Magecart Attacks Website Collecting Australian Fire Donations

The attack may have compromised donors’ payment information. A website gathering donations for the victims of the wildfires in Australia has been hit by a credential-skimming attack, placing the payment information of donors at risk. The attack, identified as the work of Magecart, injected the ATMZOW skimmer into the charity’s website code, grabbed payment information, and forwarded it to a third-party destination with an obfuscated web address. Source: Dark Reading…

January 14, 2020
Read More >>

Inside the murky world of bots

A word that has become synonymous with suspicious, illegal or unscrupulous online activity, it is hard to avoid bots being mentioned in one capacity or another in 2020. Now accounting for 50% of online traffic, bots and the legality of bots remains a misunderstood subject. Defined in layman’s terms as an automated tool that mimics human behaviour in order to generate a large amount of traffic, bots can be used…

January 13, 2020
Read More >>

Credit Card Skimming Attack Targets Australia Bushfire Donors

Attackers have compromised a website collecting donations for the victims of the Australia bushfires and injected a malicious script that steals the payment information of the donors. This type of attack is called Magecart and involves hackers compromising a web site and injecting malicious JavaScript into eCommerce or checkout pages. These scripts will then steal any credit cards or payment information that is submitted and send it off to a remote site under the…

January 13, 2020
Read More >>

New York Airport Systems attacked by Sodinokibi Ransomware

Albany International Airport’s staff announced that the New York airport’s administrative servers were hit by Sodinokibi Ransomware following a cyberattack that took place over Christmas. Airport operations were not impacted by the ransomware attack and customers’ financial or personal information was not accessed by the attackers according to a statement from airport officials per WNYT-TV. No airline or TSA servers were affected in the incident, with airport officials saying that the…

January 13, 2020
Read More >>

‘Dustman’ disk wiper attacks Bahraini oil company

Bapco, the national oil company of the Persian Gulf island nation of Bahrain, was reportedly targeted in a Dec. 29 disk wiper attack that officials believe originated from Iran-backed hackers. Iran is historically associated with past disk wiper campaigns against energy companies, most notably the destructive Shamoon or Disttrack malware attack against the Saudi Arabian Oil Company Saudi Aramco in 2012, which destroyed roughly 35,000 computer workstations. Source: SC Magazine Source: http://www.itsecurityguru.org

January 13, 2020
Read More >>

Ring Employees Caught Spying on Customers

Ring said that four employees were fired because for inappropriate access to customers’ connected video feeds. Smart doorbell company Ring said that it has fired four employees over the past four years for inappropriately accessing customer video footage. The disclosure comes in a recent letter to senators (in response to a November inquiry into the company’s data policies) from Amazon-owned Ring as it attempts to defend the privacy of its…

January 13, 2020
Read More >>

School in Texas Lost $2.3 Million in a Phishing Scam

Given that it’s the beginning of a new year, it’s important to remember to be careful what you click on. A school district in Texas learned this the hard way when it lost approximately $2.3 million due to a phishing email scam. The Manor Independent School District, which is located about 20 minutes away from the state capital, Austin, reported that it had been hit with a phishing scam on Friday. According…

January 13, 2020
Read More >>

US Government-Funded Phones found with Chinese Malware Preinstalled

Researchers found unremovable malware preinstalled in the Unimax U686CL, a budget Android device sold by Assurance Wireless. Budget Android smartphones offered through a US government initiative for low-income Americans come with preinstalled, unremovable Chinese malware, researchers report. These low-cost smartphones are sold by Assurance Wireless, a federal Lifeline Assistance program under Virgin Mobile. Lifeline, supported by the federal Universal Service Fund, is a government program launched in 1985 to provide…

January 10, 2020
Read More >>

European Skin Care Sites attacked by Card-Stealing Scripts

Multiple European websites for the Perricone MD anti-aging skin-care brand have been compromised with scripts that steal customer payment card info when making a purchase. Two MageCart groups were competing for the credit card data on Perricone MD websites in the U.K., Italy, and Germany, but current evidence shows that only one exfiltrated the details successfully. Source: Bleeping Computer Source: http://www.itsecurityguru.org

January 10, 2020
Read More >>

Exploited zero-day flaw patched by Mozilla

The Mozilla Foundation yesterday issued a security update for Firefox and Firefox Extended Support Release, which were found to contain an actively exploited, critical vulnerability in the IonMonkey JIT compiler. “Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion,” reads an official advisory posted by Mozilla, citing the two elements as StoreElementHole and FallibleStoreElmenet. “We are aware of targeted attacks in the wild abusing…

January 10, 2020
Read More >>