A hacking group known as "Keeper" is responsible for security breaches at more than 570 online e-commerce portals over the last three years.
In a report published today by threat intelligence firm Gemini Advisory, the company says that Keeper has been operating since at least April 2017, and continues to operate even today.
Gemini said it tracked the group's activities because the Keeper gang used the same identical control panels for the backend servers where they collected payment card details from hacked stores.
This may worth something:
Social Media Pictures Provide Hackers with Information
Facebook, Twitter, Instagram, and other social media platforms make gaining access to personal and business information that people share rather easy.
"People post photos with that information in it because they don't realize it's in there and that it can be used in all kinds of nefarious ways," said Dave Hatter, a cybersecurity consultant with Intrust IT .
Hatter said that many people are unaware or ignore the danger of inadvertently leaking sensitive personal information when they post on social media. This is especially true when it comes to images that may capture sensitive information when taken and typically contain metadata that is not obvious to the naked eye. The metadata is known as EXIF data and most modern smartphones capture it when a photo is taken.
Privilege escalation explained: Why these flaws are valuable to hackers | CSO Online
Privilege escalation vulnerabilities are security issues that allow users to gain more permissions and a higher level of access to systems or applications than their administrators intended. These types of flaws are valuable for attackers because they're needed for full exploit chains but can be overlooked by defenders or developers because of their lower severity scores.
In general, any violation of an intentional security boundary can be considered a privilege escalation issue, including gaining kernel access from a user application in an operating system, escaping a virtual machine to access the underlying hypervisor, gaining domain administrator access from a workstation, or gaining privileged roles in public clouds by exploiting misconfigurations.
Hackers Are Exploiting a 5-Alarm Bug in Networking Equipment | WIRED
Any company that uses a certain piece of networking equipment from Seattle-based F5 Networks had a rude interruption to their July 4 weekend, as a critical vulnerability turned the holiday into a race to implement a fix. Those who haven't done so by now may now have a much larger problem on their hands.
The result is that anyone who can find an internet-exposed, unpatched BIG-IP device can intercept and mess with any of the traffic it touches. Hackers could, for instance, intercept and redirect transactions made through a bank's website, or steal users' credentials. They could also use the hacked device as a hop point to try to compromise other devices on the network.
And here's another article:
This 10-course ethical hacking bundle is on sale for $40 | ZDNet
And while it may sound a bit counterintuitive, the only person who can fight back against a hacker is another hacker. Known as ethical or "white hat" hackers, these cyber-warriors are the first and most important line of defense against a growing number of powerful digital threats, and they're being paid handsomely for their services.
With 10 courses and over 90 hours of expert-led training, the Ultimate 2020 White Hat Hacker Certification Bundle will be your guide to this important and lucrative field, and the entire training package is on sale for over 95% off at just $39.90.
Looks Like Russian Hackers Are on an Email Scam Spree | WIRED
"Most Eastern European and Russian hackers have been so entrenched in malware campaigns and technically sophisticated infrastructure that, as long as there are returns, they don't need to adapt," says Crane Hassold, senior director of threat research at Agari and a former digital behavior analyst for the Federal Bureau of Investigation.
While the line between Russian government and criminal hackers is often blurred, Agari sees no indication that Cosmic Lynx is a state-backed group.
The key to stopping cyberattacks? Understanding your own systems before the hackers strike | ZDNet
Cyberattacks targeting critical national infrastructure and other organisations could be stopped before they have any impact if the teams responsible for the security had a better understanding of their own networks.
That might sound like obvious advice, but in many cases, cyber-criminal and nation-state hackers have broken into corporate networks and remained there for a long time without being detected.
Some of these campaigns involve intrusions into critical infrastructure where malicious hackers could do damage that could have serious consequences .
North Korean hackers linked to web skimming (Magecart) attacks, report says | ZDNet
North Korea's state-sponsored hacking crews are breaking into online stores to insert malicious code that can steal buyers' payment card details as they visit the checkout page and fill in payment forms.
These types of attacks are named "web skimming," "e-skimming," or "Magecart attack," with the last name coming from the name of the first group who engaged in such tactics.
Web skimming attacks are simple in nature, although they require advanced technical skills from hackers to execute. The goal is for hackers to gain access to a web store's backend server, associated resources, or third-party widgets, where they can install and run malicious code on the store's frontend.
Happening on Twitter
'Keeper' hacking group behind hacks at 570 online stores https://t.co/UmL50NtOqO ZDNet (from USA | UK | Asia | Australia) Wed Jul 08 15:45:01 +0000 2020
No comments:
Post a Comment