No man’s land: How a Magecart group is running a web skimming operation from a war zone
July 18, 2019 - We take a look into a Magecart group's web skimming activities, which are relying on a bulletproof-friendly host in battle-scarred Luhansk, Ukraine to provide cover for their activities, safe from the reach of law enforcement and the security community.
Skimmer acts as payment service provider via rogue iframe
May 21, 2019 - Even e-commerce sites that do not take payment information themselves can be abused by crooks. In this post, we show how a web skimmer is able to inject an artificial iframe into the checkout page to prompt users for their credit card information. Victims will only realize something's not right when they are redirected to the real (and external) payment form.
Microsoft pushes patch to prevent ‘WannaCry level’ vulnerability
May 15, 2019 - This month marks two years since the infamous WannaCry attack. Now a Remote Desktop Protocol (RDP) vulnerability has been discovered that could be used in a similar large-scale attack—though Microsoft has released a patch. Have you updated yet?
Sophisticated threats plague ailing healthcare industry
April 30, 2019 - Black hat hackers are after patient healthcare data, and such breaches will only intensify. Which forms of malware are behind the attacks? We take a look at the advanced threats targeting a sector struggling to keep up.