BU-CERT – Bournemouth University Computer Emergency Response Team

Zen Cart “PayPal” Skimmer

Posted on 18 January 2020

From blog.sucuri.net

While we mostly see skimmers on Magento based websites, this does not mean that less-popular ecommerce platforms are safe from infections with similar payment information stealing malware.Our security analyst Christopher Morrow recently found an injection on a lesser known open source ecommerce platform named Zen Cart, which itself is a fork from the older OsCommerce. Credit card skimmers are not found as often for Zen Cart. This is because the Zen Cart user base is quite small (0.1%) when compared to other open source platforms like Magento (0.8%) or Prestashop (0.6%) – according to W3’s latest information.

Top Conflicts to Watch in 2020: A Cyberattack on U.S. Critical Infrastructure

Posted on 18 January 2020

From cfr.org

In this year’s Preventive Priorities Survey, a cyberattack on U.S. critical infrastructure was ranked as the number one threat. Given heightened tensions with Iran following the death of Qasem Soleimani, ongoing Russian election interference, and the ever-present prospect that tensions with China could boil over, the likelihood of a significant cyberattack on the United States in the next year is high.

Microsoft warns about Internet Explorer zero-day, but no patch yet

Posted on 18 January 2020

From zdnet.com

Microsoft has published a security advisory today about an Internet Explorer (IE) vulnerability that is currently being exploited in the wild — a so-called zero-day.

The company’s security advisory (ADV200001) currently only includes workarounds and mitigations that can be applied in order to safeguard vulnerable systems from attacks.

At the time of writing, there is no patch for this issue. Microsoft said it was working on a fix, to be released at a later date.

LOLBITS : C# Reverse Shell Using BITS As Communication Protocol

Posted on 18 January 2020

From kalilinuxtutorials.com

LOLBITS : C# Reverse Shell Using BITS As Communication Protocol

LOLBITS is a C# reverse shell that uses Microsoft’s Background Intelligent Transfer Service (BITS) to communicate with the Command and Control backend. The Command and Control backend is hidden behind an apparently harmless flask web application and it’s only accesible when the HTTP requests received by the app contain a valid authentication header.

Hackers try to get users involved in money swindling schemes

Posted on 18 January 2020

From 2-spyware.com

Scammers mimic the FTC to gather payments from victims

Scammers have thought about another tactic of how to swindle money from gullible users. They have managed a web page that offers monetary refunds for people who are claimed to be victims of data leaking attempts. The hackers pretend to be from the United States Federal Trading Commission^[1] in order to create a legitimate look.

Bluewall – A Firewall Framework Designed For Offensive And Defensive Cyber Professionals

Posted on 18 January 2020

From kitploit.com

Bluewall is a firewall framework designed for offensive and defensive cyber professionals. This framework allows Cybersecurity professionals to quickly setup their environment while staying within their scope.

Dissecting the activities and capabilities of RIG Exploit Kit

Posted on 18 January 2020

From cyware.com

exploit, hacker, bash, shell, server, code, linux, engineer, python, network, program, loop, lan, internet, prompt, c, ping, computer, minix, source, core, soap, ip, shock, local, web, programming, kernel, html, programer, command, script, language, cracker, unix, host, plus, software

Over the past years, the exploit kit has been observed installing various malware ranging from banking trojans to ransomware.
However, since 2017, there has been a major shift in its activity and is being now used to deliver cryptominers as well