••• All important news related to new attacks and see the solutions we can offer you •••
British Airways fined £20m for Magecart hack that exposed 400k folks' credit card details to crooksRead the original article here
British Airways is to pay a £20m data protection fine after its 2018 Magecart hack – even though the Information Commissioner’s Office discovered the airline had been saving credit card details in plain text since 2015.
The fine, announced this morning by the UK's data watchdog, is almost exactly at the reduced £19.8m level that BA parent company the International Airlines Group had expected back in August.
GravityRAT Comes Back to EarthRead the original article here
The espionage tool masquerades as legitimate applications and robs victims blind of their data.
Kaspersky researchers spotted updated GravityRAT code indicating an overhaul of the the malware.
"Further investigation confirmed that the group behind the [GravityRAT] malware had invested effort into making it into a multiplatform tool...the campaign is still active," according to Kaspersky.
The malware is capable of retrieving device data, contact lists, email addresses, call logs and SMS messages and can exfiltrate various types of documents and files.
Hackers now abuse BaseCamp for free malware hosting
Phishing campaigns have started to use Basecamp as part of malicious phishing campaigns that distribute malware or steal login credentials.
Basecamp is a web-based project management solution that allows people to collaborate, chat with each other, create documents, and share files.
When creating documents, they can be formatted with HTML links, images, and stylized text.
To publicly share uploaded files, users can create a public link that allows people outside the organization to preview the file and download it.
When users click on a download link, they will be brought to a page that previews the file and includes another link to download the file to the computer.
As Basecamp offers a free license, users get free hosting that they can use to distribute any type of file they want