Web.com Latest Hacking Victim
Hackers gain unauthorized access to the computers of Internet services provider Web.com Group and stole credit card information of 93,000 customers.
According to a website set up by the company to share information about the incident, Web.com discovered the security breach on Aug. 13 as part of its ongoing security monitoring.
Attackers compromised credit card information for around 93,000 accounts, as well as the names and addresses associated with them. No other customer information like social security numbers was affected, the company said.
According to the company, the verification codes for the exposed credit cards were not leaked. However, there are websites on the Internet that don’t require such codes for purchases.
Web.com has notified affected customers via email and will also follow up with letters sent through the U.S. Postal Service. Those users can sign up for a one-year free credit monitoring service.
The company did not specify how the intruders gained access to its systems, but has hired a “nationally recognized” IT security firm to conduct an investigation.
Web.com provides a variety of online services, including website and Facebook page design, e-commerce and marketing solutions, domain registration and Web hosting. The company claims to have over 3.3 million customers and owns two other well known Web services companies: Register.com and Network Solutions.
Register.com and Network Solutions customers were not impacted by this breach unless they also purchased services directly from Web.com.
Source-http://www.thegurureview.net/aroundnet-category/web-com-latest-victim-of-credit-card-hacking.html
Self-Healing Software On The Way
Researchers at the University of Utah have developed self-healing software that detects, expunges and protects against malware in virtual machines.
Called Advanced Adaptive Applications (A3), the software suite was created in collaboration with US defence contractor Raytheon BBN over a period of four years.
It was funded by DARPA through its Clean-Slate Design of Resilient, Adaptive, Secure Hosts programme, and was completed in September, Science Daily reported on Thursday.
A3 features “stackable debuggers”, a number of debugging applications that cooperate to monitor virtual machines for indications of unusual behaviour.
Instead of checking computer object code against a catalogue of known viruses and other malware, the A3 software suite can detect the operation of malicious code heuristically, based on the types of function it attempts.
Once the A3 software detects malicious code, it can apparently suspend the offending process or thread – stopping it in its tracks – repair the damage and remove it from the virtual machine environment, and learn to recognise that piece of malware to prevent it entering the system again.
The self-healing software was developed for military applications to support cyber security for mission-critical systems, but it could also be useful in commercial web hosting and cloud computing operations.
If malware gets into such systems, A3 software could detect and repair the attack within minutes.
The university and Raytheon demonstrated the A3 software suite to DARPA in September by testing it against the notorious Shellshock exploit known as the Bash Bug.
A3 detected and repaired the Shellshock attack on a web server within four minutes. The project team also tested A3 successfully on another six examples of malware.
Eric Eide, the research associate professor of computer science who led the A3 project team along with computer science associate professor John Regehr, said: “It’s pretty cool when you can pick the Bug of the Week and it works.”
The A3 self-healing software suite is open source, so it’s free for anyone to use, and the university researchers would like to extend its applicability to cloud computing environments and, perhaps eventually, end-user computing.
Professor Eide said: “A3 technologies could find their way into consumer products someday, which would help consumer devices protect themselves against fast-spreading malware or internal corruption of software components. But we haven’t tried those experiments yet.”
Twitter To Allow Monet Tweets
October 22, 2014 by admin
Filed under Around The Net
Comments Off on Twitter To Allow Monet Tweets
One of France’s largest banks is partnering with social network Twitter Inc. to allow its customers to transfer money via tweets.
The move by Groupe BPCE, France’s second largest bank by customers, coincides with Twitter’s own foray into the world of online payments as the social network seeks new sources of revenue beyond advertising.
Twitter is racing other tech giants Apple and Facebook to get a foothold in new payment services for mobile phones or apps. They are collaborating and, in some cases, competing with banks and credit card issuers that have run the business for decades.
The bank said last month it was prepared to offer simple person-to-person money transfers via Twitter to French consumers, regardless of what bank they use, and without requiring the sender know the recipient’s banking details.
