••• All important news related to new attacks and see the solutions we can offer you •••
Israel-Based Shirbit Still Refuses to Pay $3.8 Million RansomRead the original article here
One of the largest insurance companies in Israel has been hit by a ransomware attack, and the threat actors started to release sensitive data, as the firm doesn’t pay the requested ransom in bitcoin (BTC).
According to The Jerusalem Post, the Black Shadow group is the mastermind of the ransomware deployed on the IT infrastructure of Shirbit on December 1, 2020, who requested a ransom of 200 BTC (over $3.8 million as of press time).
Initially, the hackers asked for 50 BTC, but the insurance company refused to comply with the attackers’ demands. Afterward, the Black Shadow announced through their Telegram channel that the amount would be increased with the past of the time.
On December 3, 2020, the attackers kept their promise to leak sensitive data and published a bulk of files containing employees’ and customers’ private information. They promised to stop leaking if the ransom is paid. Among its customers, Shirbit has business relations with government entities, including the Tel Aviv District Court president.
How Retailers Can Avoid Cyber ThreatsRead the original article here
In November 2019, Macy's confirmed the presence of credit card-skimming Magecart malware on its checkout and wallet pages just as Black Friday and the holiday shopping season approached. Macy's indicated that the malware allowed a third party to capture customers' data on the pages if they input their credit card information and clicked "place order."
This potentially enabled cybercriminals to access names, addresses, phone numbers, and email addresses along with the users' credit card numbers, security codes, and expiration dates. A Macy's cybersecurity team removed the code by Oct. 15 and announced the incident a few weeks later.
With Black Friday on Nov. 27 this year, retailers are jockeying to gain a competitive edge in what could be the biggest online shopping spree ever. E-commerce holiday sales are expected to generate between $182 billion and $196 billion this season — a year-over-year increase of 25% to 35%, according to Deloitte's annual forecast. Overall holiday spending, on the other hand, will top out at $1.15 trillion with a relatively flat increase of 1.5%.
The trend mirrors the e-commerce sales boom that occurred throughout 2020, with the pandemic expected to fuel a $794.5 billion market in 2020, according to eMarketer. This represents a 32.4% year-over-year growth rate — nearly double the 18% predicted in eMarketer's second-quarter forecast. Brick-and-mortar sales will decline by 3.2%, to $4.71 trillion. Given the stakes in the roughly one-month peak holiday shopping season, retailers are racing to optimize their websites for mobile devices and third-party affiliate partners to maximize every opportunity possible.
The fact that there are multiple third-party vendors that support online sales further exposes retailers to possible threats. Cybercriminals often target third parties because they're the weak links of the supply chain. On average, e-commerce sites use 40 to 60 third-party tools and intend to add three to five new third-party technologies each year, amplifying the risks.
So, what should e-commerce businesses do to thwart these attacks and ensure their customers have a "holly, jolly" holiday? We recommend three steps.
Understand Your Risk
It's safe to say that the bad guys are planning for Black Friday as much as retailers are. In fact, they may already have compromised their intended targets and are now simply waiting for the big shopping day to arrive.
After all, they've demonstrated over time that they're very good at "hiding" inside systems until they're ready to strike. Nearly two-thirds of security professionals indicate that they're seeing no less than 100 days of dwell time — the time it takes to detect attackers once they infect a network. Therefore, it's critical to conduct internal due diligence to inventory both your internal risk and third-party risk: What do you know exists, and what protections do you have in place as a result? Are you confident in your solutions? Are you doing enough to defend customer data before it becomes a problem?
Implement Zero Trust
View Your Webpages as Customers See Them
Too many businesses only see their website as it appears on the server side, instead of viewing it from the customer browser perspective. The browser page is what customers "see" when they shop, and these pages are subject to compromises. Therefore, you need to assess what you're doing to protect your pages once they leave the web server.
Starting on Nov. 27, retailers large and small will discover whether their e-commerce capabilities are ready for prime time or not. Indeed, the season will serve as a litmus test of their digital transformation success.
This is why companies cannot afford to consider cybersecurity as an afterthought — they must think of data defense as an indispensable component of their business strategies. By committing to a comprehensive risk assessment, enforcing zero trust of third parties, and protecting browser-side pages, they'll rise above the competition this holiday season and reap the rewards of superior brand reputation and customer loyalty for the many months that follow.
TA551 (Shathak) Word docs with Japanese template push IcedIDRead the original article here
Not a New Threat, but very dangerous
The TA551 (Shathak) campaign continues to push IcedID (Bokbot) malware since August 2020. The template for its Word documents has been updated, but otherwise, not much has changed. This campaign mainly targets english speaking victimes however it has also targeted non-English speaking targets with other types of malware.
Available Attack Vectors:
- Web Gateway