20 Jul 2022
By Mary

InfoSec News Nuggets 07/20/2022

Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems 300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuDrive, Harbortouch and InTouchPOS services. Magecart campaigns have been skimming payment-card credentials of unsuspecting customers using three online restaurant-ordering systems, affecting about 300 restaurants that use the services and compromising tens of thousands of cards so far, researchers have found. Two separate ongoing Magecart campaigns have injected e-skimmer scripts into the online ordering…
Read More
03 Feb 2022
By Mary

InfoSec News Nuggets 02/03/2022

Thousands of Malicious npm Packages Threaten Web Apps More than 1,300 malicious packages have been identified in the most oft-downloaded JavaScript package repository used by developers, npm, in the last six months — a rapid increase that showcases how npm has become a launchpad for a range of nefarious activities. New research from open-source security and management firm WhiteSource has discovered the disturbing increase in the delivery of malicious npm packages, which are used as building blocks for…
Read More
09 Apr 2021
By Mary

InfoSec News Nuggets 04/09/2021

Italian man arrested after allegedly paying hitman in cryptocurrency According to a Europol alert on Wednesday, the suspect dove into the darkest corners of the internet to find a hitman and eventually located a website claiming to offer these services on the dark web. It is necessary to use the Tor network to access the deep web -- an underlayer that is not indexed by typical search engines -- and a sector of this area, known as the…
Read More
29 Mar 2021
By Mary

InfoSec News Nuggets 03/29/2021

Credit Card Hacking Forum Gets Hacked, Exposing 300,000 Hackers’ Accounts Carding Mafia, a forum for stealing and trading credit cards has been hacked, exposing almost 300,000 user accounts, according to data breach notification service Have I Been Pwned. The data breach allegedly exposed the email addresses, IP addresses, usernames, and hashed passwords of 297,744 users. Have I Been Pwned announced the data breach on Tuesday, saying the breach happened last week. On the Carding Mafia forum and its public…
Read More