credit card hacking | Breaking Cybersecurity News | The Hacker News

Following the massive data breaches at eBay , Neiman Marcus Group and Michaels Stores , yet another private equity company Centerbridge Partners-backed restaurant chain P.F. Chang's China Bistro suffered a potential Credit and Debit card data breach. The Asian-themed casual dining restaurant chain confirmed on Thursday their customers' Credit and Debit card information were stolen in the cyber attack on its restaurants, saying it is temporarily switching to a manual Credit and Debit card imprinting system for all of its P.F. Chang's China Bistro branded restaurants located in the United States, in order to process cards safety. " At P.F. Chang's, the safety and security of our guests' payment information is a top priority, " said Rick Federico, CEO of P.F. Chang's. " Therefore, we have moved to a manual credit card imprinting system for all P.F. Chang's China Bistro branded restaurants located in the continental United States. This ensures our guests can

While shopping online we need to first surf through number of pages and then finally have to fill credit and debit cards details manually into the browser, which is the annoying for most of the user. But now the new Safari feature in iOS 8 solves this problem by integrating camera-based Credit and Debit card reader. Apple will soon introduce this feature to Safari in its latest Operating System iOS 8 that will allow its iPhone/iPad users to scan their physical credit and debit cards with their device camera and optical character recognition, according to 9to5Mac . So when a user has to shop online using their iPhone or iPad and reach the payment screen for payment, safari browser will automatically display this " Scan Credit Card " option. This option will help your camera to capture the image of your credit card, which the device will analyze by using the optical character recognition to input the card number into the appropriate text field in the online payment form

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

Criminals will not let any way to cheat an ATM machine out of its cash, as it's one of the easiest way for them to get the hands on cash. ATM skimmers have now discovered a new and high-tech approach to target cash machines directly by inserting a physical notorious device into it instead. According to the Chinese press , two Ukrainian men arrested in Macau for reportedly planting the malicious software program in the seven Macau bank ATMs. This could came out as the quickest method to hack the cash machines. HACKING ATM MACHINES The two accused were arrested this week by the authorities in Macau, a Chinese territory approximately west of Hong Kong, but the two are from Ukraine and had successfully stolen almost $100,000 by corrupting more than seven ATMs with a computer virus. According to the authorities, the men allegedly used a green object device ( as shown in the image ) to carry out the money fraud. They first connected the device to a laptop and then inserted

In past few months, the malware developers are more focusing on proliferating and upgrading malicious malwares to target Point-of-Sale (POS) machines. Due to the lack of concern and security measures, point-of-sale (POS) systems have become an attractive target for cybercriminals and malware writers. BlackPOS malware caused massive data breaches in various US retailers targeting POS machines and the largest one is TARGET data breach occurred during the last Christmas holidays. The third-largest U.S. Retailer in which over 40 million Credit & Debit cards were stolen, used to pay for purchases at its 1500 stores nationwide in the U.S. Neiman Marcus, Michaels Store were also targeted involving the heist of possibly 110 million Credit-Debit cards, and personal information. BlackPOS malware was embedded in point-of-sale (POS) equipment at the checkout counters to collect secure data as the credit cards were swiped during transactions. Now the latest one is the ' Nemanj

A Russian Hacker who was arrested in year 2012 by the authorities of the Netherlands and accused for allegedly hacking into the computer networks of more than a dozen major American corporations and stole over 160 million Credit and Debit Card Numbers. Earlier we reported , 33-year-old Russian hacker Vladimir Drinkman is wanted in U.S and Russia for various cyber crime charges, and the Netherlands Court ruled simultaneous requests from the U.S. & Russia for the extradition were admissible. But now it's up to the Dutch Minister of Justice to decide, whether to which country he would be extradited. However, Hacker Vladimir Drinkman does not want to face charges in US and appealed to the Supreme Court of the Netherlands, Country's highest court, to avoid his extradition to the US, Bloomberg reported. In the U.S. District Court for the District of New Jersey , the U.S. prosecutor plead that he was involved in the theft of more than 160 million credit and debit-

