Category Archives: Latest Security News

Maze Ransomware Gang to Shut Down Operations

Security researchers learned that the Maze digital crime gang is in the process of shutting down its ransomware operations. Bleeping Computer began hearing rumors of the shutdown in early September 2020. In an email conversation, a ransomware attacker told the computer self-help site that the Maze gang had stopped encrypting new victims in September 2020 […]… Read More

The post Maze Ransomware Gang to Shut Down Operations appeared first on The State of Security.

President Trump’s Campaign Website Defaced by Cryptocurrency Scammers

Unknown individuals temporarily defaced the official campaign website of President Donald Trump with a cryptocurrency scam. Twitter user Gabriel Lorenzo Greschler was among the first to spot the defacement, which is believed to have occurred at around 16:00 PST on October 27. .@realDonaldTrump's campaign website has been hacked. Doing research for a climate change article […]… Read More

The post President Trump’s Campaign Website Defaced by Cryptocurrency Scammers appeared first on The State of Security.

Amazon Discloses Security Incident Involving Customers’ Email Addresses

Amazon informed some of its customers about a security incident that involved the unauthorized disclosure of their email addresses. News of the security incident emerged over the weekend of October 23 when multiple users took to Twitter to voice their confusion over an email they had received from Amazon. In an email notification obtained by […]… Read More

The post Amazon Discloses Security Incident Involving Customers’ Email Addresses appeared first on The State of Security.

DOJ Says Iran Targeted American Voters with Threatening Emails

The U.S. Department of Justice (DOJ) said Iran was responsible for an attack campaign that targeted American voters with threatening emails. On October 21, the Justice Department held a press conference in which FBI Director Christopher Wray and Director of National Intelligence John Ratcliffe linked Iran to a spam campaign making the rounds in the […]… Read More

The post DOJ Says Iran Targeted American Voters with Threatening Emails appeared first on The State of Security.

Montréal Public Transport Agency Discloses Ransomware Attack

A public transport agency operating in Montréal announced that a ransomware attack had affected its website and other systems. The Société de transport de Montréal (STM) disclosed the infection on a web page it created to keep customers updated about its services while its main site remains offline: Since the afternoon of October 19, the […]… Read More

The post Montréal Public Transport Agency Discloses Ransomware Attack appeared first on The State of Security.

Ransomware Gang Donated Part of Ransom Demands to Charities

A budding ransomware group donated part of the ransom demands that it had previously extorted from its victims to two charities. On October 13, the Darkside ransomware group announced the donations in a blog post on its dark web portal. As quoted by ZDNet: As we said in the first press release – we are […]… Read More

The post Ransomware Gang Donated Part of Ransom Demands to Charities appeared first on The State of Security.

U.S. Federal Court Issues Restraining Order against Tech Support Scheme

A federal court in the United States issued a temporary restraining order against a tech support scheme that’s alleged to have targeted U.S. consumers. On October 15, the U.S. District Court filed Southern District of Florida submitted a complaint against Michael Brian Cotter, 59, of Glendale, California. The complaint alleged that Cotter had worked with […]… Read More

The post U.S. Federal Court Issues Restraining Order against Tech Support Scheme appeared first on The State of Security.

Silent Librarian APT Targeting Universities with Spear Phishing Attacks

Security researchers discovered that an APT group known as “Silent Librarian” is actively targeting universities with spear phishing attacks. Malwarebytes learned in mid-September that Silent Librarian, also known as “TA407” and “COBALT DICKENS,” had launched a new attack campaign. In its analysis of the operation, the security firm found that the threat actor had registered […]… Read More

The post Silent Librarian APT Targeting Universities with Spear Phishing Attacks appeared first on The State of Security.

JavaScript Used by Phishing Page to Steal Magento Credentials

Digital attackers created a Magento phishing page that used JavaScript to exfiltrate the login credentials of its victims. Sucuri came across a compromised website using the filename “wp-order.php” during an investigation. This phishing page hosted what appeared to be a legitimate Magento 1.x login portal at the time of discovery. In support of this ruse, […]… Read More

The post JavaScript Used by Phishing Page to Steal Magento Credentials appeared first on The State of Security.

