gift cards | Breaking Cybersecurity News | The Hacker News

Gift cards have once again caused quite a headache for retailers, as cyber criminals are using a botnet to break into and steal cash from money-loaded gift cards provided by major retailers around the globe. Dubbed GiftGhostBot , the new botnet specialized in gift card fraud is an advanced persistent bot (APB) that has been spotted in the wild by cyber security firm Distil Networks. GiftGhostBot has been seen attacking almost 1,000 websites worldwide and defrauding legitimate consumers of the money loaded on gift cards since Distil detected the attack late last month. According to the security firm, any website – from luxury retailers, supermarkets to coffee distributors – that allow their customers to buy products with gift cards could be targeted by the botnet. Operators of the GiftGhostBot botnet launch brute-force attacks against retailer's website to check potential gift card account numbers at a rate of about 1.7 Million numbers per hour, and request the balance f...

A popular scam that always seems to pop up around the holiday shopping season has once again resurfaced.Have you gotten a text message promising a free gift card? All you have to do is click on a link? However, it was a scam. Case :  A text message has been popping up on Central New Yorkers' phones saying they've won a Target gift card worth $1,000. It's a scam – do not click on it and quickly delete it. Links within the message connect you to bogus websites that are designed to collect sensitive, private information from people who think they've really won a prize. The text messages most frequently come from Target, Best Buy or Walmart. How did someone get your number?   How many times have we filled out things for either restaurant surveys or fill out this survey and get a coupon? If that information isn't being properly secured, it's very easy to get that data if its saved in clear text or unencrypted data. People have their cell phone ...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...