MyPillow, AmeriSleep websites were hit with hacks stealing credit card data March 20, 2019 MyPillow and Amerisleep, are popular pillow and mattress companies, boasting millions of dollars in sales on their websites. What was not on their websites was breach disclosures for skimmers that security researchers at RiskIQ discovered, going back to April 2017. Details
Most Android Antivirus Apps Are Garbage March 25, 2019 “Android apps like these are notorious for simply pushing more content on phones, but even more so they are simply used to gather data from the phone,” says Yonathan Klijnsma, head threat researcher at security intelligence firm RiskIQ. “This ranges from basic information like the model of the phones, towards live GPS polling, phone numbers, and any other personally identifiable information up for grabs.” Details
Cyber Security Today: Fake name scams, money for finding bugs and police hit by ransomware March 22, 2019 At the beginning of the week I told you about hackers compromising seven e-commerce web sites to skim off credit card information. Well, security vendor RiskIQ said Thursday it has discovered websites of two more online companies that have been hit: Bedding retailers MyPillow.com and Amerisleep. Details
Magecart payment card skimmer gang returns stronger than ever March 22, 2019 Researchers from security firm RiskIQ have recently analyzed two attacks attributed to Magecart that were discovered in the company’s historical dataset obtained from crawled websites. Both of those attacks highlight how these attackers are adapting to defenses change their tactics accordingly. Details
Magecart group breaks into MyPillow and Amerisleep websites, potentially stealing credit card information March 21, 2019 The Magecart group — known for its notorious credit card skimming attacks, makes headlines again. This time, it has found targeting websites of mattress companies MyPillow & Amerisleep. The security incident was uncovered and detailed by Yonathan Klijnsma of RiskIQ. With its continuously evolving tactics, the group has slowly been rising to dominate the cyberspace in 2019. Details
MyPillow and Amerisleep are the latest victims of Magecart gangs March 20, 2019 Security experts at riskIQ revealed today that another two organizations were victims of Magecart crime gang, the bedding retailers MyPillow and Amerisleep. Details
New MageCart Attacks Target Bedding Retailers My Pillow and Amerisleep March 20, 2019 In a new report RiskIQ shared with The Hacker News before its publication, researchers revealed two new Magecart-related breaches that compromised online bedding retailers MyPillow and Amerisleep and stole payment information of their customers. Details
Payment Card Thieves Slip into MyPillow and AmeriSleep Bedding Sites March 20, 2019 The first attack detected by RiskIQ took place in October 2018 when attackers registered a domain mypiltow.com and then injected scripts from the domain into Mypillow.com as shown below. Details
Beware of rogue adware SimBad March 20, 2019 According to RiskIQ’s PassiveTotal, the domain expired seven months ago. As a result, a compromised, parked domain that was initially used legitimately could now be participating in malicious activities. Details
What is malvertising? And how to protect against it March 20, 2019 The beginning of 2019 brought an increasing number of drive-by malicious ads that don’t require a user’s click, says Phil Cowger, researcher at cybersecurity company RiskIQ. Details