Fake Windows Defender Antivirus Theme Used to Spread QBot

Digital attackers incorporated a fake Windows Defender Antivirus theme into a malicious document in order to distribute QBot malware. According to Bleeping Computer, the QBot gang began using a new template for their email attack campaigns’ malicious documents beginning on August 25, 2020. The template adopted the disguise of a Windows Defender Antivirus alert in […]… Read More

The post Fake Windows Defender Antivirus Theme Used to Spread QBot appeared first on The State of Security.

Android Locker Variant Uses Innovative Sequence to Load Ransom Note

A new variant of a sophisticated Android locker family used an innovative sequence to load its ransom note on infected devices. On October 8, Microsoft Defender Research Team revealed that it had spotted a new Android locker variant using novel techniques to display its ransom note to its victims. This threat specifically targeted two components […]… Read More

The post Android Locker Variant Uses Innovative Sequence to Load Ransom Note appeared first on The State of Security.

New ‘MontysThree’ Toolset Used in Targeted Industrial Espionage Attacks

Researchers uncovered a new toolset they’ve dubbed “MontysThree” that has played a role in targeted industrial espionage attacks stretching back to 2018. In the summer of 2020, Kaspersky Lab discovered that an unknown actor had been using a modular C++ toolset called “MT3” to conduct targeted industrial espionage campaigns for years. The security firm analyzed […]… Read More

The post New ‘MontysThree’ Toolset Used in Targeted Industrial Espionage Attacks appeared first on The State of Security.

New Valak Variant Makes “Most Wanted Malware” List for First Time

An updated variant of the Valak malware family earned a place on a security firm’s “most wanted malware” list for the first time. Check Point revealed that an updated version of Valak ranked as the ninth most prevalent malware in its Global Threat Index for September 2020. First detected back in 2019, Valak garnered the […]… Read More

The post New Valak Variant Makes “Most Wanted Malware” List for First Time appeared first on The State of Security.

New Attack Abused Windows Error Reporting Service to Evade Detection

Security researchers came across a new attack that abused the Windows Error Reporting (WER) service in order to evade detection. Malwarebytes observed that the attack began with a .ZIP file containing “Compensation manual.doc.” The security firm reasoned that those responsible for this attack had likely used spear-phishing emails to distribute the document, a file which […]… Read More

The post New Attack Abused Windows Error Reporting Service to Evade Detection appeared first on The State of Security.

Zerologon: Tripwire Industrial Visibility Threat Definition Update Released

Today, we released a Threat Definition Update bundle for our Tripwire Industrial Visibility solution to aid in the detection of Zerologon. Otherwise known as CVE-2020-1472, Zerologon made news in the summer of 2020 when it received a CVSSv3 score of 10—the most critical rating of severity. Zerologon is a vulnerability that affects the cryptographic authentication […]… Read More

The post Zerologon: Tripwire Industrial Visibility Threat Definition Update Released appeared first on The State of Security.

eCommerce Payment System – How to Choose the Best One for Your eCommerce Startup?

There are 3,4 million digital payment system users worldwide. This figure is almost equal to the number of social media users globally and the half of word’s population to date. It is a strong enough reason to believe that online payments dominate the ways we pay for goods and transfer money. What is more, online payments for e-commerce websites are the features your online store can’t do without. So, here are all the answers to your “how” and “why” questions.

What Is an E-Payment System and Its Types?

An electronic payment system is special software that works as an intermediary the payer and the recipient of funds. In most cases, online payment systems work as non-interested parties, that is, they are only responsible for the money transfer, but not for the honesty of the relationship between the seller and buyer.

Using online payments, none of the parties need physical mediums like cash or checks. All the necessary documents and reports are formed automatically and online to be printed by any of the parties anytime.

Here are the main types of electronic payments.

  • Automated clearing house (ACH)
  • Wire transfers.
  • Item processing (IP)
  • Remote deposit capture (RDC)
  • FedLine Access Solutions.
  • Automated Teller Machines.
  • Card Services (ATM, credit, debit, prepaid)
  • Mobile payments.

