Security News

From social media-influenced sales and app-based mobile purchases to cloud migration, the retail industry is shaped by the purchasing behavior of its customers. All of this data is stored on the cloud, and 77 percent of retailers acknowledge cloud security is a major challenge, making it the number one strategic challenge in the retail industry this year - up from number 14 in 2020.

Threat actors are gearing up for the holidays with credit card skimming attacks remaining undetected for months as payment information is stolen from customers. The code can steal payment details such as credit card number, holder name, addresses, and CVV, and send them to the actor.

Apple reportedly notified several U.S. Embassy and State Department employees that their iPhones may have been targeted by an unknown assailant using state-sponsored spyware created by the controversial Israeli company NSO Group, according to multiple reports from Reuters and The Washington Post. At least 11 U.S. Embassy officials stationed in Uganda or focusing on issues pertaining to the country are said to have singled out using iPhones registered to their overseas phone numbers, although the identity of the threat actors behind the intrusions, or the nature of the information sought, remains unknown as yet.

Apple has warned at least nine US Department of State employees that their iPhones have been hacked by unknown attackers using an iOS exploit dubbed ForcedEntry to deploy Pegasus spyware developed by Israeli surveillance firm NSO Group. "On top of the independent investigation, NSO will cooperate with any relevant government authority and present the full information we will have," an NSO spokesperson separately told Motherboard.

The BlackByte ransomware gang is now breaching corporate networks by exploiting Microsoft Exchange servers using the ProxyShell vulnerabilities. Since researchers disclosed the vulnerabilities, threat actors have begun to exploit them to breach servers and install web shells, coin miners, and ransomware.

The UK's National Cyber Security Centre says it warned the owners of more than 4,000 online stores that their sites were compromised in Magecart attacks to steal customers' payment info. In Magecart attacks, threat actors inject scripts known as credit card skimmers into compromised online stores to harvest and steal the payment and/or personal info submitted by customers at the checkout page.

Threat actors are hacking Microsoft Exchange servers using ProxyShell and ProxyLogon exploits to distribute malware and bypass detection using stolen internal reply-chain emails. TrendMicro researchers have discovered an interesting tactic used of distributing malicious email to a company's internal users using the victim's compromised Microsoft exchange servers.

A new wave of attacks starting late last week has hacked close to 300 WordPress sites to display fake encryption notices, trying to trick the site owners into paying 0.1 bitcoin for restoration. The researchers discovered that the websites had not been encrypted, but rather the threat actors modified an installed WordPress plugin to display a ransom note and countdown when.

The U.S. Federal Bureau of Investigation on Saturday confirmed unidentified threat actors have breached one of its email servers to blast hoax messages about a fake "Sophisticated chain attack." "Vinny Troia wrote a book revealing information about hacking group TheDarkOverlord. Shortly after, someone began erasing ElasticSearch clusters leaving behind his name. Later his Twitter was hacked, then his website. Now a hacked FBI email server is sending this," Hutchins tweeted.

The Federal Bureau of Investigation email servers were hacked to distribute spam email impersonating FBI warnings that the recipients' network was breached and data was stolen. The emails pretended to warn about a "Sophisticated chain attack" from an advanced threat actor known, who they identify as Vinny Troia.