details

now browsing by tag

 
 

#infosec | Magento Marketplace Breach Exposes User Details

Source: National Cyber Security – Produced By Gregory Evans

Users of one of the world’s most popular e-commerce marketplaces have been informed that their account information may have been stolen after a data breach at the firm.

The Adobe-owned Magento Marketplace offers thousands of free and premium extensions and themes for users to customize online stores built on the open source platform for e-tailers.

However, the Magento team “became aware of” a vulnerability in the marketplace on November 21, according to a brief statement from Jason Woosley, vice-president of commerce product & platform in Adobe’s experience business.

“We temporarily took down the Magento Marketplace in order to address the issue. The Marketplace is back online. This issue did not affect the operation of any Magento core products or services,” he continued. “We have notified impacted Magento Marketplace account holders directly.”

In an email to affected customers, Magento Marketplace support described the vulnerability as allowing an unauthorized third party to access information including: name, email, MageID, billing and shipping address and phone number, and “limited commercial information.”

Although no passwords or financial information were disclosed, the haul would still allow scammers to attempt follow-on phishing or identity fraud.

It’s unclear how many users were affected, but Woosley claimed the Magento Marketplace is “the largest open source community in e-commerce.”

Magento is no stranger to security incidents: many of the infamous Magecart digital skimming attacks are designed to harvest card data from companies running implementations. In fact, Magento was forced to patch over 30 bugs in an urgent security update earlier this year.

One security company warned earlier this month that slated end-of-support for Magento 1, which powers around 12% of the world’s e-commerce sites, could provide hackers with even more opportunities to target exposed sites.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | Magento Marketplace Breach Exposes User Details appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #infosec | Hackers attack OnePlus again – this time stealing customer details – HOTforSecurity

Source: National Cyber Security – Produced By Gregory Evans

Hackers have once again successfully compromised the website of Chinese phone manufacturer OnePlus.

Back in January 2018 it was revealed that the credit card details of some 40,000 people using the OnePlus website had been stolen by hackers. On that occasion the attackers managed to inject a malicious script into an payment webpage that skimmed card data as it was entered by customers.

At the time OnePlus said it was conducting an indepth security audit of its systems.

The latest security incident, detailed by OnePlus in an FAQ on its website, isn’t as serious as the payment card breach – but could still lead to customers being put at risk by fraudsters and online criminals.

The cellphone manufacturer has confirmed that customers’ names, contact numbers, email addresses and shipping details have been accessed by an unauthorised party via a vulnerability on its website.

Fortunately, payment information and passwords have not been compromised.

OnePlus has not revealed just how many customers have been impacted by the data breach, but says that all affected users have been sent an email notifying them of the security incident.

Of course, even if your passwords and payment details haven’t been exposed in this latest hack – that doesn’t mean that users have nothing to worry about.

Online criminals could abuse users’ names and contact details to launch phishing attacks, spread spam, or even attempt to commit fraud over the telephone.

Of course, the challenge for affected users is that – unlike passwords – details such as your name and contact details can not be easily changed.

Customers are being advised to contact OnePlus’s support team for assistance if they have any concerns.

According to the company it has since patched the vulnerable website, and checked it for similar security flaws:

“We’ve inspected our website thoroughly to ensure that there are no similar security flaws. We are continually upgrading our security program – we are partnering with a world-renowned security platform next month, and will launch an official bug bounty program by the end of December.”

No details have been shared of the nature of the website vulnerability which allowed the hackers to access customer data, but OnePlus must realise that the patience of customers is not limited – and for a second serious security breach to have occurred in a relatively short period of time will have done nothing to strengthen users’ trust in the brand.

More transparency about what has occurred and how, combined with strengthened security, would go a long way to reassure customers who must be feeling rattled by this latest incident.

OnePlus says it has informed the authorities about the data breach and is working with the police to further investigate who might be responsible for the attack.

Source link

The post #cybersecurity | #infosec | Hackers attack OnePlus again – this time stealing customer details – HOTforSecurity appeared first on National Cyber Security.

View full post on National Cyber Security

NETFLIX PHISHING CAMPAIGN STEALS CUSTOMERS’ CREDIT CARD DETAILS

Source: National Cyber Security – Produced By Gregory Evans

Netflix customers are being targeted by hackers posing as employees of the video streaming website in order to steal their credit card details. Researchers at the cybersecurity firm PhishMe uncovered the phishing campaign, which sent out Netflix-branded emails claiming to be from the company’s support team. Emails in the campaign…

The post NETFLIX PHISHING CAMPAIGN STEALS CUSTOMERS’ CREDIT CARD DETAILS appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Debenhams Flowers hacked: Credit card details of 26,000 people stolen

Source: National Cyber Security – Produced By Gregory Evans

Debenhams Flowers hacked: Credit card details of 26,000 people stolen

Hackers have stolen the personal data and financial details of tens of thousands of Debenhams customers, the company has admitted. In a cyber attack against a third party firm that runs the retailer’s online florist, Debenhams Flowers, hackers managed to take the names, addresses and financial information of 26,000 customers. Cyber criminals had access to the systems of Economova, the …

The post Debenhams Flowers hacked: Credit card details of 26,000 people stolen appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Malwarebytes Details Cybersecurity Threats Seen During Q1 2017 For Windows, MacOS And Android

Source: National Cyber Security – Produced By Gregory Evans

Many people don’t know as much about personal cybersecurity as they think they do. The bad news is that misunderstanding and lack of knowledge can put you at serious risk. The good news is that in many cases simply knowing …

The post Malwarebytes Details Cybersecurity Threats Seen During Q1 2017 For Windows, MacOS And Android appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Singapore’s defence ministry targeted by hackers, personal details of soldiers stolen

Singapore’s defence ministry said Tuesday that hackers had stolen the personal details of hundreds of staff and soldiers in what appeared to be a “targeted” cyber attack on its computer systems. Officials said hackers had not collected any classified data … View full post on National Cyber Security Ventures hacker proof, #hackerproof

The post Singapore’s defence ministry targeted by hackers, personal details of soldiers stolen appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

Grand Theft Auto forum shut down after hack exposes up to 200,000 user details

gta-5-pc-coming-soon

Source: National Cyber Security – Produced By Gregory Evans

Grand Theft Auto forum shut down after hack exposes up to 200,000 user details

Up to 200,000 users of a Grand Theft Auto fan site have had their personal details exposed online after the website’s online forum was breached by hackers last month by exploiting security flaws in a piece of software called vBulletin.

The post Grand Theft Auto forum shut down after hack exposes up to 200,000 user details appeared first on National Cyber Security.

View full post on National Cyber Security

Hillary Clinton Declares: I Sweat the Policy Details on Education, Children’s Issues – Politics K-12 – Education Week

The Democratic presidential nominee’s Thursday speech on the night she accepted her party’s nod capped a four-day convention during which many speakers praised her work for disadvantaged children.

View full post on Education Week: Bullying







#pso #htcs #b4inc

Read More

The post Hillary Clinton Declares: I Sweat the Policy Details on Education, Children’s Issues – Politics K-12 – Education Week appeared first on Parent Security Online.

View full post on Parent Security Online

Adding Details to Writing with Degas

If you teach writing at the elementary level, you’ve probably read quite a few student-written “bed-to-bed” narrative stories. You know the ones — they begin with the student waking up, list the events that happened […]

The post Adding Details to Writing with Degas appeared first on EducationCloset.

View full post on EducationCloset







#pso #htcs #b4inc

Read More

The post Adding Details to Writing with Degas appeared first on Parent Security Online.

View full post on Parent Security Online