Breaking News

•••  All important news related to new attacks and see the solutions we can offer you  •••


'Act of War' Clause Could Nix Cyber Insurance Payouts

Lees de originele artikel hier
Cyber Defense

The indictment of six members of the Russian military for the NotPetya ransomware attack places companies on notice that insurance "is not a get-out-of-jail-free card."


Last week, insurers' arguments gained more weight when the US indicted six members of the Russian military for a variety of cyber operations, including the NotPetya wiper attack that disrupted business operations worldwide. Damages from those attacks are at the heart of major lawsuits against insurance companies, including a $1.3 billion legal action brought by pharmaceutical giant Merck against a collection of insurers and a $100 million lawsuit brought by food and beverage conglomerate Mondelez against Zurich Insurance.

In both cases, insurers claim the NotPetya attack represented a hostile act by a sovereign power, preventing any payout.


Dont bet on just one horse, see how C2C purple team solutions can help you to secure your organisation.

Abbadon remote access trojan (RAT) gets commands via Discord

Lees de originele artikel hier
Cyber Defense

The new 'Abaddon' remote access trojan may be the first to use Discord as a full-fledged command and control server that instructs the malware on what tasks to perform on an infected PC.

Abaddon implements data-stealing feature, it was designed to steal multiple data from the infected host, including Chrome cookies, saved credit cards, and credentials, Steam credentials, Discord tokens and MFA information.

The malware also collects system information such as country, IP address, and hardware information.
According to Bleeping Computer the malware supports the following commands:

  • Steal a file or entire directories from the computer
  • Get a list of drives
  • Open a reverse shell that allows the attacker to execute commands on the infected PC.
  • Launch in-development ransomware (more later on this).
  • Send back any collected information and clear the existing collection of data.
Contact us for a test with Cymulate Breach and Attack Simulation

T-RAT 2.0 Telegram-controlled RAT, a new security threat

Lees de originele artikel hier
Cyber Defense

T-RAT 2.0 is a Trojan being advertised and sold on Russian forums, according to a posting on the G DATA Security Blog.
The most notable feature of T-RAT 2.0 is that it can be controlled using the Telegram app.


Apparently, here’s what T-RAT 2.0 can do to your system, once it infects it:

  • Retrieve cookies and passwords from your browser
  • Grant the attacker full access to your file system
  • Perform audio recordings (requires an audio input device such as a microphone)
  • Log your keystrokes
  • Disable your Taskbar
  • Use your webcam to perform video recordings or take pictures
  • Fetch clipboard content
  • Snap screenshots of your current view
  • Disable your Task Manager
  • Hijack transactions for several services, including Ripple, Dogecoin, Qiwi, and Yandex.Money
  • Execute CMD & PowerShell commands
  • Restrict your access to various websites and services
  • Forcefully terminate processes on your computer
  • Use RDP and/or VNC to perform additional remote control operations


More so, it’s compatible with most Chromium-based browsers (v80 and up), and its Stealer component supports the following apps:

  • Steam
  • Telegram
  • Skype
  • Viber
  • FileZilla XML
  • NordVPN
  • Discord



Contact us for a test with Cymulate Breach and Attack Simulation

British Airways fined £20m for Magecart hack that exposed 400k folks' credit card details to crooks

Lees de originele artikel hier
Cyber Defense

British Airways is to pay a £20m data protection fine after its 2018 Magecart hack – even though the Information Commissioner’s Office discovered the airline had been saving credit card details in plain text since 2015.

The fine, announced this morning by the UK's data watchdog, is almost exactly at the reduced £19.8m level that BA parent company the International Airlines Group had expected back in August.

Read about Reflectiz, and how it can protect your organization and your clients against magecart

Wisepay: School payments service hit by cyber-attack

Lees de originele artikel hier
Cyber Defense

Parents who made payments to UK schools in recent days via the Wisepay service have been warned their card details have been compromised.

Wisepay said a hack of its website meant an attacker was able to harvest payment details between 2 and 5 October via a spoof page.

It's early stages, but it appears that Wisepay may have been victims of a credit card skimming attack sometimes referred to as a Magecart hack.

Attackers didn't break into any databases to steal the information, they took over the live payment page.

Ask us about Reflectiz, THE SOLUTION that will enable you to detect a magecart attack

Black Friday Cyber risks

Lees de originele artikel hier
Cyber Defense

The shopping season which begins on Black Friday rolling over to Cyber Monday, is actually one of the most critical times for online retailers. During this period promotions are offered, new products are launched, and the shopping websites themselves invest all their resources to increase the volume of purchases. Unfortunately, as they say, along with the opportunities, come the risks. 

Read about Reflectiz and how you can prevent this to happen to you