Last week the US Federal Bureau of Investigation (FBI) sent out an alert warning the private industry of continued attacks carried out against software supply-chain companies. The report is yet to be released to the public as it is intended as a Private Industry Notification (PIN) which is only sent
Over the last several weeks the global health emergency surrounding the Coronavirus has overshadowed many other world events. Daily breaking news surrounding the virus’ spread too far-flung regions demand attention. Now, hackers are looking to further their own aims by abusing the medical threat pos
Last week this publication covered the arrest of three individuals accused of being part of a MageCart gang in Indonesia. This week brings more related news regarding MageCart attacks but so far none of this group has yet to be brought in front of a court. MageCart attacks often involve the injectio
For most of the Western World, December is associated with a myriad of holidays, for many hackers, it is open season. Consumers are warned to be careful when shopping online and companies are warned that they will be targets of what to some is a holiday period. When Wawa announced on December 19, 20
In the fourth quarter of 2019, a spike in MageCart attacks was seen. The most infamous of which involved British Airways which involved nearly 400,000 individuals becoming victims through only a piece of code 22 lines long. Then in November, that same year details emerged detailing how Macy’s also f
Ransomware continues to be a major bane facing enterprises and government organizations, with the latest high profile victim being Travelex. The currency exchange suffered a Sodinokibi attack, which left some of the company’s online services offline for three weeks. Another new worry for those taske
Online gaming has long been a target for hackers, whether to cheat or to deny other gamers the service they have in many cases paid for. In denying other players the online service hackers will often employ distributed denial of service (DDoS) attacks. Not only do such attacks prevent other players
It seems like the start of the year is not complete without a new and dangerous vulnerability been disclosed to the public. Last year it was the Spectre and Meltdown CPU vulnerabilities. This year the new threat is posed by CVE-2020-0601, better known as Curveball. The vulnerability is described as
Sodinokibi and a handful of other ransomware variants are currently dominating discussions regarding ransomware. Continual updates; changes in tactics and infection vectors; and improved targeting tactics placing corporations and government organizations within their crosshairs, have all made Sodino
With tensions near the boiling point between Iran and the US, news feeds across the globe have been dominated by headlines. The InfoSec community was also stirring with opinion pieces relating to Iran capabilities in carrying out cyberattacks. However, Iranian state-sponsored hackers are now in the