The massive data breaches in U.S largest retailers ' Target ', marked the largest card heists in the U.S. history in which financial credentials of more than 110 million customers were compromised, have forced the retailer to take step towards more secure transactions. The retailer company on Tuesday said it is implementing chip-and-PIN payment card systems for its stores and will be soon working with the MasterCard to replace all of its REDcard customer cards to chip-and-PIN secured cards. The transition to chip-and-Pin-enabled REDcards is set to begin in early 2015. " The new payment terminals will be in all 1,797 U.S. stores by this September, six months ahead of schedule. In addition, by early next year, Target will enable all REDcards with chip-and-PIN technology and begin accepting payments from all chip-enabled cards in its stores, " the company said. The chip-and-PIN system, also known as the EMV standard. Instead of using a magnetic stripe to store fina

In the mid of last year a Group of Russian Hackers were accused for allegedly infiltrating the computer networks of more than a dozen major American and international corporations and stole 160 million credit card and debit card numbers over the course of seven years, which were then resold to third parties buyers. WANTED IN U.S AND RUSSIA A Rotterdam court in Netherlands ruled that simultaneous requests from the U.S. and Russia for the extradition of the Russian hacker  Vladimir Drinkman  were admissible,  who is accused of being involved to lead the largest data theft case ever prosecuted in the U.S history, Bloomberg report . But it's not yet clear why Russia demands Drinkman 's extradition, "It's now up to the minister of justice to decide on the extradition, and to decide which country." court ruled. The investigators identified that the defendants have been infiltrating computer networks across the globe since at least 2007, including firms in New Jer

A new dangerous variant of ZeuS Banking Trojan has been identified by Comodo AV labs which is signed by stolen Digital Certificate which belongs to Microsoft Developer to avoid detection from Web browsers and anti-virus systems. Every Windows PC in the world is set to accept software " signed " with Microsoft's digital certificates of authenticity, an extremely sensitive cryptography seal. Cyber Criminals somehow managed to hack valid Microsoft digital certificate, used it to trick users and admins into trusting the file. Since the executable is digitally signed by the Microsoft developer no antivirus tool could find it as malicious. Digitally signed malware received a lot of media attention last year. Reportedly, more than 200,000 unique malware binaries were discovered in past two years signed with valid digital signatures. A Comodo User submitted a sample of the malicious software that attempts to trick user by masquerading itself as file of Intern

800 Million US based Credit and Debit cards compromised! Really it's a big number and till now it has not been sized by the cyber security officials but a hacker group claims that they had stolen data on hundreds of millions of U.S. card accounts. Last week, the hacker group called itself Anonymous Ukraine ( Op_Ukraine) , said it has seized information pertained to 800 million U.S. credit and debit card accounts, including the cards' data belong to U.S. President Obama and other political figures. The group says the intention behind this data theft is to harm the U.S. economy. The messages posted on March 24 shows clearly that they were by anti-American. The first message read, " After the USA showed its true face when she unilaterally decides which of the peoples to live independently and who under the yoke of the Federal Reserve, we decided to show the world who is behind the future collapse of the American banking system. We own all the financial information of the

The massive data breaches in U.S retailers ' Target ' and ' Neiman Marcus ', in which financial credentials of more than 110 million and 1.1 million customers were compromised respectively, have put a spotlight on the need for more secure transactions. To tackle this issue, the two major payment card brands, MasterCard and Visa have announced the formation of a new cross-industry group that will focus on the security of the enhancing payment system to keep pace with the expectations of consumers, retailers and financial institutions in the United States. " The recent high-profile breaches have served as a catalyst for much needed collaboration between the retail and financial services industry on the issue of payment security," says Ryan McInerney, president of Visa Inc. "As we have long said, no one industry or technology can solve the issue of payment system fraud on its own. " The joint effort aims to advance the migration to EMV chip cards, also kno

If you have an account at the popular crowd funding site Kickstarter , it's time to change your account's password. Kickstarter's CEO Yancey Strickle r says that the company has been hacked by an unknown hacker earlier this week. Kickstarter said in a blog post that no credit card information was stolen in Data Breach , but users' personal information has been compromised and they also haven't found evidence of unauthorized activities on accounts. Data accessed and stolen by hackers included usernames, email addresses, mailing addresses, phone numbers and encrypted passwords of the users. Facebook usernames and logins were not compromised for those who use that log-in system to get on Kickstarter. According to a Kickstarter's team member, the older users' passwords were encrypted using salted SHA1  and newer users' passwords are encrypted with a stronger hashing algorithm called ' bcrypt '. Hackers could attempt to crack the encrypted pa