“(S-Money) offers Twitter users in France a new way to send each other money, irrespective of their bank and without having to enter the beneficiary’s bank details, with a simple tweet,” Nicolas Chatillon, chief executive of S-Money, BPCE’s mobile payments unit, said in the statement.
Payment by tweets will be managed via the bank’s S-Money service, which allows money transfers via text message and relies on the credit-card industry’s data security standards.
BPCE and Twitter declined to provide further details ahead of a news conference in Paris later today to unveil the service.
Last month, Twitter started trials of its own new service, dubbed “Twitter Buy”, to allow consumers to find and buy products on its social network.
The service embeds a “Twitter Buy” button inside tweets posted by more than two dozen stores, music artists and non-profits. Burberry, Home Depot, and musicians such as Pharrell and Megadeth are among the early vendors.
Twitter’s role to date has been to connect customers rather than processing payments or checking their identities.
eBay Expands Mobile Shopping
July 21, 2014 by admin
Filed under Around The Net
Comments Off on eBay Expands Mobile Shopping
Braintree, the payments gateway owned by eBay Inc, is working on removing a hurdle for e-commerce companies by making it easier for customers to directly pay for products on their smart phones.
The company rolled out a set of tools for software developers on Wednesday that allows businesses to deduct payments directly from a customer’s PayPal account.
The developer kit is the first big push from Braintree since it was bought by eBay for $800 million last year to help PayPal, eBay’s payments division, expand its presence on mobile devices.
Eliminating the need for mobile shoppers to type in their credit card details on their phones should help boost sales, Braintree Chief Executive Bill Ready said in an interview.
This is especially critical as consumers spend more time on their smartphones, a trend that is forcing developers to design a “fundamentally different computing experience” for the smaller screen, Ready added.
Braintree processes payments for businesses including car service Uber and online home-rental marketplace Airbnb.
PoS Cyber Attacks Up In 2013
June 4, 2014 by admin
Filed under Around The Net
Comments Off on PoS Cyber Attacks Up In 2013
A third of data intrusion investigated by security firm Trustwave last year involved compromises of point-of-sale (POS) systems and over half of all intrusions targeted payment card data.
Even though POS systems remained a significant target for attackers, as suggested by several high-profile data breaches disclosed by large retailers over the past six months, the largest number of data theft incidents last year actually involved e-commerce sites, Trustwave said Wednesday in a report that compiled data from 691 data breach investigations conducted by the company around the world.
E-commerce intrusions accounted for 54 percent of investigated data breaches and POS system intrusions accounted for 33 percent, Trustwave said. A separate report published by Verizon in April also pointed to Web application and PoS attacks as leading causes of security incidents with confirmed data disclosure last year.
According to Trustwave, over half of intrusions targeted payment-card data, with such data being stolen from e-commerce transactions in 36 percent of incidents and from POS transactions in 19 percent of attacks.
In Western Europe in particular, where countries have rolled out EMV — chip-and-PIN payment card transactions — cybercriminals shifted their focus from POS devices to e-commerce platforms, said John Yeo, EMEA Director at Trustwave. “EMV has changed the pattern of compromises when it comes to payment-card-specific data.”
However, a significant increase in the theft of sensitive, non-payment-card data, was also observed last year. This data includes financial credentials, personally identifiable information, merchant ID numbers and internal company communications, and was stolen in 45 percent of incidents, Trustwave said in the report.
Customer records containing personally identifiable information can possibly be used to perpetrate identity fraud and are sought after on the black market, so that’s why there’s been an uptick in attacks focusing on such data, Yeo said.
Only about a third of victim companies were able to self-detect data breaches, Trustwave found. In 58 percent of cases, breaches were identified by regulatory bodies, the credit card companies or merchant banks.
Is NFC Catching On?
January 10, 2013 by admin
Filed under Around The Net
Comments Off on Is NFC Catching On?
Near Field Communication (NFC) is steadily gaining adoption in the U.S. for sharing data and music among smartphones, but the technology faces years of slow growth as a replacement for physical wallets.
NFC will take a minimum of three more years to grab hold as a technology that enables so-called mobile wallets as a replacement for credit cards and cash in the U.S., according to a consensus of five analysts. And by “grab hold,” these analysts mean being used by only 10% of mobile phone users to make digital purchases.
