Breaking News

•••  All important news related to new attacks and see the solutions we can offer you  •••


British Airways fined £20m for Magecart hack that exposed 400k folks' credit card details to crooks

Read the original article here
Cyber Defense

British Airways is to pay a £20m data protection fine after its 2018 Magecart hack – even though the Information Commissioner’s Office discovered the airline had been saving credit card details in plain text since 2015.

The fine, announced this morning by the UK's data watchdog, is almost exactly at the reduced £19.8m level that BA parent company the International Airlines Group had expected back in August.

Read about Reflectiz, and how it can protect your organization and your clients against magecart

GravityRAT Comes Back to Earth

Read the original article here
Cyber Defense

The espionage tool masquerades as legitimate applications and robs victims blind of their data.

Kaspersky researchers spotted updated GravityRAT code indicating an overhaul of the the malware.
"Further investigation confirmed that the group behind the [GravityRAT] malware had invested effort into making it into a multiplatform tool...the campaign is still active," according to Kaspersky.

The malware is capable of retrieving device data, contact lists, email addresses, call logs and SMS messages and can exfiltrate various types of documents and files.

Contact us for a test with Cymulate Breach and Attack Simulation

Hackers now abuse BaseCamp for free malware hosting

Cyber Defense

Phishing campaigns have started to use Basecamp as part of malicious phishing campaigns that distribute malware or steal login credentials.
Basecamp is a web-based project management solution that allows people to collaborate, chat with each other, create documents, and share files.

When creating documents, they can be formatted with HTML links, images, and stylized text.
Basecamp also allows users to upload any file to a project, including file formats that are usually considered unsafe such as executables, JavaScript files, etc.

To publicly share uploaded files, users can create a public link that allows people outside the organization to preview the file and download it.

When users click on a download link, they will be brought to a page that previews the file and includes another link to download the file to the computer.

As Basecamp offers a free license, users get free hosting that they can use to distribute any type of file they want

Contact us for a test with Cymulate Breach and Attack Simulation
Load more