Cybercrime & Digital Threats

The Interpol, together with the Indonesian National Police, announced the arrest of three Indonesian men suspected of being behind Magecart attacks.

Google indefinitely suspends extensions that use the Chrome Web Store payments while Mozilla bans 197 add-ons in a quest to halt fraudulent activities.

Over 2,000 WordPress sites were compromised by a malicious script that redirects visitors to scam sites, gains admin access, and installs fake plugins.

A recent BEC campaign targets organizations by sending them emails with IMG (disk imaging) file attachments hiding a NetWire remote access trojan.

A new sextortion scheme threatens to expose nude videos supposedly captured via victims' mobile phones and home cameras.

A hacker published a massive list of Telnet usernames and passwords for more than 515,000 servers, routers, and IoT devices.

On January 17, Microsoft published an advisory (ADV200001) warning users about CVE-2020-0674, a remote code execution (RCE) vulnerability involving Microsoft’s Internet Explorer (IE) web browser.

An updated version of mobile malware FakeToken was found sending massive numbers of offensive messages to foreign countries.

A Texas school district is investigating an email phishing attack after a series of transactions resulted in the loss of an estimated US$2.3 million.