FIN6 Switches Up PoS Tactics to Target E-Commerce
The group is using the More_eggs JScript backdoor to anchor its attack. Continue reading FIN6 Switches Up PoS Tactics to Target E-Commerce
Collaborate Disseminate
The group is using the More_eggs JScript backdoor to anchor its attack. Continue reading FIN6 Switches Up PoS Tactics to Target E-Commerce
An open letter from the OpenID Foundation says that Apple introduced potential risks when it diverged from the OpenID Connect protocol. Continue reading Privacy and security risks as Sign In with Apple tweaks Open ID protocol
In May 2018, we discovered a campaign targeting dozens of mobile Android devices belonging to Israeli citizens. We decided to call the operation “ViceLeaker”, because of strings and variables in its code. Continue reading ViceLeaker Operation: mobile espionage targeting Middle East
For the past year, hackers—some of them associated with the MageCart online skimming group—have broken into high-profile online stores by exploiting a previously unknown vulnerability in a web-based database management tool. The vulnerability is locat… Continue reading Government, E-commerce Sites Hacked Through Database Tool
Researchers think an organized crime gang is running the massive campaigns, prepping for large-scale follow-on attacks on Android users. Continue reading ICEPick-3PC: A Sophisticated Adware That Collects Data En Masse
Despite fewer plugins being added to Wordpress last year, the CMS saw an astounding tripling of vulnerabilities in its platform in 2018. Continue reading ThreatList: WordPress Vulnerabilities Tripled in 2018
The spam campaign mostly targets victims in Turkey and Germany. Continue reading Adwind RAT Scurries By AV Software With New DDE Variant
The same attackers believed to be responsible for the recent breach of British Airways customer payment data have injected card skimming code into the site of U.S. online retailer Newegg.com. The code was identified by researchers from security firms … Continue reading Online Retailer Newegg Hit by Magecart Card Skimming Gang
Security researchers believe the recent data breach announced by British Airways was the result of malicious code being injected into the company’s website to steal information from payment forms. According to researchers from threat management … Continue reading British Airways Site Infected with Card Skimming Code
Since March 2018 we have discovered several infections where a previously unknown Trojan was injected into the lsass.exe system process memory. This campaign was active immediately prior to Central Asian high-level meeting and we suppose that actor behind still follows regional political agenda. Continue reading LuckyMouse signs malicious NDISProxy driver with certificate of Chinese IT company