What Are the Benefits of Using E-Payment Systems

  • Electronic commerce was invented to make shopping more comfortable and convenient. E-commerce payment system contributes to this goal even more.
  • Cash flows are difficult to track. This is the opinion of governments, financial institutions, business owners and a lot of ordinary people too. However, it is always easy to find put how do you spend a certain sum just be checking your financial or accounting app.
  • Electronic payments are almost instant, as well as traditional money hand-to-hand transfers. However, there is a strong reason not to do it now.
  • While other businesses suffered from a pandemic or even were completely banned, financial technology felt better than ever. Yes, precisely because it has become the safest way to use money without physical health risks. According to the recent research by BIS, “Research in microbiology examines whether pathogenic agents, including viruses, bacteria, fungi, and parasites can survive on banknotes and coins. Some viruses, including human flu, can persist for hours or days on banknotes, The Covid-19 virus can also survive on surfaces.” However, electronic payments protect you, your staff, and your customers from infection risks.

What Is the Role of an Online Payment System in E-Commerce?

Online payment is the main way to pay for the goods purchased from branded websites. What is more, there is almost no sense in the concept of e-commerce itself is there is no possibility to pay for the goods online since electronic commerce involves 100% electronic interaction between a company and a customer.

Yes, there is still cash on delivery option, which by the way, may have some benefits, but most online transactions are launched and completed online with the help of an electronic payment system in e-commerce.

What Are the Payment Options You May Choose for Your Ecommerce Store?

Here are the payment options that may potentially suit your eCommerce project. Leading e-commerce brands are using all of them at once, and it greatly contributes to the development of good relations and trust.

However, not all the alternatives may be needed for your startup since each e-commerce idea is specific. Find out what do your potential customers expect before utilizing any of them.

Credit/debit  cards In practice, this approach realized as a system that allows entering a user’s card data, receiving a confirmation code from a banking app, and completing a deal on the website.
Bank Transfers This approach is used in B2B e-commerce since corporate clients often prefer to make bank transfers and be sure in clarity of reports.
EWallets E-wallets are also convenient options that allow users to pay without revealing their banking details.
Mobile payments Mobile payments are on the rise of popularity. ApplePay and GooglePay are the most used systems.
PayPal and other gateways PayPal is the most popular payment system worldwide, however, there are others, less popular but no less usefull solutions your customers may also prefer.
Cryptocurrencies Since a lot of countries are making efforts to legalize cryptos, they are one more way to pay for the goods or services purchased online.
Cash on Delivery Cash on delivery is still required by some customers, especially if there is no trust between a newly created company, or the company addressed for the first time, and the client.

What to Look for While Choosing the E-Payment System?

As you can see, the e-payment market has a lot of offers for your e-commerce store. Here are the main factors you should take into account making the final choice.

  • Preferences of your customers. There are a lot of alternatives to choose from, however, your best electronic payment system is the one that suits your customer most. If you know that your customers are corporate clients, it is better to give them the opportunity to make bank transfers. If they are young shoppers, they most probably prefer e-wallets, PayPal, and mobile payments.
  • This is one of the most important factors since the security of the payment on your websites is one of the things that contribute to your reputation. that is why it is better to choose such a payment system that has strong protection, support service as well as embedded e-commerce fraud detection features.
  • UX impact. The best electronic payment system is one more way to provide users with a great experience when completing a transaction with you. That is why the payment system should be fast-processing, reliable, and convenient.
  • Performance metrics. Find out whether it would be profitable for you to use this or that system from the point of view of commissions, fees, and reporting.

Surely, it should be more than one option for payments for an e-commerce website. That is why you should compare and analyze the most popular alternatives and integrate your  with the most reliable and demanded by your users’ ones.

What Is the Best Online Payment System?

Here is the infographic that shows the most popular online payment systems in the USA. but since the greatest number of online shoppers is USA based, it may seem that these are the most popular systems in the world too. However, keep in mind one important note. If you are going to create a multilingual e-commerce store and reach the target audience from different countries, some e-payment systems may not be supported there or may be poorly known among customers from a specific country.

Top 5 payment

How Do I Add a Payment System to My Website?