Till now we all have heard about the Ransomware malware that encrypts your files or lock down your computer and ask for a ransom amount to be paid in a specified duration of time to unlock it. Emsisoft has detected a new piece of malware called " Linkup ", dubbed as " Trojan-Ransom.Win32.Linkup " that doesn't lock your computer or encrypts files; rather it blocks your Internet access by modifying the DNS settings, with the ability to turn your computer into a Bitcoin mining robot.  Sounds Interesting?? Once the Linkup Trojan is installed in your system, it makes a copy of itself and disables the selected Windows Security and Firewall services to facilitate the infection. Injected poisoned DNS Server will only allow the malware and Bitcoin miner to communicate with the internet. It display a bogus notification on the victim's web browser, which is supposed to be from the Council of Europe , that accuses you of viewing " Child Pornography " and only returns th

Western landscapes are facing a hell lot of data breaches started with Target , Neiman Marcus and now country's largest crafts chain ' Michael's Art and Crafts ' may be is the latest retailer hit by a security breach. In a statement, Irving, Texas-based company acknowledged a possible data security breach that may have affected its customers' payment card information at its 1250 stores across the United States and Canada. They also announced that it is working closely with federal law enforcement and is conducting an investigation with the help of third-party data security experts to establish the facts. " Michaels said in its statement that it had "recently learned of possible fraudulent activity on some US payment cards that had been used at Michaels, suggesting that the company may have experienced a data security attack " company said . CEO Chuck Rubin said that the company has not confirmed a breach, but wanted to alert customers:

I think you haven't forgotten the massive data breach occurred at TARGET , the third-largest U.S. Retailer during last Christmas Holidays. People shop during Black Friday sales in which over 40 million Credit & Debit cards were stolen, used to pay for purchases at its 1500 stores nationwide in the U.S. TARGET officially confirmed that the encrypted PINs (personal identification numbers) of payment cards were stolen in the breach, since the stolen pin data were in encrypted form so they were confident that the information was " Safe and Secure ", because PIN cannot be decrypted without the right key. The Breach was caused by a malware attack, that allowed the criminals to manipulate Point of Sale (PoS) systems without raising red flags and the card numbers compromised in the breach are now flooding underground forums for sale. Possibly a group of Eastern European cyber criminals who specializes in attacks on merchants and Point-of-Sale terminals either attached a physical device

The Senate Judiciary Committee Chairman ' Patrick Leahy ' reintroduced a revamped version of the " Personal Data Privacy and Security Act " for tough criminal penalties for hackers, that he originally authored in 2005. During last Christmas Holidays, a massive data breach had occurred at the shopping giant  Target,  involving hack of 40 million credit & debit cards, used to pay for purchases at its 1500 stores nationwide in the U.S. Reason: "Target Data Breach? Seriously"?  In a statement, as published below, the Senator wrote: "The recent data breach at Target involving the debit and credit card data of as many as 40 million customers during the Christmas holidays is a reminder that developing a comprehensive national strategy to protect data privacy and cybersecurity remains one of the most challenging and important issues facing our Nation" It seems that the  TARGET Breach  was scheduled, as the best opportunity to ramp up the cyber secu

Cybercrime , identity theft, and frauds are on the rise; and in most cases, the data breaches are associated with credit cards and cardholder data. The impact of data breach not only affects your organization, but also your customers. A common observation cites that organizations that are PCI compliant are 50% less likely to suffer a data breach . It is alarming to notice that most organizations have difficulty complying with the requirements necessary for processing cardholder data . PCI makes the process smooth Based on the feedback from the industry, PCI Security Council has introduced some changes in the compliance regulations and has come up with version 3.0 for PCI compliance whose final version is scheduled for release on November 7, 2013. And, it is expected to be effective from January 2014. So, how will the upgraded version of PCI Compliance impact your organization? Awareness :  Most security breaches happen due to lack of awareness in the following areas: