••• All important news related to new attacks and see the solutions we can offer you •••
GravityRAT Comes Back to EarthRead the original article here
The espionage tool masquerades as legitimate applications and robs victims blind of their data.
Kaspersky researchers spotted updated GravityRAT code indicating an overhaul of the the malware.
"Further investigation confirmed that the group behind the [GravityRAT] malware had invested effort into making it into a multiplatform tool...the campaign is still active," according to Kaspersky.
The malware is capable of retrieving device data, contact lists, email addresses, call logs and SMS messages and can exfiltrate various types of documents and files.
Hackers now abuse BaseCamp for free malware hosting
Phishing campaigns have started to use Basecamp as part of malicious phishing campaigns that distribute malware or steal login credentials.
Basecamp is a web-based project management solution that allows people to collaborate, chat with each other, create documents, and share files.
When creating documents, they can be formatted with HTML links, images, and stylized text.
To publicly share uploaded files, users can create a public link that allows people outside the organization to preview the file and download it.
When users click on a download link, they will be brought to a page that previews the file and includes another link to download the file to the computer.
As Basecamp offers a free license, users get free hosting that they can use to distribute any type of file they want
Wisepay: School payments service hit by cyber-attackRead the original article here
Parents who made payments to UK schools in recent days via the Wisepay service have been warned their card details have been compromised.
Wisepay said a hack of its website meant an attacker was able to harvest payment details between 2 and 5 October via a spoof page.
It's early stages, but it appears that Wisepay may have been victims of a credit card skimming attack sometimes referred to as a Magecart hack.
Attackers didn't break into any databases to steal the information, they took over the live payment page.