Yet another web agency breach – this time it’s magecart and your privacy
YET ANOTHER WEB AGENCY BREACH – THIS TIME IT’S MAGECART AND YOUR PRIVACY A stealthy supply-chain attack has compromised more than 30 websites—including a credit
Webinar Replay: Understanding PCI DSS 4.0
Download the CoalFire whitepaper below
[Whitepaper] CoalFire Provides Guidance on PCI DSS 6.4.3 and 11.6.1
Guidance from CoalFire on the eSkimming Security requirements found in PCI DSS 4.0.
The most talked about and concerning new requirements in PCI DSS 4.0 fall under sections 6.4.3 and 11.6.1. For the first time, merchants are required to implement security controls to prevent eSkimming attacks. These new requirements require control of all scripts running on merchant eCommerce websites.
In this new whitepaper “A Holistic Approach to Protecting Credit Card Payment Flows,” CoalFire chimes in with background on the problem, guidance on scope, advice on how best to secure credit card data in eCommerce transactions, and a review of the Source Defense approach.
Other things you might be interested in
Sneaky skimmer steals credit cards after validation, disguised as legitimate JQuery library
SNEAKY SKIMMER STEALS CREDIT CARDS AFTER VALIDATION, DISGUISED AS LEGITIMATE JQUERY LIBRARY A travel company based in Texas has become the latest victim of a
A stealthy magecart attack with APT-style dyamic remote control, disguised as google analytics
A STEALTHY MAGECART ATTACK WITH APT-STYLE DYNAMIC REMOTE CONTROL, DISGUISED AS GOOGLE ANALYTICS A new Magecart attack pushes browser-based skimming much further—using a two-stage payload,
Double-entry magecart steals credit cards like a pickpocket, using fake “verification code” to fool victims
DOUBLE-ENTRY MAGECART STEALS CREDIT CARDS LIKE A PICKPOCKET, USING FAKE “VERIFICATION CODE” TO FOOL VICTIMS Resilient Magecart campaign mimics payment pages in 17 languages, rotates