Traditionally, payment credentials stolen from brick-and-mortar stores were able to command a higher price on the Dark Web than card-not-present data (also known as CNP). However, it seems like the market dynamics have recently shifted, as this information is now being used to target online retailers.

Consequently, the demand for these credentials is far outpacing supply, driving up the price. The economics can be explained by the recent US migration towards chip-based payment cards, which offer a superior level of fraud protection for in-store purchases.

Such news has broad implications for both consumers and companies operating in today’s digital ecosystem. Security has to be a constant priority, since payment trends will give way to new threats, and tomorrow’s vulnerabilities will not be the same as those existing today. In order to keep a continuous pulse on your employee and customer data, consider partnering up with an MSP that implements proactive Dark Web monitoring (like ours).

https://krebsonsecurity.com/2019/04/data-e-retail-hacks-more-lucrative-than-ever/

Read More

What Happened?

WinRAR, a Windows data compression tool that focuses on the RAR and ZIP data compression formats for all Windows users (win-rar.com), recently announced that it had patched a 19-year-old security vulnerability that allowed cyber attackers to install malicious files on users’ hard drives. The problem many users will face is that the software does not auto-update so they will need to go through the manual update process to ensure their computer is no longer exposed to the security vulnerability.

What Should I Do?

Databranch recommends users uninstall WinRAR from their systems. WinRAR is a program that used to be needed to create zip folders and unzip folders but now this function is built into the Windows Operating System.

How Do I Uninstall WinRAR?

1. Find the Control Panel in your Windows Explorer.
2. Click on Programs & Features
3. Select WinRAR and Press Uninstall Program

How Do I Find Out About Vulnerabilities Like This Sooner and Protect My Business From Being Affected By Cybercrime?

Databranch offers managed service plans to proactively monitor, detect, and remediate identified security vulnerabilities like this. We were able to remove this program from our managed client’s machines as soon as it became a known issue and our clients were able to continue working without interruption.

To learn more about becoming a Databranch Managed Services client, call 716-373-4467, email info@databranch.com, or fill out the form below to get started!

Source: https://www.theverge.com/2019/2/21/18234448/winrar-winace-19-year-old-vulnerability-patched-version-5-70-beta-1

Read More