The State of Hacker-Powered Security in Retail and Hospitality

Increasingly, retail and hospitality applications are under attack by malicious threat actors exploiting web vulnerabilities. Thankfully, there’s a huge community of talented andtenacious ethical hackers who specialize in the retail and hospitality industries and can bring to your organization’s security. Thousands of the world’s most influential brands — including Hyatt, Beiersdorf, A.S. Watson, Delivery Hero,…

Read More

10 Critical PCI DSS Compliance Pitfalls Retailers Must Navigate

In today’s digital retail landscape, PCI DSS compliance is not just a regulatory requirement—it’s a critical business imperative. As a seasoned QSA and security consultant with over two and half decades of experience, I’ve witnessed firsthand the devastating impact of data breaches on businesses. Did you know that 60% of small businesses close within six…

Read More

Netskope Report Details Exponential Increase in Microsoft Sway QR Code Phishing

Summary On 27 August 2024, Cybersecurity researchers from Netskope released a new report calling attention to a new QR code phishing, also known as quishing, campaign that leverages Microsoft Sway infrastructure to host fake pages, highlighting the abuse of legitimate cloud offerings for malicious purposes. In July 2024, Netskope Threat Labs tracked a 2,000-fold increase in traffic to…

Read More

Security and Bot Management is Crucial for eCommerce During Back-to-School Sales

For eCommerce companies targeting the increasing number of parents shopping for back-to-school supplies, having strong online security measures is essential. With the continued rise of online shopping, the sophistication of cyber threats is also increasing. Hackers and malicious bots can exploit vulnerabilities in eCommerce platforms, leading to data breaches that compromise sensitive customer information, including…

Read More

FIN7 Found Hosting Malicious Domains Hosted on Tech Internal Infrastructure

Summary Team Cymru, Silent Push, and Stark Industries Solutions have released a report detailing a collaborative investigation between all three entities targeting the financial threat group, FIN7. Despite past disruptions, FIN7 remains active, employing a range of tactics to evade detection. Silent Push’s research identified a significant number of domains linked to FIN7, a portion of…

Read More