All news with #pci tag

Russian Phishing Campaign Creates 4,300 Fake Travel Sites

💳 A Russian-speaking threat actor has registered more than 4,300 domains since early 2025 to host convincing fake travel and hotel booking pages that harvest payment card data. According to Netcraft researcher Andrew Brandt, the campaign—active since February—uses a customizable phishing kit that serves branded pages for platforms like Booking, Expedia, and Airbnb and supports 43 languages. The kit requires a unique AD_CODE in the URL to render targeted branding (otherwise visitors see a blank page), employs fake Cloudflare-style CAPTCHA, and persists state in a cookie so subsequent pages maintain consistent impersonation. Victims are prompted to pay a deposit; entered card numbers, expiry and CVV are processed in the background while a bogus support chat guides users through a sham 3D Secure step to complete the theft.

Global Payments: Resilient Scale Architecture with Cloud SQL

☁️ Global Payments partnered with Google Cloud to design a multi-region, highly available database architecture using Cloud SQL Enterprise Plus. The deployment spans three regions with zonal replication, read replicas, cascading replication, and Cloud SQL Auth Proxy integration to support low-latency reads and rapid failover. This configuration yields near-zero planned downtime, sub-minute RTO and zero RPO for Tier 1 workloads, while meeting PCI DSS, GDPR, and NIST requirements.

AWS Payment Cryptography Now Available in Three Regions

🔐 AWS Payment Cryptography is now available in Canada (Montreal), Africa (Cape Town) and Europe (London). The fully managed service centralizes payment-specific cryptographic operations and key management for cloud-hosted payment applications and scales elastically to meet changing workloads. It is assessed as compliant with PCI PIN and PCI P2PE, reducing the need for dedicated payment HSMs. Customers can position cryptographic operations closer to latency-sensitive applications and pursue multi-Region high availability.

Prison kiosk hack and new PCI DSS limits on Magecart

🔐 In episode 440 Graham Cluley and guest Scott Helme examine an unusual insider exploitation where Romanian prison self‑service web kiosks let inmates access and alter records. They also explore the growing threat of third‑party JavaScript on checkout pages and how the updated PCI DSS aims to curb Magecart‑style skimmers. Plus, the hosts cover automation with Keyboard Maestro and video creation using Screen Studio.

Fortinet Adds AI Assistant and Client-Side WAAP Protection

🤖 Fortinet has integrated its virtual AI assistant, FortiAI-Assist, into its web application security offerings, including appliance and virtual FortiWeb and the FortiAppSec Cloud WAAP service. The update also adds integrated client-side protection to monitor payment-page scripts for PCI DSS 4.0 compliance. These features aim to simplify operations, speed threat triage and remediation, and reduce false positives and analyst workload. FortiAppSec Cloud is available through major public cloud marketplaces.

Mobile Phishers Target Brokerage Accounts in Ramp-and-Dump

📈 Cybercriminals selling advanced mobile phishing kits have shifted from converting stolen cards into mobile wallets to hijacking brokerage accounts for a coordinated ramp and dump scheme that inflates and then collapses foreign and penny stock prices. Vendors such as Outsider (aka Chenlun) offer templates that spoof brokers via iMessage and RCS to harvest logins and SMS one-time codes. Operators use banks of phones and human handlers to preposition, trade, and liquidate positions, leaving victims with worthless shares while brokers and regulators contend with the fallout.

Spring 2025 PCI 3DS Compliance Package Available Now

🔒 AWS has renewed its PCI 3DS certification for Spring 2025 and expanded scope to include three additional services—Amazon Verified Permissions, AWS B2B Data Interchange, and AWS Resource Explorer—and three Regions: Asia Pacific (Thailand), Asia Pacific (Malaysia), and Mexico (Central). The compliance package includes an Attestation of Compliance (AOC) and an AWS Responsibility Summary to clarify shared responsibilities for handling payment card data. Coalfire served as the third-party Qualified Security Assessor (QSA) for the renewal. Customers can retrieve the detailed reports via the AWS Artifact self-service portal to support their audits.