RSS

Category: e-Commerce

Hey Facebook: Forget The Winklevoss Twins – Data Security Adversaries Are On The Way

Facebook IPO

As you folks over at Facebook prepare to make your initial public offering, before you switch gears to planning your IPO parties and stock-option fueled vacations, take a moment to consider data security. After all, Facebook is nothing without data – volumes and volumes of it. And all that data needs to remain available, accessible, private (sometimes), and authentic, 24 hours a day, from now until…forever. Over the last few years, millions of people have entrusted Facebook with everything from…

Click for complete article >>

Pain Comes Immediately – Secure Development Takes TimeTeam Shatter Exclusive

Fever

I recently came upon a blog post by Adrian Lane of Securosis titled ‘Pain comes instantly – fixes come later’, in which he comments on yet another blog post ‘Pain comes instantly’ by Oracle’s CSO, Mary Ann Davidson. Anything ‘Oracle security’ always gets me curious, so I went ahead and worked my way through both articles. Let’s just say one of them is a rather lengthy read. The core point of Mary Ann Davidson’s post is an objection she has…

Click for complete article >>

Hackers Crack Steam Database

Posted November 11, 2011 by TeamSHATTER Admin in Attack Vectors, Data Breach, Database Security, e-Commerce, Gaming, Hacker News, Technology with 0 comments
steam database hack

Steam, one of the world’s largest online gaming platforms with 35 million users across the globe, is reporting a breach of its customer database.”Our Steam forums were defaced on the evening of Sunday, Nov. 6,” said Gabe Newell, co-founder and managing director of Steam parent company Valve, in a statement on the company’s website. “We began investigating and found that the intrusion goes beyond the Steam forums. “We learned that intruders obtained access to a Steam database in addition to…

Click for complete article >>

Anonymous Hacks Wal-Mart, CapitalOne, Finland, El Salvador

anonymous arrested

It’s been a busy few days for the hacktivist collective known as Anonymous. On Saturday, Anonymous released data it had stolen after hacking the websites of CapitalOne and Wal-Mart. According to Anonymous, its data dump includes information on everyone from Warren Buffet and Michael Bloomberg to Monsanto CEO Hugh Grant and embattled ex-Harvard president and former Obama financial advisor Lawrence Summers. Also on Saturday, the group released a YouTube video calling for people to occupy “campaign offices of presidential headquarters…

Click for complete article >>

Adidas Websites Hit With ‘Sophisticated’ Hack

Posted November 7, 2011 by TeamSHATTER Admin in Data Breach, Database Security, e-Commerce, Retail with 0 comments
adidas website hack

Adidas has taken some of its websites offline as a precaution following the discovery of a “sophisticated, criminal cyber-attack”. The sportswear manufacturer said it decided to take potentially affected websites offline, as a precaution, following the discovery last Thursday of a hack attack. It reassured customers that it had no reason to think consumers’ data had been exposed as the result of the assault, the causes of which it is continuing to investigate. In a statement [1] (extract below), Adidas…

Click for complete article >>

Lush Founder: Website Business Yet To Return To Pre-Hack Numbers

Posted October 24, 2011 by TeamSHATTER Admin in Breach Costs, Data Breach, Database Security, e-Commerce with 0 comments
Lush Breach ICO

The founder of cosmetics retailer Lush has said web sales are slowly returning following a hacking incident. Mark Constantine told Insider that the level of increasing business on the website is yet to return to pre-hack numbers.  He said: “We were running toward 40 and 50 per cent up year on year each time on the website. And now we’re running at about 10-15 per cent.” “It was more of an education than a disaster because you know in your…

Click for complete article >>

Lush To Launch New Website In Wake Of Hacking

Lush Breach ICO

Online retailer Lush is planning to launch a new community-focused website this autumn, replacing one that was taken down earlier this year after a data protection breach left up to 5,000 of its customers exposed to hackers. The news follows a ruling this week by the Information Commissioner’s Office (ICO) that the handmade cosmetics company breached the Data Protection Act when its website security was compromised for four months. The ICO has now warned other online retailers to make sure…

Click for complete article >>

Mass iFrame Injection Attack Hits More Than 3 Million Pages

Posted August 2, 2011 by TeamSHATTER Admin in Attack Vectors, Data Breach, Database Security, e-Commerce with 0 comments
iframe injection attack

The recently discovered iFrame injection campaign rages on, as the number of compromised web pages goes from 90,000+ to over three million. Armorize researchers have been keeping an eye on the unfolding situation and point out that the attackers are taking advantage of a number of vulnerabilities in the Open Source online shop e-commerce solution osCommerce. The injected iFrames point to the willysy.com and exero.eu domains and through a series of redirections and JavaScript loadings of additional iFrames takes the…

Click for complete article >>
Powered by