Security experts have spotted an interesting exfiltration technique adopted by crooks to exfiltrate card data from Magento platforms. Security experts from Sucuri and RiskIQ have spotted an interesting exfiltration technique adopted by crooks to exfiltrate payment data from compromised e-commerce websites powered by the Magento platform. Cybercriminals have been using image files to store and exfiltrate […]
Experts from the White Fir Design discovered cybe rcriminals exploited a zero-day flaw in an e-commerce plugin for WordPress to upload a backdoor. According to the experts from the firm White Fir Design, crooks exploited a zero-day flaw in an e-commerce plugin for WordPress to upload backdoors to affected websites. The plugin is WP Marketplace, a […]
NRSC hack – A platform used by the National Republican Senatorial Committee for the donations was hacked and donors’ financial data have been exposed. Other rumors around the Presidential Election, once again, it’s a hacking story in the headlines, the NRSC hack. Donations sent to the National Republican Senatorial Committee (NRSC) between March 16 and October 5, 2016 on […]
Researchers at Fidelis Cybersecurity believe that someone behind the development of the Dyre banking Trojan is now behind the new Trickbot malware. This morning I published a post on the data provided by Group-IB on crime trends, the report published by the security firm reveals a continuous evolution of cybercriminal ecosystem. The story that I’m going to […]
The Group-IB firm has published a report titled “High Crime Trends 2016” that includes interesting data about principal cybercrime trends. Group-IB, one of the global leaders in preventing and investigating high-tech crimes and online frauds, has published an interesting report titled “High Crime Trends 2016” that provides an interesting analyzing of current criminal activities. The Key Trends evaluate are evaluated […]
Experts from Kaspersky have spotted a new threat in the wild written in Python, the CryPy ransomware that uses a unique key for each. Researcher newly founded âCryPy â Ransomware written in python has surprised Israeli server for command and control (C&C) communication. In past, we have other ransomware written in python like Zimbra, HolyCrypt, […]
Symantec observed a significant increase in the number of email-based attacks using malicious Windows Script File (WSF) attachments. Experts from Symantec are observing a significant increase in the number of email-based attacks leveraging malicious Windows Script File (WSF) attachments. Â Over the past three months, threat actors have adopted the tactic in the wild, mostly criminal […]
Sierra Wireless is warning its customers to change factory credentials of its AireLink gateway communications products due to Mirai attacks. Sierra Wireless is warning its customers to change factory credentials of its AireLink gateway communications product. The company is aware of a significant number of infections caused by the Mirai malware, a threat specifically designed […]
Experts discovered a new variant of the Android Acecard banking trojan that asks victims to take a selfie while they are holding an ID card. The inventiveness of the criminals is a never ending pit. Recently, a number of organizations announced a new authentication method based on the selfies. For example, HSBC customers can open […]
Exclusive: interview made by @unixfreaxjp of MalwareMustDie for Security Affairs about the Linux/NyaDrop. The latest details about this new dangerous IoT malware. After the Krebs DDoS attacks the enrollment of new IoT botnets is going to grow and new large âzombie armyâ made by of web-ip-cam, DVR/NVR, routers/modems are invading the cyberspace. The evidence of […]