Cybercrime & Digital Threats

A hacking campaign was uncovered that has so far affected more than 7,339 websites running on the Magento e-commerce platform. The attacks involve injecting MagentoCore, a malicious payment card data-stealing script, into the affected websites.

We discovered a fileless cryptocurrency mining malware (Fileless-DASKUS) variant back in February that uses PowerShell (PS) to perform its routine.

Trend Micro researchers recently discovered a new spam campaign being distributed with a downloader under the guise of a .WIZ which then drops a backdoor payload. This spam campaign has been noted to target financial institutions.

A campaign targeting Peruvian banks involve the use of phishing emails intended to lure victims via clickable links advertising Bitcoin.

A Nigerian man was convicted after using phishing scams in an attempt to steal over $6 million dollars from employees of several targeted US colleges and universities.

We discovered spam mails abusing EGG (.egg) files to deliver the GandCrab v4.3 ransomware. Additionally, the operators behind the spam mails appear to be specifically going after South Korean users, as evidenced by the use of Hangul in the spam mails.

Security researchers have been trailing the activity of cybercriminals who have waged a hijacking campaign on IoT devices, which aimed to steal the sensitive banking information of Banco de Brasil’s customers.

A new spam campaign uses classic tricks to lure clients of the Royal Bank of Canada.

With today’s ever-evolving threat landscape, data breaches are no longer isolated cases. Responding to and remediating data breaches calls for a proactive approach — something that managed detection and response (MDR) can provide.