Cybercrime & Digital Threats

Iframe found in checkout page of Magento-powered shopping websites steals customers’ debit and credit card information via phishing.

Ransomware's persistence is perhaps best embodied by a relatively new breed of ransomware, Ryuk, which has been making waves recently with multiple incidents occurring over the past year.

Over 12,000 MongoDB databases have been deleted, with hackers demanding ransom in return for their restoration. A security researcher has connected these attacks with hacking group Unistellar.

The cybercriminal group Magecart has struck again, this time injecting their payment card data-skimming script into the subscription page of Forbes Magazine.

Cybercriminal group ScarCruft has recently developed Bluetooth device-harvesting malware that collects Bluetooth device information such as names, device addresses, device types, as well as connection and authentication information.

A sophisticated Microsoft Exchange server backdoor gives hackers access to incoming and outgoing email. They would be able to intercept, redirect, and modify emails as well as send messages on behalf of the compromised victims.

The sustained prevalence of brand impersonation in phishing attacks is further demonstrated in a new report which listed the most impersonated brands in the first quarter of 2019.

A new ransomware dubbed MegaCortex has been targeting business networks across the world. The sudden surge in activity was noted by cybersecurity firms and researchers, and further investigation shows how complex this particular ransomware is.

More than 1.5 million malicious and spam emails were sent from thousands of compromised Office 365 accounts in March 2019 alone, a new report reveals.