There are several ways to add a payment system to your website.

  • If you are just going to create an eCommerce store and want to do it with the help of WordPress, you may choose the themes with payment system integration in advance.
  • If you have a ready-made website designed by you, you may contact the support service of the payment gateway provider, and set up the system following their instructions.
  • If your e-commerce project was created by a development company, ask them to make some changes and add more payment systems to your platform.

Conclusion

As you can see, the meaning of e-commerce as such is lost if there is no possibility to pay for the goods or services online. That is why payment system integration is an important stage of eCommerce store development. The choice of the most suitable solutions should be based on the careful market and your target audience analysis. What is more, the most popular payment systems are not always the most suitable ones  – sometimes there is a need to come up with a system from scratch to satisfy the business needs. Make sure to get in touch with a reliable vendor and ask for help.

The post eCommerce Payment System – How to Choose the Best One for Your eCommerce Startup? appeared first on Hacker Combat.

Global Payment Stats Every Business Should Be Aware of

It is important for businesses to be aware of what is happening in the industry as they impact companies on a micro level. You cannot reach a wider market without knowing what is happening around you.

The best way to be aware is to pay attention to the facts and figures. In this article, we will highlight some payment stats to help you understand the market landscape.

We have concentrated on global stats to explain the global landscape. Since ecommerce is ‘beyond borders’, it is important for businesses to know what the international audience wants so they can continue to serve them well.

#1 Cash Is On the Decline

Many countries around the world have gone cashless.

Only 77 percent of all transactions involve cash today. The figure was 89 percent about five years ago and is expected to fall even more due to the current situation that has forced buyers to use alternative methods including no contact payment solutions.

According to this report, e-wallets will have a 28 percent market share by 2022. However, cash isn’t going away anytime soon. In fact, the value of the euro in circulation has increased in the last few years.

Some countries are taking steps to remove cash, while some are still heavily dependent on paper money.

Cash is the second most widely used form of payment in the US after debit cards. Considering New York, San Francisco, and Philadelphia recently passed laws banning merchants from not accepting cash payments, it’s safe to say that cash will continue to prevail in the US.

Still, businesses need to be proactive as users prefer merchants who offer a variety of payment options including digital coins.

#2 Electronic Payments Are Rising

The global use of debit and credit cards (combined) grew from 5 percent to 9 percent between 2012 and 2017.

In recent times, debit cards have declined in popularity but the demand for credit cards has only increased due to new entrants like Apple Pay entering the market.

Apple Pay was originally marketed as an e-payment solution but the company’s decision to issue physical cards changed the game.

Consumers have a lot of faith in credit cards as they are easy to use and come with some other benefits including rewards. However, their dominance is being challenged now thanks to electronic payment options.

The global digital payments market is growing at a rate of 12.8 percent and is expected to continue to grow at this rate for the next three years.

About 50 percent of all transactions in North America are conducted electronically making it a global leader. Europe isn’t far behind either. The use of electronic payments is very common in most European countries.

About 47 percent of all European card transactions involve NFC technology. Asian countries including China, India, and Pakistan are also making use of electronic payments.

The Chinese electronic payments market is among the fastest – it increased 10x between 2012 and 2017. The introduction of Alipay and WeChat payment options can be given credit for the huge growth in the Chinese market.

The scenario is similar in African countries as well, especially Nigeria, which is ahead in the technological race.

These figures show the importance of electronic payments. It can be hard for businesses to sustain if they do not offer e-payments. Look for a payment partner that offers third-party integrations so that you do not have to use multiple providers.

 #3 Mobile Payments For the Future

Before moving ahead, let’s be clear that there’s a difference between mobile payments and electronic payments.

Mobile payments involve the use of mobile apps, whereas electronic payments can be made via credit and debit cards without using digital wallets or apps.

The use of mobile devices is on the rise and mobile commerce accounts for about 48 percent of digital sales.

Since many people carry smartphones, they find it easier to use mobile devices to make payments.

The use of mobile devices for making payments at the point of sale is expected to increase to 28 percent by 2022.

This option is more popular among the newer generations (Gen-Z and millennials). About 28 percent of millennials have used a digital wallet at the point of sale, about 8 percent higher than the general population.

