A new MageCart attack made the headlines, this time hackers planted a software skimmer in the Procter & Gamble’s site First Aid Beauty website. According to Willem de Groot, a researcher at Sanguine Security, threat actors planted a MageCart software skimmer on Procter & Gamble’s site First Aid Beauty on May 5, and the malicious […]
A new ransomware attack made the headlines, this time the victim is the City of Johannesburg municipality. A ransomware attack infected systems at the City of Johannesburg municipality shutting down the website, the e-services platform, and the billing system (SAP ISU and CRM). “The City of Johannesburg reported a breach of its network on Thursday night […]
Experts have uncovered an ongoing phishing campaign targeting the United Nations and NGOs, including UNICEF and UN World Food. Security firm Lookout uncovered an ongoing spear-phishing campaign aimed at NGOs, including human rights organizations such as the Red Cross, UNICEF, the UN World Food and the UN Development programs. The analysis of the server infrastructure […]
Google has patched three serious flaws in Chrome that can be exploited to escape the sandbox of the popular web browser. Google has addressed three serious vulnerabilities affecting its Chrome browser that can be exploited to escape the built-in sandbox. The tech giant released Chrome 77 update in September that addressed two use-after-free vulnerabilities that […]
Experts at Fortinet analyzed NukeSped malware samples that share multiple similarities with malware associated with North Korea-linked APTs. Fortinet has analyzed the NukeSped RAT that is believed to be a malware in the arsenal of the Lazarus North-Korea linked APT group. The attribution to the Lazarus group is based on the similarities with other malware […]
The US FBI issued a warning for the US private sector about e-skimming attacks carried out by the Magecart cybercrime groups. The Federal Bureau of Investigation (FBI) has released an alert on e-skimming attacks. E-skimming took place when hackers compromise an e-commerce site and plant a malicious code designed to siphon payment card data or personally […]
A Texas man found guilty of hacking the Los Angeles Superior Court (LASC) computer system and used it to send out phishing emails. A Texas man, Oriyomi Sadiq Aloba (33), was found guilty of hacking the Los Angeles Superior Court (LASC) computer system and abusing it to send out roughly 2 million phishing messages. The […]
The Japanese hotel chain HIS Group admitted that its in-room robots were vulnerable and could allow hackers to remotely view video footage from the devices. The personnel at the Henn na Hotel managed by the Japanese hotel chain HIS Group is composed of robots that provide hospitality services to the guests. The HIS Group hotel […]
Boffins disclosed a web attack technique (CPDoS attack) that can poison content delivery networks (CDNs) into caching and then serving error pages. Two researchers from the Technical University of Cologne (TH Koln) have devised a new web attack that can be used by threat actors to poison content delivery networks (CDNs) into caching and then […]
Security experts linked the Magecart group 5 to the infamous Dridex banking Trojan and the Carbanak cybercrime group. Researchers at Malwarebytes found a link between a scheme associated with the Magecart group and Dridex phishing campaigns and the activities of the Carbanak group. The Magecart group tracked as Magecart Group 5, one of the most […]