credit card security | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers today disclosed details of two newly identified Magecart attacks targeting online shoppers of bedding retailers MyPillow and Amerisleep . Magecart is an umbrella term researchers gave to at least 11 different hacking groups that are specialized in implanting malware code on e-commerce websites with an intent to steal payment card details of their customers silently. Magecart made headlines last year after attackers conducted several high-profile cyber attacks against major international companies including British Airways , Ticketmaster , and Newegg . Magecart hackers use a digital payment card skimmer, a few lines of malicious Javascript code they insert into the checkout page of hacked websites and designed to captured payment information of customers in real time and then send it to a remote attacker-controlled server. Earlier this year, Magecart attackers also compromised nearly 277 e-commerce websites in a supply-chain attack by inserting its

MasterCard has unveiled its brand new payment card that has a built-in biometric fingerprint scanner, allowing customers to authorize payments with their fingerprint, without requiring a PIN code or a signature. The company is already testing the new biometric payment cards, combined with the on-board chips, in South Africa and says it hopes to roll out the new cards to the rest of the world by the end of 2017. Don't Worry, It Still Supports PIN-based Transactions as Fallback Wait — If you think that this feature would not allow you to share your card with your child and spouse, don't worry — Mastercard has a solution for this issue as well. The company has confirmed that even if the card is configured to expect the fingerprint for authenticating a purchase, but it does still have a PIN as a fallback, in case, for some reason EMV readers fail to read fingerprint or you have yourself handed it to your child for shopping. Stores & Retailers Don't Need New Hardw

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

The son of a prominent Russian lawmaker has been found guilty in the United States of running a hacking scheme that stole and sold 2.9 million US credit card numbers using Point-of-Sale (POS) malware, costing financial institutions more than $169 Million. Roman Seleznev , 32, the son of Russian Parliament member Valery Seleznev, was arrested in 2014 while attempting to board a flight in the Maldives, which sparked an international dispute between American and Russian authorities, who characterized the extradition as a " kidnapping ." Prosecutors introduced evidence from a corrupted laptop seized by the authorities at the time of his arrest.  "I don't know of any case that has allowed such outrageous behavior," said his lawyer, John Henry Browne. Also Read: How to Freeze Credit Report To Protect Yourself Against Identity Theft . According to the Department of Justice, Seleznev, who also went by the moniker ' Track2 ' online, was convicted in

Hyatt Hotels Corporation is notifying its customers that credit card numbers and other sensitive information may have been stolen after it found malware on the computers that process customer payments. "We recently identified malware on computers that operate the payment processing systems for Hyatt-managed locations," the company announced on Wednesday. "As soon as we discovered the activity, we launched an investigation and engaged leading third-party cyber security experts." What type of information? The company didn't confirm whether the attackers succeeded in stealing payment card numbers, neither it say how long its network was infected or how many hotel chains were affected in the malware attack. But as the payment processing system was infected with credit-card-stealing malware, there is a possibility that hackers may have stolen credit card numbers and other sensitive information. What happened? Hyatt spokeswoman Stephanie Sheppard

The massive data breaches in U.S retailers ' Target ' and ' Neiman Marcus ', in which financial credentials of more than 110 million and 1.1 million customers were compromised respectively, have put a spotlight on the need for more secure transactions. To tackle this issue, the two major payment card brands, MasterCard and Visa have announced the formation of a new cross-industry group that will focus on the security of the enhancing payment system to keep pace with the expectations of consumers, retailers and financial institutions in the United States. " The recent high-profile breaches have served as a catalyst for much needed collaboration between the retail and financial services industry on the issue of payment security," says Ryan McInerney, president of Visa Inc. "As we have long said, no one industry or technology can solve the issue of payment system fraud on its own. " The joint effort aims to advance the migration to EMV chip cards, also kno