It has been reported that two academics from the Technical University of Cologne (TH Koln) have disclosed a new type of web attack that can poison content delivery networks (CDNs) into caching and then serving error pages instead of legitimate websites. The new attack has been named CPDoS (Cache-Poisoned Denial-of-Service), has three variants, and has been deemed practical in the real world (unlike most other web cache attacks).
ISBuzz Team
NCSC published its annual review, finding among other things that it has thwarted more than one million cases of suspected payment card fraud.
NordVPN, the virtual private network provider, today confirmed it was hacked through an expired, exposed, and outdated internal private key. VPN providers are becoming significantly popular due to providing security and are used frequently by users in hostile environments. https://twitter.com/hexdefined/status/1185864801261477891
The Spelevo exploit kit was spotted by security researchers while infecting victims with Maze Ransomware payloads via a new malicious campaign that exploits a Flash Player. Maze Ransomware, a variant of Chacha Ransomware, was initially found by Malwarebytes security researcher Jérôme Segura in May. The researcher found that the ransomware was being distributed using the Fallout exploit kit via a fake site camouflaged as a legitimate cryptocurrency exchange app. Segura told BleepingComputer that the attackers created a fake Abra cryptocurrency site to buy ad network traffic which was later used to redirect visitors to the exploit kit landing page under certain conditions.
Equifax staffers used the default user name and password – ‘admin’ – to secure a portal containing sensitive customer information, Computing reported. That’s according to a class-action lawsuit launched against the company in the US, claiming securities fraud by the company over the 2017 data breach that spilled information on around 148 million accounts of people in the US, Canada and the UK.
An open database exposing records containing the sensitive data of hotel customers as well as US military personnel and officials has been disclosed by researchers. It is said the database belonged to Autoclerk, a service owned by Best Western Hotels and Resorts group. Autoclerk is a reservations management system used by resorts to manage web bookings, revenue, loyalty programs, guest profiles, and payment processing. vpnMentor was able to view records relating to the travel arrangements of government and military personnel — both past and future — who are connected to the US government, military, and Department of Homeland Security (DHS). Within the records, for example, were logs…
A group of Russian cyber attackers dubbed ‘Turla’ have hacked another Iran-based group of cyber actors, known as ‘OilRig’ to spy on multiple countries, according to advisories by published today by the UK’s NCSC and the US’ NSA. According to reports, attacks were discovered against more than 35 countries, many of which were located in the Middle East, with at least 20 successfully compromised.
A phishing campaign using fake invalid account Stripe support alerts as lures has been spotted while attempting to harvest customers’ bank account info and user credentials using booby-trapped Stripe customer login pages. Stripe is one of the top online payment processors, a company that provides the payment logistics internet businesses need to accept payments over the Internet from their e-commerce customers. This makes Stripe users the perfect target for threat actors looking to get their hands on their banking info, seeing that the company handles billions of dollars in payment every year. Full story here: https://www.bleepingcomputer.com/news/security/stripe-users-targeted-in-phishing-attack-that-steals-banking-info/
It has been reported that the Government announced that it has partnered with UK tech giant Arm as it pumps more than £50m into a new programme to improve the country’s cybersecurity. Chipmaker Arm, which was bought by Softbank in 2016, will receive £36m to develop new chip technology that is more resistant to cyber-attacks. A further £18m will be injected into a new scheme aimed at cracking down on online disinformation, fraud and misuse of personal data.
The Cofense Phishing Defense Center (PDC) published research Thursday on a phishing campaign that aims to harvest credentials from Stripe, the online payment facilitator handling billions of dollars annually, making it an attractive target for threat actors seeking to use compromised accounts to gain access to payment card information and defraud consumers.