Younger people use digital wallets about five times a month, according to Billtrust. Due to an aging population, the gap is expected to increase in the future as the newer generation is used to mobile devices.

The scenario, however, is not the same all around the world as mobile payments are still not very popular in developing countries.

Only 37 percent of global merchants support mobile payments at the point of sale. On the positive side, about 31.4 percent intend to introduce this feature soon.

Businesses must provide consumers the facilities they need to prevent them from going to competitors.

Conclusion

These stats highlight the diversity in the global payments landscape. Retailers must take steps to know what their customers need so they can bring changes to the payment ecosystem.

A lack of payment options is one of the major reasons why the average cart abandonment rate is as high as 69.56 percent.

Remember that today’s customers are spoiled for choice. They will not think twice before moving to another seller if you do not have the payment option that they prefer.

Look for a payment partner who understands your requirements and can offer the services that you need.

Bio:

Lou Honick is the CEO of Host Merchant Services. Prior to founding Host Merchant Services in 2010, Lou was the founder of HostMySite.com and received numerous awards including SBA Young Entrepreneur of the Year, Inc Magazine 30 under 30, and multiple listings on the Inc 500. As a serial entrepreneur, all of his companies have operated on a singular devotion to outstanding customer service and support. Lou is a respected expert on the topics of customer service, payments and fintech, Internet technology, and entrepreneurship.

The post Global Payment Stats Every Business Should Be Aware of appeared first on Hacker Combat.

How To Set Your Phone for Better Privacy and Security?

The default factory settings on your phone are a double-edged sword. On one hand, they’re the best way to see what the creator recommends for you, and it makes it easy to get started. But sometimes, these features can have problems.

They can be reducing your battery life, or share things you don’t want them to. So no matter what phone you use, you should change a few options around if you want to have the most security. And this guide will help you to find those.

These settings alone will not protect you from persistent hackers or from complex phishing scams but they will be a great place to start you basic security review. Unfortunately cyber crime statistics are showing increasing threats year on year targeting individuals and business users.

Commercial spy apps are also on the rise and they make it very easy for unskilled hackers to target people if they can access your cell phone. Fortunately these spy apps do leave traces and you can find out if you have been hacked – if you know what to look for.

So let’s look at a few settings you should check when you first start that new phone.

For Any Device

We’ll get to the specifics in a minute, but first we should look at things that all devices have that you should turn on.

Lock Your Screen

Screen locking is the best way to protect your phone from nosy peers or people who may be able to access it if you lose your device. It may be a bit annoying to type those digits every time you use your phone, but if someone tries accessing, you’ll be glad you secured it.

While different devices have different locks, this guide will cover the PIN, which is the most secure and easy to recall.

Locking an Android

Go to Settings, Security, and then Screen Lock. This will allow you to choose your own PIN.

Locking an iOS

Just go to Settings and then Passcode.

Lock a Windows Phone

If you have a Windows phone, go to Settings and then Lock Screen. This will allow you to choose a password option.

Stopping Ad Tracking

We all know how intrusive online ads can be. They track and target you, especially via social media. While it’s par for the course in the world of the Internet, there are ways to make sure that less info is gathered to use against you.

Stop Ads With Windows Phone

Go to Settings and click on Advertising ID. After that, all you need to do is turn it off. Meanwhile, on iOS, you can go to Settings, Privacy, and then Advertising to reduce the amount of tracking you have. Just make sure to enable Limited Tracking afterwards.

For your Android, you need an app called Google Settings. This app can also be used to turn off services that may drain your battery, but it can be used to turn off your ad preference. Go to Ads and then Opt Out of Interest Based Ads. This will shut off a lot of data that Google collects about you.

Turning On Find Your Phone

Back in the day, if you lost your phone, you were out of luck, or you had to download a separate app. However, this is all changed. The smartphones today have their own methods to find your phone if you lost it. However, you have to turn them on, or you may have few options in finding your phone.

For iOS

Go to Settings, iCloud, and then Find My iPad/iPod/iPhone. And that’s that. To see where your device is, just install the Find My iPhone app on another device, or go to the web version that’s viewable with any desktop.

