Cybersecurity News - Page 338

The fraudsters set up hundreds of malicious websites that ostensibly sell legitimate goods, but in reality capture card numbers for sale on the dark web.

CCCS states that China, Russia, Iran, and North Korea-linked nation-state threat actors pose the greatest strategic threats to Canada.

The latest Grelos version detailed by RiskIQ contains "a rehash" of the original code first seen in 2015-16.

The attack was intercepted and contained before the intruder stole any funds.

In this recent campaign the attackers used a previously undocumented custom backdoor named Backdoor.Hartip, as well as multiple living-off-the-land, dual-use, and publicly available tools.

Chaes specifically targets the Brazilian website of e-commerce company MercadoLivre to steal its customers’ financial information.

Since 2019, the group managed to hack nearly 200 systems, with some clues suggesting that the threat actors gained access to domain controllers from the victim’s network.

The company described the incident as a "coordinated ransomware campaign."

The potentially compromised information includes names, home and email addresses, birthdates, shareholder numbers, phone numbers and photos.

The threat actor used stolen digital certificates from two security firms, which allow them to corrupt a browser plug-in designed to protect users from being compromised.