Friday, May 24, 2019

E-retail theft is a lucrative business

E-retail theft is a lucrative business 

Traditionally, payment credentials stolen from brick-and-mortar stores were able to command a higher price on the Dark Web than card-not-present data (also known as CNP). However, it seems like the market dynamics have recently shifted, as this information is now being used to target online retailers.

Consequently, the demand for these credentials is far outpacing supply, driving up the price. The economics can be explained by the recent US migration towards chip-based payment cards, which offer a superior level of fraud protection for in-store purchases.

Such news has broad implications for both consumers and companies operating in today’s digital ecosystem. Security has to be a constant priority, since payment trends will give way to new threats, and tomorrow’s vulnerabilities will not be the same as those existing today. In order to keep a continuous pulse on your employee and customer data, consider partnering up with an MSP that implements proactive Dark Web monitoring (like ours).

https://krebsonsecurity.com/2019/04/data-e-retail-hacks-more-lucrative-than-ever/

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Wednesday, May 22, 2019

In Other News:

In Other News:

Your Google Chrome extension may be an accomplice to phishing scams 

Users of the popular Google Chrome browser could be susceptible to a new phishing scam. Android mobile users running Google Chrome might be familiar with the browser’s aesthetic, user-experience guided method of hiding the address bar when a user scrolls through a website. However, perpetrators of phishing scams are now using this feature to display a fake URL bar that persists when users scroll.

At the same time, the fictitious URL bar can display the credentials of real websites, making users think they are viewing an authentic website. By hiding the original URL bar, users can be easily directed towards malicious third-party sites where users could expose their personal or financial data.

This vulnerability is being exploited to execute effective phishing scams that quickly capture users most sensitive information. Beware!



Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Monday, May 20, 2019

Week in Breach

This week, software companies are put under siege by ransomware, computer viruses infect Austrian construction company, and a flaw in Google Chrome may lead to phishing scams. 
Dark Web ID Trends:
Top Source Hits: ID Theft Forums (99%) 
Top Compromise Type: 
Domain (99%)
Top Industry: 
Finance & Insurance
Top Employee Count: 
11 - 50 Employees 



Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Friday, May 17, 2019

A new study reveals data exposure from hotel reservations


In Other News:

A new study reveals data exposure from hotel reservations

Symantec’s recent report on the security vulnerabilities of hotel websites found that the majority of them are leaking customer data.

The study was exhaustive, including 1,500 hotels in 54 countries and covering the gauntlet of lost-cost and high-end hotels. However, no single panacea was presented as a solution for the issue. Instead, different companies faced unique vulnerabilities to their systems and processes.

For instance, most hotels send guests a link to manage their reservation, but some hotels fail to encrypt this data, making it easily accessible to hackers and others accessing this information. At the same time, hotels collaborating with discount sites and advertisers are making guest data available to these third-party partners, elongating the exposure.

Moreover, the company found that hotels are uniquely susceptible to brute force attacks, a unique vulnerability that could allow bad actors to target specific individuals including CEOs, celebrities, or conference attendees.

Coming on the heels of the Marriott breach that revealed the information of 500 million guests, this report is a reminder to the industry that they need to be particularly aware of their security vulnerabilities and to take steps to protect customer information. Software solutions like BullPhish ID can mitigate many of these issues at the root source by helping you gain a thorough understanding of your company’s unique cybersecurity needs.


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com