The activity of the advanced hacker group the researchers call Silence has increased significantly over the past year. Victims in the financial sector are scattered across more than 30 countries and financial losses have quintupled. The group started timidly in 2016, learning the ropes by following the path beaten by other hackers. Since then, it managed to steal at least $4.2 million, initially from banks in the former Soviet Union, then from victims in Europe, Latin America, Africa, and Asia.
A curious case of web-based card skimming activity revealed that the Poker Tracker website had been compromised and loaded a Magecart script - code that steals payment information from customers. Online poker enthusiasts use the Poker Tracker software suite to improve their winning chances by making decisions based on statistics compiled from the opponents' gameplay.
A phishing campaign that spoofs a PDF attachment to deliver Adwind spyware has been taking aim at national grid utilities infrastructure. Adwind, a.k.a. JRAT or SockRat, is being used in a malware-as-a-service model in this campaign, researchers said. It offers a full cadre of info-gathering features, including the ability to take screenshots, harvest credentials from Chrome, Internet Explorer and Microsoft Edge, record video and audio, take photos, steal files, perform keylogging, read emails and steal VPN certificates.
Almost weekly now I hear from an indignant reader who suspects a data breach at a Web site they frequent that has just asked the reader to reset their password. Further investigation almost invariably reveals that the password reset demand was not the result of a breach but rather the site’s efforts to identify customers who are reusing passwords from other sites that have already been hacked.
Two high severity vulnerabilities impacting all versions of the Kubernetes open-source system for handling containerized apps can allow an unauthorized attacker to trigger a denial-of-service (DoS) state. Kubernetes' development team has already released patched versions to address these newly found security flaws and block potential attackers from exploiting them.
All Sphinx servers that are exposed to the Internet are prone to abuse by cybercriminals, as they can be accessed by anyone, CERT-Bund warns. An open source search engine often used as a backend for web applications, Sphinx is popular among e-commerce developers and merchants due to fast full-text search capabilities, integration with popular database management systems, and support for a range of programming languages.
Microsoft is calling on researchers to help sniff out any security glitches in the beta version of its new Chromium-based Edge browser before officially pushing it live. The tech company has been working to build a new version of Edge based on Google’s open-source Chromium code, as opposed to its previous EdgeHTML proprietary browser engine.