Security experts have uncovered a Magecart large-scale payment card skimming campaign that compromised 962 online stores based on Magento. Security experts at Sanguine Security have uncovered a new large-scale payment card skimming campaign that already hacked 962 online stores running on the Magento CMS. The list of hacked e-commerce also includes a number of websites belonging […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! Bulgarian IT expert arrested after disclosing a flaw in kindergarten software Germany and the Netherlands agreded to build TEN, the first ever joint military internet Germany and the Netherlands […]
Yesterday, July 6, 2019, hackers breached the GitHub account of Canonical Ltd., the company behind the Ubuntu Linux distribution. On July 6, 2019, hackers have breached the GitHub account of Canonical Ltd., the organization behind the Ubuntu Linux distribution. The company immediately launched an investigation, the good news is that the source code of the […]
Cyber criminals have exploited an unproperly implemented password reset process in 7-Eleven to make unwanted charges on 900 customers’ accounts. 7-Eleven Inc. is a Japanese-American international chain of convenience stores, news of the day is that hackers exploited a weakness in the password reset function to make unwanted charges on its customers’ accounts. Crooks targeted approximately 900 […]
Croatia government agencies have been targeted by unknown hackers with a new piece of malware tracked as SilentTrinity. A mysterious group of hackers carried out a series of cyber attacks against Croatian government agencies, infecting employees with a new piece of malware tracked as SilentTrinity. The SilentTrinity malware can take control over an infected computer, […]
Eurofins Scientific, the UK’s biggest provider of forensic services, has paid a ransom to demand to recover its data after a ransomware attack. Eurofins Scientific, the UK’s largest police forensics lab contractor, announced to have paid a ransom to crooks to recover its data after a ransomware had been encrypted them. The company is based […]
Experts at F5 Networks discovered a cryptomining campaign that is delivering a new piece of the Golang malware that targets Linux-based servers. F5 experts uncovered a cryptominer campaign that is delivering a new strain of Golang malware that targets Linux-based servers. The campaign began around June 10 and already infected several thousand machines. The malicious […]
Researchers at Network Security Research Lab of Qihoo 360 discovered a Lua-based backdoor dubbed Godlua that targets both Linux and Windows systems. The peculiarity of this new piece of malware is the ability to communicate with C2 servers via DNS over HTTPS (DoH). The DoH protocol was a new standard proposed in October 2018 and it is […]
Magento addressed flaws that could be exploited by unauthenticated attackers to hijack administrative sessions and completely take over online stores. Magento addressed security vulnerabilities that could be chained by an unauthenticated attacker to hijack administrative sessions and completely take over online stores. The attacker would first exploit a Stored Cross-Site Scripting (XSS) vulnerability to inject […]
Kaspersky experts discovered that Sodinokibi, aka Sodin, Ransomware currently also exploits the CVE-2018-8453 vulnerability to elevate privileges in Windows The Sodinokibi Ransomware (aka Sodin, REvil) appeared in the threat landscape in April when crooks were delivering it by exploiting a recently patched Oracle WebLogic Server vulnerability. Now the threat is evolving, the Sodinokibi ransomware includes fresh […]