Security News > 2021

ValidCC, a dark web bazaar run by a cybercrime group that for more than six years hacked online merchants and sold stolen payment card data, abruptly closed up shop last week. There are dozens of online shops that sell so-called "Card not present" payment card data stolen from e-commerce stores, but most source the data from other criminals.

The Trickbot malware has been upgraded with a network reconnaissance module designed to survey local networks after infecting a victim's computer. Trickbot uses the network scanner module to map the victims' networks and send home information on any devices with open ports.

ESET identified Kobalos victims by scanning for connections to SSH servers that use a specific TCP source port known to be abused by the malware. Kobalos also is likely using stolen credentials - ESET observed that in systems compromised by Kobalos, any SSH client in use has credentials stolen using a second-stage malware.

Two web skimmers have been discovered on the payment webpages of Costway, one of the top retailers in North America and Europe, which sells appliances, furniture and more. The skimmers are targeting consumers' credit-card payment details.

The 25+ year gap between IT and Operational Technology security means that OT networks have few, if any, modern security controls in place, as many of these Industrial Control Systems are legacy assets that were not designed with security in mind and were previously isolated, until digital transformation came along. With asset visibility to identify vulnerabilities and suspicious behavior, continuous threat monitoring to detect and track threats that cross the IT/OT boundary, and secure remote access solutions with strict controls over sessions, we can jumpstart the process of closing the IT/OT security gap.

A threat actor has infected an e-commerce store with a custom credit card skimmer designed to siphon data stolen by a previously deployed Magento card stealer. Credit card skimmers are JavaScript scripts that cybercrime groups known as Magecart groups inject into hacked e-commerce sites as part of web skimming attacks.

Apple has pulled iCloud 12 for Windows 10 from the Microsoft Store for what is believed to be issues with their new Chrome iCloud Keychain password synchronization feature. On January 26th, Apple released iCloud 12 with a new 'Passwords' feature, that when enabled, prompts users to install an 'iCloud Passwords' extension to synchronize and automatically fill in passwords saved in the iCloud Keychain.

Newfield said that it's easy to zoom in on items in the background of a Zoom window, such as bills or phone numbers hanging on a refrigerator or bulletin board. TechRepublic submitted three screenshots of a reporter's working environment at home and Newfield said he didn't see any security risks when he blew up the images.

Researchers have identified new versions of the Agent Tesla remote access trojan that target the Windows anti-malware interface used by security vendors to protect PCs from attacks. The newly discovered variants have also adopted new obfuscation capabilities, raising the stakes for businesses to fend off the ever-evolving Agent Tesla malware.

Cases of identity theft in the United States doubled in 2020, mainly due to cybercriminals taking advantage of people affected economically by COVID-19 who filed to receive government benefits. This is according to the Federal Trade Commission, which received about 1.4 million reports of identity theft last year, according to a blog post published Monday, when the commission kicked off its annual "Identity Theft Awareness Week.".