Gartner analyst Avivah Litan predicts that NFC payments will hit the 10% threshold in 2015, compared to the process of SMS (texting) payments that is expected to represent 50% of mobile payment volume globally in that same year. “We’re still on the edge when it comes to NFC innovation,” Litan says. “It will take a decade before it’s mainstream across the globe.”
Dozens of new smartphones that run Android, BlackBerry and Windows, and that include an NFC chip, launched last year. But Apple notably did not put NFC in its new iPhone 5 when the phone launched in September. That move “surely had a significant detrimental impact on industry adoption of NFC,” Litan says, given Apple’s influence in the mobile market.
Apple justified the move by saying that consumers already could use its Passbook app, which shows barcodes on the display, instead of NFC. The barcodes contain information that can be scanned by optical readers to let users board planes and redeem movie tickets — tasks that Apple notes are “the kinds of things consumers need today.”
Some have criticized Apple for omitting NFC from the iPhone 5, which has led to a widespread reassessment of NFC’s immediate future, especially in the U.S.
PayPal Unveils New Payment System
PayPal has unveiled a mobile payment product for customers that doesn’t require near-field communication (NFC) technology inside smartphones.
The system relies instead on using smartphones and other mobile devices to scan product bar codes and to authorize payments through PayPal mobile accounts. Shoppers will also be able to use credit-card scanning terminals commonly seen in grocery stores: The user inputs a phone number and PIN on the terminal’s keypad instead of swiping a credit or debit card.
PayPal President Scott Thompson laid out the basics of the plan in a blog posted Wednesday. In the blog, he also took a swipe at competitors, including Google, MasterCard, Visa and others, who are working with NFC in smartphones for a mobile wallet.
“Let’s be clear about something — we’re not just shoving a credit card on a phone,” Thompson said in his blog.
PayPal is already a major global force in online payments, with 100 million customers. While PayPal’s new payment technologies don’t rely on NFC, they do propose making in-store payments possible from any device and support GPS-based offers, according to Thompson’s blog. PayPal will even allow for customers to set up payments on credit after they’ve checked out.
Dozens of merchants got a sneak peak of the technology Wednesday at an event PayPal sponsored. The event was covered by All Things D, which was not allowed to take photographs, but posted a story. In addition to the payment methods shown in the PayPal video, that story said PayPal will allow customers to continue using plastic cards, issued by PayPal, for payment.
In an interview posted on AllThingsD, Thompson said the PayPal approach doesn’t require merchants to install new terminals, nor does it require customers to buy a new smartphone.
Visa Digital Wallet Coming
May 15, 2011 by admin
Filed under Smartphones
Comments Off on Visa Digital Wallet Coming
Visa Inc, the world’s largest credit and debit card processing network, is designing a digital wallet that people can use to pay for things on the Internet or with their phones instead of with traditional plastic cards.
The network said on Wednesday it is collaborating with several large U.S. and international banks to create the wallet. Its partners include US Bancorp, PNC Financial Services, Regions Financial, BB&T Corp, Toronto Dominion’s TD Bank and the U.S. arm of Barclays PLC.
The “digital wallet” will store the banks’ customers’ credit and debit card account information, both for Visa cards as well as other cards. People can use the wallet to pay for things online or in stores, Visa said.
The network will also have to convince merchants to put a new “one-click” button on their websites, so that potential customers can use their Visa digital wallets to buy things by clicking the button instead of by manually entering all of their account information every time they want to make an online purchase.
Banks, mobile phone operators and networks like Visa are all trying to gain territory in the small, but high-potential market for U.S. mobile payments. Last week Isis, a separate mobile payments venture run by three of the top four U.S. carriers, said it had modified its initial goals and was now open to working with Visa and MasterCard as it introduces its own mobile wallet.
Jim McCarthy, Visa’s head of global products, told Reuters in an interview on Wednesday that mobile payments in the United States “will more easily take off” from people using their smartphones’ browsers to buy things online.