TechCrunch: Gearbest security lapse exposed millions of shopping orders. “Gearbest, a Chinese online shopping giant, has exposed millions of user profiles and shopping orders, security researchers have found. Security researcher Noam Rotem found an Elasticsearch server leaking millions of records each week, including customer data, orders and payment records. The server wasn’t protected with a password, allowing anyone to search the data.”
ecommerce
ZDNet: WordPress shopping sites under attack
ZDNet: WordPress shopping sites under attack. “WordPress-based shopping sites are under attack from a hacker group abusing a vulnerability in a shopping cart plugin to plant backdoors and take over vulnerable sites. Attacks are currently ongoing, according to Defiant, the company behind Wordfence, a firewall plugin for WordPress sites.”
Popular Mechanics: Left to Their Own Devices, Pricing Algorithms Resort to Collusion
Popular Mechanics: Left to Their Own Devices, Pricing Algorithms Resort to Collusion. “When you’re browsing online, who sets the prices? An algorithm, most likely. A study from 2015 showed that a third of all items on Amazon had prices set by an algorithm, and chances are that percentage has only risen. A new study shows how easy it would be for price-setting algorithms to learn to collude with each other and keep prices at a disadvantage for customers.”
ZDNet: Amazon Live launches with live-streamed shopping videos
ZDNet: Amazon Live launches with live-streamed shopping videos. “Amazon this week launched Amazon Live, a platform that lets merchants live-stream videos showing off their products. As first noted by TechCrunch, the new platform also features shopping videos hosted by Amazon talent.”
Nikkei Asian Review: India’s housewife-entrepreneurs turn a profit from social media
Nikkei Asian Review: India’s housewife-entrepreneurs turn a profit from social media. “Shravanti Chanda, a 31-year-old Hyderabad woman who quit her information technology job after she married, is one of many housewives across India earning money at the intersection of e-commerce and social networks. Shravanti discovered Indian social commerce site Meesho a few months ago and now makes $150 a month reselling goods for a markup that she decides.”
Bloomberg Quint: Google Foes Get Chance to Pick Holes in $2.7 Billion EU Appeal
Bloomberg Quint: Google Foes Get Chance to Pick Holes in $2.7 Billion EU Appeal. “Some of Google’s oldest foes have been given the chance to take a swipe at the U.S. giant’s appeal of a $2.7 billion European Union antitrust fine for choking competition for shopping-search services. The EU’s General Court said European consumer group BEUC, German magazine publishers and Foundem — the first company to complain to the EU about how Google treats shopping rivals — can all intervene in the case because they have a direct interest in the result. The decisions dated Dec. 17 were published online.”
CBR: New Formjacking Technique Used to Skim Payment Details Off Websites
CBR: New Formjacking Technique Used to Skim Payment Details Off Websites. “Researchers at cybersecurity company Symantec have identified a new formjacking campaign targeting a French ecommerce site that is prominently featured in global shopping aggregator listings. Over 30 online retail websites from all over the world were redirecting traffic to the compromised site. Formjacking is a term used to describe the injection of JavaScript code into the payment section of a website. This code then skims the payment details of unaware customers sending it onto to threat actors to abuse.”