For Windows Phone

Go to Settings and then Find My Phone. You can then turn it on, and use a website to look at your phone’s location, as well as a few other features.

For Android

Go to Google Settings and head to Android Device Manager. The top box will allow you to find your phone, and the bottom is something you should enable as a last effort if you can’t find your device. You can either download an app or use a site to see where your phone is.

Do Not Allow Browsers to Save Your Password

Many browsers allow you to remember a password, which allows you to conveniently log in without having to input a password. However, if you have this on, anyone who finds your phone can use this to their advantage and see what site’s you’re visiting. So when it asks to remember your password, it would be wise to say no.

If you have already saved passwords, don’t worry. You can turn them off.

Turning Off iOS Passwords

Simply go to Settings, Safari, and then click on Passwords & AutoFill. Look at your saved passwords and remove them if you can, as well as other things that may intrude on your privacy.

Turning Off Windows Phone Passwords

Go to Settings, Applications, and then Internet Explorer. Afterwards, go to Advanced Settings. Select Don’t Remember under Website Passwords. Go to IE’s settings and choose Delete History if you have passwords that are already saved.

Turning Off Android Passwords

Open up Chrome and select the menu bar on the top right, which should have three dots. Click on Settings and then Save Passwords. You can turn off passwords it’s saved, as well as turning off the feature altogether.

So what if you want the convenience of stored passwords without having to risk security? Try checking out the app LastPass, which you can get for twelve bucks a year. This encrypts your passwords behind a master one instead of all being stored on your phone.

Always Back Up

Backing up your phone is a great idea, and each phone has their own little way of doing a backup. However, they will not back up everything on your phone, so it’s just one piece of the puzzle when it comes to backing up properly.

Backing Up Android

Go to Settings and Backup &Reset. Go through the boxes and check them, and when you turn on your new phone, you’ll have all your app data and Wi-Fi passwords.

Backing Up iOS

Go to Settings and then iCloud. You can select what data it backs up. It’s a good idea to choose as much as possible unless you are out of space. Regardless, make sure the option is enabled.

Backing Up Windows

Go to Settings and Backup, and then make sure that you select it. You can click on it for more options as to what you can backup as well.

Individual Privacy Settings

iOS

Many apps you download will ask you for permissions, such as accessing your photos. Sometimes, you need this on if you want the app to work properly, but many apps, such as Facebook Messenger, you might need to be wary of. So go to Settings and then Privacy to view what apps you granted permission to. If it needs to have permission to work, turn it on. If not, maybe you’re best to turn it off.

If you want to adjust your location sharing, go to Settings, Privacy, Location Services, and then scroll down to System Services. You turn off location-based ads and sharing if you don’t feel like it’s necessary. However, your location for such things as changing time zones and finding your devices is ideal.

Android

Android is more prone to viruses, so you need to make sure to be educated and try to take preventative measures if you want your phone to be safe. You should first disallow your phone to install apps that aren’t from Google Play. While there are good apps from other sources, you should keep it off until you’re ready to install those apps.

Go to Settings, Security, and Unknown Sources. Uncheck the box and then make sure that Verify Apps is enabled. This will look at apps that are installed and see if there are any legitimate concerns.

In the Security menu is also the Device Administration. These contain apps that require a great amount of permission to use. Look and see if any of those apps you use or if they’re enabled. Research to see if the app is good.

If you don’t know too much about permissions, you should. They work differently than iOS, so be sure to look up on them.

Windows Phone

Windows Phone surprisingly doesn’t have many settings that need to be tweaked, but you should look at the Kid’s Corner. The Kid’s Corner will allow you to put apps on your kids to use and nothing else. To do this, go to Settings and then Kid’s Corner. Enable a PIN so that your kids will not be able to see everything on your phone.

And with that, your device should be secured and good to go. While it’s no fun tweaking all these settings, it will pay off. While default settings can be good, sometimes the manufacturer will consider convenience over your own personal privacy. So feel free to tweak the settings to your preferred privacy level.

The post How To Set Your Phone for Better Privacy and Security? appeared first on Hacker Combat.