08 Jul 2020

Keeper Threat Group Rakes in $7M from Hundreds of Compromised E-Commerce Sites

Researchers have warned that the Keeper threat group is deploying Magecart code to launch increasingly sophisticated attacks against eCommerce sites across the world. The group was formed three years ago and has since compromised more than 570 sites ranging in nature from liquor stores to Apple product resellers. Now, researchers

Read More
08 Jul 2020

First reported Russian BEC scam gang targets Fortune 500 firms

According to researchers at email prevention company Agari, a new group of threat actors believed to be from Russia has elevated Business Email Compromise scams to a new level. Whereas most BEC attacks are from Nigerian actors who target companies of any size, this new Russian group named Cosmic Lynx

Read More
08 Jul 2020

Fxmsp hacker indicted by feds for selling backdoor access to hundreds of companies

US prosecutors have indicted a prolific hacker allegedly behind a criminal enterprise that was selling backdoor access to hundreds of global organizations. The criminal operated under the name “fxmsp” and is a 37-year-old Kazakhstan citizen named Andrey Turchin. On Tuesday, the indictment was unsealed in the Western District of Washington.

Read More
07 Jul 2020

Hackers Are Exploiting a 5-Alarm Bug in Networking Equipment

Last week, government agencies released a warning about a high-threat vulnerability in a line of BIG-IP products sold by the company F5. The agencies advised security professionals to implement a released patch to protect devices from the exploit, which could allow attackers to fully take control of the networking equipment,

Read More
07 Jul 2020

Purple Fox Exploit Kit Adds Two Microsoft Vulnerabilities

Security company Proofpoint has disclosed two new Microsoft exploits that have been coded into Purple Fox, which is an exploit kit that has evolved drastically over the past year. The new updates show that cybercriminals are investing in infection tools and putting time and energy into increasing their capabilities to

Read More
07 Jul 2020

Android Users Hit with ‘Undeletable’ Adware

According to researchers at Kaspersky, 14.8 percent of Android users who were targeted with mobile malware or adware last year were left with permanent and undeletable files. This is called a system partition infection, and the undeletable files can range from trojans that can install and run apps without the

Read More
07 Jul 2020

EDP energy giant confirms Ragnar Locker ransomware attack

EDP Renewables North America (EDPR NA) confirmed that they had suffered a ransomware attack affecting its parent corporation’s systems. EDPR NA currently boasts 11,500 employees and delivers energy to over 11 million people, making it the world’s 4th largest producer of wind energy. EDP NA’s parent corporation is the Portuguese

Read More
06 Jul 2020

V Shred Exposes Pics and PII on 100,000 Customers

V Shred, a US-based fitness company, suffered from a massive data breach due to a misconfigured Amazon database that left sensitive personal data and revealing photos of 100,000 customers open to the public. The S3 bucket contained over 1.3 million individual files, according to vpnMentor who discovered the leak on

Read More
06 Jul 2020

Apache Guacamole Vulnerabilities Facilitate Attacks on Enterprises

According to researchers at Check Point security, remote code execution and information disclosure vulnerabilities in Apache Guacamole, an HTML5 web application, can pose a significant threat to users. Researchers found that the flaws can be leveraged by threat actors targeting enterprises. Apache Guacamole is used on a broad range of

Read More
06 Jul 2020

North Korean hackers linked to credit card stealing attacks on US stores

Research released earlier today connects North Korean nation-state hacking group Lazarus to a campaign that lasted over a year and targeted payment card information of customers of large US and European based retailers. The group allegedly used legitimate websites to exfiltrate stolen credit card data from the companies, known as

Read More