Client-Side News
Hi! Welcome to Jscrambler’s monthly newsletter, your go-to source for comprehensive coverage of client-side security news from the team that pioneered client-side protection and compliance. ??????
1. Home Depot confirms third-party data breach exposed employee info
Home Depot confirms a data breach involving a SaaS vendor's error, exposing limited employee data. Around 10,000 employees' information was leaked on a hacking forum. Employees are advised to be cautious of emails requesting corporate credentials and to report suspicious activity. The threat actor, IntelBroker, has a history of significant breaches.
Read the full article at Bleeping Computer ???
2. Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker
In a concerning trend, attackers are exploiting website software to inject malware, including credit card skimmers. These skimmers are being concealed within seemingly innocuous elements like fake Facebook Pixel tracker scripts.
These attacks exploit the custom script editors found in platforms like Magento and WordPress plugins, allowing malicious JavaScript to be inserted undetected. This tactic highlights the importance of vigilant website security measures to protect against such threats.
Read the full article at Sucuri Blog ???
3. Roku hit with second major breach of 2024, this time affecting 576,000 users
Roku reports a second cyberattack since March, impacting 576,000 users. Attackers utilized credential stuffing, accessing streaming services, and partial credit card numbers of about 400 users for unauthorized purchases. However, sensitive data like full credit card numbers were not compromised. Roku reset passwords for affected accounts, refunded unauthorized purchases, and implemented two-factor authentication for all 80 million active accounts to enhance security against future breaches. Users are encouraged to check for potential compromises and bolster login security measures.
Read the full article at The Verge ???
Jscrambler's News
1. Just Released: PCI DSS Payment Page Analysis ??
Your free, customized Payment Page Analysis report to prepare for PCI DSS v4 payment page requirements 6.4.3 and 11.6.1. ???
What can you expect from your report?
?? Visibility on how many vendors are on the payment page and who they are
?? Understand which vendors or third-party scripts are accessing sensitive payment page data
???♂? Identify which vendors are extracting your customers' data to outside domains
领英推荐
???? Access to our expert client-side protection team
Try it now here ?
2. Hidden dangers? Tax software companies must take measures to protect against the leaking of customer data
?? While tax preparation software has become an indispensable tool for convenience and efficiency, this convenience has also come with inherent risks, particularly concerning safeguarding Personally Identifiable Information (PII). ??
? Common tax preparation software risks:
1. Online Software Purchase Risks & Credit Card Skimming
2. PCI DSS Non-Compliance
3. Personal Information Data Leakage
4. Seasonal Account Creation Traffic Spikes
Read the full article on Jscrambler's Blog ??
3. Say Hello PCI DSS v4
In this week's blog post, we cover the essentials:
?? The requirements in PCI DSS v4
?? The business impact of V4
?? Jscrambler’s Solution to Help Achieve PCI DSS v4.0 Compliance
Read the full insights on Jscrambler's Blog ??
?? Don't miss Jscrambler's team at RSA Conference USA at booth #4404 ??