Randy Paszek, Author at Security Boulevard
Summer of Magecart

Summer of Magecart

| | Blog, Resources
As Summer ‘21 comes to an end, let’s take a look at some victims of these Magecart or Magecart-style attacks and learn how to prepare for the holiday shopping season that is rapidly approaching. According to research group Gemini Advisory, at least 10 client-side attacks took place in just June, ... Read More

How Credit Unions Can Stop Advanced Magecart Attacks. Period.

| | Blog, Resources
The ups and downs of the last year and a half have wreaked havoc on societal norms. It’s changed how we work out, socialize with our friends and family, celebrate life’s events, and conduct business. The tension between safety vs. normalcy is one we all navigate every day.  As a ... Read More
Ally Bank Leaked Unencrypted Passwords to 3rd Parties.. Evades Questions

When You Need An Ally, Choose Source Defense

| | Blog, Resources
What could happen if I don’t cover my hands properly when I type in my debit card PIN code? Under normal circumstances, not much. The odds of someone knowing your PIN and your bank card details from peeking over your shoulder are low. However, strategies are used every day to ... Read More

Working Well Together – Bots and Magecart

| | Blog, Resources
The security world is always looking for ways for innovative solutions to solve existing problems. Using artificial intelligence, machine learning, or prevention-first strategies are great ways to improve on solutions  that have existed for decades. Once just trendy jargon, artificial intelligence and machine learning enable  automation beyond what was previously ... Read More

Human Resources, Part 2

| | Blog
In part 1 of our human resources blog, we looked at how using the right solution, one with a prevention focus can save a business and its employees time and money. In part 2, we will look more in depth at how analysis-free solutions impact day-to-day lives of security personnel ... Read More
Risky Business: Open Season on Traveler Data

Risky Business: Open Season on Traveler Data

| | Blog
After a year of lockdowns, quarantines, and social distancing companies and consumers alike have embraced online business like never before. According to Digital Commerce 360, US eCommerce saw a 44% growth in 2020 (US Ecommerce Report) and a current Longwoods International report shows that 87% of American travelers have travel ... Read More

Human Resources, Part 1

| | Blog
Resources. Some are infinite, most are finite, and all need to be used efficiently. We are told almost daily how to live a green lifestyle and specifically the need to use our resources more efficiently to better the planet, ourselves, and our neighbors. We are told to recycle, carpool, buy ... Read More
Credential Harvesting Yields No Results with Source Defense

Credential Harvesting Yields No Results with Source Defense

| | Blog
The latest news that First Horizon Bank was the victim of a credential stuffing attack proves just how valuable credential harvesting can be. Over $1 million was stolen from just under 200 accounts at the Memphis, TN based financial services company.  Credential harvesting starts with a compromised source of JavaScript ... Read More
Discover - That's My Turtle

Don’t Skim This: A Brief Introduction to Website Skimming

| | Blog
What is “Skimming”? The term “skimming”, in relation to finances, started with reporting lower invoice totals than what was actually collected. This allowed a white-collar criminal to “skim” money “off the top” of that invoice by taking the difference between what was collected and what was invoiced. In the paper ... Read More

Fixing the Leak: How to prevent JavaScript Eavesdropping

| | Blog
We’re not in the information age anymore. We’re in the information management age. – Chris Hardwick How true that statement is. No longer are we in awe about the vast amount of information available at our fingertips or in our pockets. The Internet, smartphones, and a generation raised with both ... Read More

Techstrong Group