Following the new about a piece of research from Sucuri, which revealed that hackers are hiding stolen payment card data inside website product images, Mark James, security specialist at ESET commented below.
Mark James, Security Specialist at ESET:
“Attacks that are capable of returning an immediate gain like credit cards or financial information are always on the rise. The ability to see the fruits of your labours encourage new and better ways to hack those sites that hold this valuable information.
Once stolen its fairly easy to identify credit card numbers in plain text files, they are fairly unique in their structure, and the bad guys are looking for ways to move this data without it being picked up by the average software scanning for those items. If you embed the information inside an image file you have a fairly standard container that is seen in so many aspects of our digital world. Nobody takes any notice of an image file especially if it actually displays the image with no problems, this enables attackers to send those details to almost anywhere unhindered.
Keeping your website safe against these types of hacks could be as simple as making sure your website is running the very latest version of its software. Keeping our systems up to date is very important in all aspects of our digital footprint, not just operating systems, but the applications that are running on them. With so many avenues available for attack it is imperative we monitor, maintain and update all the software we possibly can. If you are unable to update due to manufacturers restraints then you should consider using an alternative program that does include regular updates.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…