Collaborate Disseminate
FIN6 fingerprints were spotted in recent cyberattacks that initially infected victims with the TrickBot trojan, and then eventually downloaded the Anchor backdoor malware. Continue reading FIN6 and TrickBot Combine Forces in ‘Anchor’ Attacks
The group is using the More_eggs JScript backdoor to anchor its attack. Continue reading FIN6 Switches Up PoS Tactics to Target E-Commerce
A well-known criminal hacking group tried to breach the computer network of a U.S. hotel using a variant of malware the group had last deployed in 2017, according to research from endpoint security firm Morphisec. FIN8, as the financially-driven group is known, made several upgrades to its ShellTea malware, aiming it at the network of the hotel between March and May, according to Morphisec. Researchers believe it was an attempted attack on a point-of-sale POS) system, or one that processes payment card data. The intrustion attempt was blocked. In a blog post published Monday, Morphisec warned of the vulnerability of POS networks to groups like FIN8. “Many POS networks are running on the POS version of Window 7, making them more susceptible to vulnerabilities,” wrote Morphisec CTO Michael Gorelik. “The techniques implemented can easily evade standard POS defenses.” The research did not identify the hotel by name or specificy its location, […]
The post FIN8 tries to breach U.S. hotel with new malware variant, researchers say appeared first on CyberScoop.
Continue reading FIN8 tries to breach U.S. hotel with new malware variant, researchers say
Adobe Systems released an emergency update for the ColdFusion application server to fix a critical remote code execution that’s already being exploited by attackers. The vulnerability, tracked as CVE-2019-7816, is located in the upload functiona… Continue reading Adobe Patches Actively Exploited ColdFusion Zero-Day Flaw