- Forever 21 Confirms Security Breach Exposed Customer Credit Card Details
Popular clothing retailer Forever 21 had a data breach in November 2017, now the company confirmed that hackers stole credit card information from its stores throughout the country for several months during 2017. Although the company did not yet specify the total number of its customers affected by the breach, it did confirm that malware was installed on some point of sale (POS) systems in stores across the U.S. at varying times between April 3, 2017, and November 18, 2017. According to the ongoing investigation by the company, the malware was designed to search for and likely steal sensitive customer credit card data, including credit card numbers, expiration dates, verification codes and, in some cases, cardholder names. The company said that the payment processing systems outside of the United States work differently, it should not be impacted by the security breach, but the retailer said it’s still investigating whether non-US stores were affected or not.
Cyber Security Tips: Customers are strongly recommended that keep an eye on their credit transactions for any suspicious activity, and immediately notify their banks that issued the card if found any and reset their banking password.
- Critical “Same Origin Policy” Bypass Flaw Found in Samsung Android Browser
A critical vulnerability has been discovered in the browser app comes pre-installed on hundreds of millions of Samsung Android devices that could allow an attacker to steal data from browser tabs if the user visits an attacker-controlled site. The bug resides in the popular Samsung Internet Browser version 5.4.02.3 and earlier. The SOP bypass vulnerability in the Samsung Internet Browser, discovered by Dhiraj Mishra, could allow a malicious website to steal data, such as passwords or cookies, from the sites opened by the victim in different tabs. Attackers can even snag a copy of your session cookie or hijack your session and read and write webmail on your behalf.
Cyber Security Tips: Users are strongly recommended that update your internet browser with the latest version and reset your password for all accounts.