BleepingComputer reported that attackers have targeted precision companies in Italy with phishing that is difficult to spot. The final payload is a fileless trojan that harvests credentials. The campaign used a legitimate-looking Microsoft Excel spreadsheet embedded with exploit code that moves silently to infect the computer. Unlike the run-of-the-mill methods of infection that involve a Microsoft Office document, the cybercriminals behind this campaign did not embed malicious macro code in the Excel file, which would call for user interaction. Instead, they opted for a stealthier variant: an exploit for a remote code execution security bug that would run automatically run code on the…
ISBuzz Team
A new school year is underway, and cyberattacks against schools are increasing dramatically. This year has already seen almost as many incidents as the previous two years combined, according to Barracuda analysis of data compiled by the K-12 Cybersecurity Resource Center (K-12 CRC), which has been tracking reported attacks against U.S. schools since 2016. There have been 301 attacks against schools so far in 2019, compared to 124 in 2018 and 218 in 2017. This only accounts for the reported cases, however, and it’s highly likely that additional cases exist that went either unreported or even undetected, especially as stealthier malware that seeks to steal…
It has been reported that top domain name registrars NetworkSolutions.com, Register.com and Web.com are asking customers to reset their passwords after discovering an intrusion in August 2019 in which customer account information was accessed. “On October 16, 2019, Web.com determined that a third-party gained unauthorised access to a limited number of its computer systems in late August 2019, and as a result, account information may have been accessed,” Web.com said in a written statement. “No credit card data was compromised as a result of this incident.”
It has been reported that Microsoft Corp said it has tracked “significant” cyberattacks coming from a group it calls “Strontium” or “Fancy Bear”, targeting anti-doping authorities and global sporting organisations. At least 16 national and international sporting and anti-doping organisations across three continents were targeted in the attacks which began on Sept. 16, according to the company. The company said some of these attacks had been successful, but the majority had not. Microsoft has notified all customers targeted in these attacks.
In today’s world of constant and escalating threats, with breaches becoming a commonplace occurrence, PCs are a constant headache for security teams when it comes to securing IT infrastructure. Whether they are running Windows, MacOS or Linux, users inevitably change PCs to suit their needs, adding applications and storing local data as well as accessing unsafe web sites and receiving and clicking on phishing emails. The net result means that the security status of any given PC is always unique and unpredictable. A device may be compromised, or compromisable, at any level from the registry, through to the operating system…
It has recently come to light that scammers have hacked into WordPress and Blogger sites and composed blog posts with sextortion threats, warning users that they were recorded while accessing adult websites. Hackers are then demanding cash payments in Bitcoin as part of the scam. It is thought that attackers are accessing user’s sites through credential from previously leaked data breaches. Full story can be found here: https://www.bleepingcomputer.com/news/security/blogger-and-wordpress-sites-hacked-to-show-sextortion-scams/
News broke yesterday evening that The American Cancer Society’s online store has become the latest victim of credit card stealing malware. A security researcher found the malware on the organisation’s store website, buried in obfuscated code designed to look like legitimate analytics code. The code was designed to scrape credit card payments from the page. The attackers, known as Magecart, use their stolen credit card numbers to sell on the dark web or use the numbers for committing fraud.
It has been reported that some 2,000 websites in Georgia, including those of the president, courts, and media were hacked in a massive cyber-attack today. They displayed a photo of Georgia’s exiled former president Mikheil Saakashvili with an inscription “I’ll be back!” Interpress said the website for Georgia’s general jurisdiction courts as well as websites of a number of government agencies, NGOs and media outlets were also hit by cyber-attacks. The attack also affected servers of Georgia’s two major broadcasters, Maestro and Imedi TV, temporarily sending the television stations off the air.
French fashion online store Sixth June is offering shoppers more than the latest in men and women streetwear apparel as the site was infected some time ago with code that steals payment card info at checkout. The infosec community typically refers to this type of scripts as MageCart because they initially targeted sites using the Magento e-commerce platform. They are also called e-skimmers because they collect data from a card when it is used for online purchases. Similar to the physical skimmers copying card data when used at an ATM to withdraw cash, an e-skimmer reads and stores the info from…
Apple has confirmed that 17 applications have been removed from the App Store after they were found to be secretly committing fraud behind users’ backs to quietly collect advertising revenue from their smartphones.