Software Vulnerabilities January 17, 2023

Self-Checkout This Discord C2

5 min read - This post was made possible through the contributions of James Kainth, Joseph Lozowski, and Philip Pedersen. In November 2022, during an incident investigation involving a self-checkout point-of-sale (POS) system in Europe, IBM Security X-Force identified a novel technique employed by…

Data Protection March 15, 2021

Retail Cybersecurity: How to Protect Your Customer Data

4 min read - In the early days of the pandemic, many retailers quickly launched e-commerce stores for the first time. Others expanded their offerings, such as adding online ordering with curbside pick-up. Within only a few months, the pandemic accelerated the shift to e-commerce…

Retail March 4, 2021

The Shift to E-Commerce: How Retail Cybersecurity is Changing

3 min read - With more people making purchases from home, now is a more important time than ever to secure your business against retail security threats. More and more customers are moving to online orders with gradual growth accelerated by five years in…

Advanced Threats April 7, 2020

ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework

6 min read - Financially motivated, adaptable, sophisticated and persistent, the ITG08 threat group is likely to remain one of the most potent cybercriminal groups in this new decade.

Retail March 11, 2020

How Retail Security Can Welcome IoT Innovations Without Putting Customers at Risk

4 min read - As organizations rely more on the IoT to enable internet connection at every part of the retail process, the right mindset can go a long way toward achieving a win-win for retail security.

Retail December 11, 2019

Staying Vigilant About Retail Security Does Not End on Black Friday

8 min read - As one of the most targeted industries, retailers should be taking measures to build a secure infrastructure ahead of the holidays and keep retail security evolving and maturing all year long.

Advanced Threats August 29, 2019

More_eggs, Anyone? Threat Actor ITG08 Strikes Again

14 min read - X-Force IRIS observed ITG08, which has historically targeted POS machines in the retail and hospitality sectors, injecting malicious code into online checkout pages to steal payment card data.

Endpoint April 17, 2019

How to Defend Your Organization Against Fileless Malware Attacks

4 min read - Fighting fileless malware attacks will take some serious effort and careful coordination among a variety of tools and techniques.

March 20, 2019

GlitchPOS Creator Offers Instructional Video to Make Deploying POS Malware Easier

2 min read - Security researchers discovered a strain of POS malware dubbed GlitchPOS that comes with an instructional video to help would-be cybercriminals steal credit card data.

Data Protection January 3, 2019

The Gift That Keeps on Giving: PCI Compliance for Post-Holiday Season Returns

4 min read - Holiday spending is on the rise both in-store and online. How can retailers ensure PCI compliance to manage large transaction volumes and post-holiday refunds?