the Season for Spreading Ad Malware

Retail Security Hygiene: The Case for Seasonal Checkups

Cyber Monday 2018: 5 Best Practices to Protect Consumer Data

New Cybercrime Statistics: 1 Billion Bots Involved in 210 Million Fraud Attempts in Q1

Cybercriminals Use Old-School Tactics to Exploit Credit Card Chip Security

Checking It Twice: The Impact of the Time It Takes to Make Decisions About E-Commerce Fraud