Security News > 2020 > July

Over the past three years, one of the groups operating under the Magecart umbrella has targeted over 570 e-commerce websites and likely made more than $7 million, threat intelligence company Gemini Advisory reports. Referred to as Keeper, the group operates 64 attacker and 73 exfiltration domains and has hit targets in 55 countries since April 1, 2017.

Over the past year, a Russian cybercrime group has launched over 200 business email compromise campaigns targeting multinational organizations. The group mainly focused on senior-level executives, with three quarters of the targets holding titles such as managing director, vice president, or general manager.

It is amazing that this sort of thing can still happen: ...the list was compiled by scanning the entire internet for devices that were exposing their Telnet port. The hacker then tried using (1)...

Citrix has issued patches for 11 CVE-listed security vulnerabilities in its various networking products. Affected gear includes the Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP. So far there have been no reports of any of the bugs being targeted in the wild, though Rob Joyce, former head of the NSA's Tailored Access Operations elite hacking team, urged admins to apply the patches - right after fixes emerged for vulns in F5 and Palo Alto networking gear, too.

Now that the EARN IT Act has crept closer to a full Senate hearing, we're that much closer to finding out whether the bill can really help stem the flood of online abuse material, whether it's a barely veiled attack on online privacy and end-to-end encryption, or all of the above. Senator Richard Blumenthal claimed that the bill "Is not about encryption and it never will be." The other co-sponsor, Senator Lindsey Graham, said that his goal "Is not to outlaw encryption".

Augmented Reality (AR) technologies will provide new opportunities for attackers to compromise the privacy and safety of their victims.

Security is primarily your responsibility – with help from the cloud provider.

In April 2020, Cynet launched the world's first Incident Response Challenge to test and reward the skills of Incident Response professionals. Providing the thought process and detailed steps to solve each of the challenges will serve as a training aid and knowledge base for incident responders.

Citrix yesterday issued new security patches for as many as 11 security flaws that affect its Citrix Application Delivery Controller, Gateway, and SD-WAN WAN Optimization edition networking products. Successful exploitation of these critical flaws could let unauthenticated attackers perform code injection, information disclosure, and even denial-of-service attacks against the gateway or the authentication virtual servers.

A new research has uncovered multiple critical reverse RDP vulnerabilities in Apache Guacamole, a popular remote desktop application used by system administrators to access and manage Windows and Linux machines remotely. The reported flaws could potentially let bad actors achieve full control over the Guacamole server, intercept, and control all other connected sessions.