Security News > 2020 > July

The team at security biz Gemini Advisory said a long-running criminal gang dubbed Keeper compromised hundreds of online shopping sites over the past three years to install the software nasty. We're told 85 per cent were infected after the hackers exploited known flaws in the open-source Magento content management system popular among e-commerce businesses and used by the sites.

Boffins in Microsoft Research has pulled the covers off Project Freta, a free service aimed at spotting memory malfeasance. The project kicked off two years ago, partially in response to existing malware sensors being evaded as malicious code gained the ability to spot when it was being observed and self-destruct to prevent discovery.

Most cloud services keep their DNS cache times, known in the jargon as TTLs or time-to-live entries, pretty small these days in order to help their services adapt more quickly to changes in network load. Hacking your DNS entries is not quite as good a result for the crooks as taking over your actual web server - they won't have your web certificate to authenticate HTTPS traffic, and they'd need to clone a huge amount of your site to make a realistic facsimile - but it's still extremely dangerous, and potentially very damaging for your brand. In the cases tracked by Edwards, it seems that a bunch of crooks have been keeping their eyes on unused Azure server names that still have trusted DNS records referring to them, and reviving those defunct server names to produce believable URLs for scams and malware campaigns.

The BSA - also known as the Software Alliance, formerly the Business Software Alliance - is an industry lobbying group. They just published "Policy Principles for Building a Secure and Trustworthy Internet of Things."

China's ambassador to Britain on Monday warned that London faced a risk to its international reputation if it blocked Huawei from the nation's 5G network. A UK security investigation, yet to be published, has raised "Very, very serious" questions over Huawei's limited 5G role in Britain, the financial daily added.

A Nigerian national who has more than 2.5 million followers on Instagram, where he flaunts his lavish lifestyle, was extradited from the United Arab Emirates and appeared in court in the United States to face cybercrime-related charges. As part of the scheme, Abbas is said to have provided two bank accounts in Europe to a co-conspirator.

The BEC gang is called Cosmic Lynx, and has been associated with more than 200 BEC campaigns targeting senior-level executives in 46 countries since last July. "Unlike most BEC emails that are riddled with misspelled words and grammatical errors, Cosmic Lynx emails are usually very detailed and written in nearly perfect English," researchers said.

Social media businesses are making moves to block Hong Kong authorities from accessing their user data, days after Beijing imposed a new national security law on the territory. Google and Twitter also said that they had paused all data and information requests from Hong Kong authorities when the national security law went into effect last week.

The US has dragged a fancy-pants, Instagram-star, high-fashion-flaunting, alleged Nigerian scammer out of the United Arab Emirates and into Chicago to face charges that he helped launder beaucoup bucks gouged out of businesses in email compromise scams. The DOJ is charging Abbas with allegedly conspiring to launder hundreds of millions of dollars in BEC and other scams that targeted a US law firm's client, a foreign bank and an English Premier League soccer club, among others.

Hackers continue to exploit the recently patched BIG-IP security flaw and they have plenty of potential targets as researchers have identified thousands of vulnerable systems. The security hole has been described as a critical remote code execution vulnerability that can be exploited to take complete control of a system.