Breaking News

•••  All important news related to new attacks and see the solutions we can offer you  •••

20/10/2020

GravityRAT Comes Back to Earth

Read the original article here
Cyber Defense

The espionage tool masquerades as legitimate applications and robs victims blind of their data.

Kaspersky researchers spotted updated GravityRAT code indicating an overhaul of the the malware.
"Further investigation confirmed that the group behind the [GravityRAT] malware had invested effort into making it into a multiplatform tool...the campaign is still active," according to Kaspersky.

The malware is capable of retrieving device data, contact lists, email addresses, call logs and SMS messages and can exfiltrate various types of documents and files.

Contact us for a test with Cymulate Breach and Attack Simulation
19/10/2020

Hackers now abuse BaseCamp for free malware hosting

Cyber Defense

Phishing campaigns have started to use Basecamp as part of malicious phishing campaigns that distribute malware or steal login credentials.
Basecamp is a web-based project management solution that allows people to collaborate, chat with each other, create documents, and share files.

When creating documents, they can be formatted with HTML links, images, and stylized text.
Basecamp also allows users to upload any file to a project, including file formats that are usually considered unsafe such as executables, JavaScript files, etc.

To publicly share uploaded files, users can create a public link that allows people outside the organization to preview the file and download it.

When users click on a download link, they will be brought to a page that previews the file and includes another link to download the file to the computer.

As Basecamp offers a free license, users get free hosting that they can use to distribute any type of file they want

Contact us for a test with Cymulate Breach and Attack Simulation
20/10/2020

Wisepay: School payments service hit by cyber-attack

Read the original article here
Cyber Defense

Parents who made payments to UK schools in recent days via the Wisepay service have been warned their card details have been compromised.

Wisepay said a hack of its website meant an attacker was able to harvest payment details between 2 and 5 October via a spoof page.

It's early stages, but it appears that Wisepay may have been victims of a credit card skimming attack sometimes referred to as a Magecart hack.

Attackers didn't break into any databases to steal the information, they took over the live payment page.

Ask us about Reflectiz, THE SOLUTION that will enable you to detect a magecart attack
Load more