••• All important news related to new attacks and see the solutions we can offer you •••
'Act of War' Clause Could Nix Cyber Insurance PayoutsLees de originele artikel hier
The indictment of six members of the Russian military for the NotPetya ransomware attack places companies on notice that insurance "is not a get-out-of-jail-free card."
Last week, insurers' arguments gained more weight when the US indicted six members of the Russian military for a variety of cyber operations, including the NotPetya wiper attack that disrupted business operations worldwide. Damages from those attacks are at the heart of major lawsuits against insurance companies, including a $1.3 billion legal action brought by pharmaceutical giant Merck against a collection of insurers and a $100 million lawsuit brought by food and beverage conglomerate Mondelez against Zurich Insurance.
In both cases, insurers claim the NotPetya attack represented a hostile act by a sovereign power, preventing any payout.
Abbadon remote access trojan (RAT) gets commands via DiscordLees de originele artikel hier
The new 'Abaddon' remote access trojan may be the first to use Discord as a full-fledged command and control server that instructs the malware on what tasks to perform on an infected PC.
Abaddon implements data-stealing feature, it was designed to steal multiple data from the infected host, including Chrome cookies, saved credit cards, and credentials, Steam credentials, Discord tokens and MFA information.
The malware also collects system information such as country, IP address, and hardware information.
According to Bleeping Computer the malware supports the following commands:
- Steal a file or entire directories from the computer
- Get a list of drives
- Open a reverse shell that allows the attacker to execute commands on the infected PC.
- Launch in-development ransomware (more later on this).
- Send back any collected information and clear the existing collection of data.
T-RAT 2.0 Telegram-controlled RAT, a new security threatLees de originele artikel hier
T-RAT 2.0 is a Trojan being advertised and sold on Russian forums, according to a posting on the G DATA Security Blog.
The most notable feature of T-RAT 2.0 is that it can be controlled using the Telegram app.
Apparently, here’s what T-RAT 2.0 can do to your system, once it infects it:
- Retrieve cookies and passwords from your browser
- Grant the attacker full access to your file system
- Perform audio recordings (requires an audio input device such as a microphone)
- Log your keystrokes
- Disable your Taskbar
- Use your webcam to perform video recordings or take pictures
- Fetch clipboard content
- Snap screenshots of your current view
- Disable your Task Manager
- Hijack transactions for several services, including Ripple, Dogecoin, Qiwi, and Yandex.Money
- Execute CMD & PowerShell commands
- Restrict your access to various websites and services
- Forcefully terminate processes on your computer
- Use RDP and/or VNC to perform additional remote control operations
More so, it’s compatible with most Chromium-based browsers (v80 and up), and its Stealer component supports the following apps:
- FileZilla XML
British Airways fined £20m for Magecart hack that exposed 400k folks' credit card details to crooksLees de originele artikel hier
British Airways is to pay a £20m data protection fine after its 2018 Magecart hack – even though the Information Commissioner’s Office discovered the airline had been saving credit card details in plain text since 2015.
The fine, announced this morning by the UK's data watchdog, is almost exactly at the reduced £19.8m level that BA parent company the International Airlines Group had expected back in August.
Wisepay: School payments service hit by cyber-attackLees de originele artikel hier
Parents who made payments to UK schools in recent days via the Wisepay service have been warned their card details have been compromised.
Wisepay said a hack of its website meant an attacker was able to harvest payment details between 2 and 5 October via a spoof page.
It's early stages, but it appears that Wisepay may have been victims of a credit card skimming attack sometimes referred to as a Magecart hack.
Attackers didn't break into any databases to steal the information, they took over the live payment page.
Black Friday Cyber risksLees de originele artikel hier
The shopping season which begins on Black Friday rolling over to Cyber Monday, is actually one of the most critical times for online retailers. During this period promotions are offered, new products are launched, and the shopping websites themselves invest all their resources to increase the volume of purchases. Unfortunately, as they say, along with the opportunities, come the risks.