New Magecart Attacks On Ad Supply Chain

A new Magecart attack aimed at French advertising agency Adverline, has been discovered by RiskIQ. This new Magecart attack steals customer credit card details by compromising a content delivery network for ads so that any website loading the script from the ad agency’s ad tag would also be loading the digital skimmer at the same […]

Collection #1 Breach Comments

A security researcher discovered more than 772 million unique email address and over 21 million unique passwords were posted to a hacking forum. The data dump showcases the importance of having strong, unique passwords for every account. Expert Comments Below: Sandor Palfy, CTO at LastPass: “This Collection #1 data dump is yet another example indicating […]

Major Vulnerabilities Discovered Across Top Web Hosting Sites

Javvad Malik

Security researchers testing web hosting security have found at least one client-side vulnerability in all the platforms that were tested, with some allowing account takeover when the victim clicks a link or visits a malicious website. Websites hosted on Bluehost, Dreamhost, HostGator, OVH, or iPage were tested. Expert Comments below. Javvad Malik, Security Advocate at AlienVault: […]

Latest Bitcoin Scam Takes Victims To Fake BBC News Page

A new Bitcoin scam has surfaced and appears to be delivered mostly via email by exploiting weaknesses in Hotmail or Live mail accounts. Victims receive a legitimate-looking email that will usually mimic an email they are expecting to receive, making the scam seem even more real. A link in the email redirects the victim either to […]

Hackers Tricking Employees To Handover Payroll Data In Latest BEC Scam

Hackers have been found to be impersonating HR staff to gain employee credentials to access employee payroll accounts and banking details.  Expert Comments below: Felix Rosbach, Product Manager at comforte AG: “Here we have yet another example of how easy it is to steal someone’s identity – given there are no countermeasures in place. The reason for this is […]

Fortnite Vulnerabilities Allow Hackers To Take Over Gamers’ Accounts, Data And In-Game Currency

Cybersecurity researchers today shared details of vulnerabilities that could have affected any player of the hugely popular online battle game, Fortnite. If exploited, the vulnerability would have given an attacker full access to a user’s account and their personal information  as well as enabling them to purchase virtual in-game currency using the victim’s payment card details. The vulnerability […]

Largest Collection Of Breached Data Discovered

macnair-

Today it has been reported that the largest collection of breached data has been discovered in a popular hacking forum. The 87Gb of data discovered by security researcher Troy Hunt contains 770m email addresses and passwords. Experts Comments below: Ed Macnair, CEO at CensorNet: “Following data breaches, its common to find stolen details up for sale […]

Emotet Returns From The Holidays With New Tricks

Following a short period of low activity during the holiday, Emotet operators are back at distributing through malicious email campaigns a new strain of their payload that carries new tricks. The message spurts target users speaking different languages, luring them into opening an attached document laced with code that pulls in and installs the malware. […]

DNS Hijacking Campaign Targeting Infrastructure And Telecomms Discovered

FireEye’s Mandiant Incident Response and Intelligence teams have identified a wave of DNS hijacking that has affected dozens of domains belonging to the government, telecommunications, and internet infrastructure entities across the Middle East and North Africa, Europe and North America. While they do not currently link this activity to any tracked group, initial research suggests […]