Zen Cart “PayPal” Skimmer

From blog.sucuri.net

While we mostly see skimmers on Magento based websites, this does not mean that less-popular ecommerce platforms are safe from infections with similar payment information stealing malware.Our security analyst Christopher Morrow recently found an injection on a lesser known open source ecommerce platform named Zen Cart, which itself is a fork from the older OsCommerce. Credit card skimmers are not found as often for Zen Cart. This is because the Zen Cart user base is quite small (0.1%) when compared to other open source platforms like Magento (0.8%) or Prestashop (0.6%) – according to W3’s latest information.

Read more...

Top Conflicts to Watch in 2020: A Cyberattack on U.S. Critical Infrastructure

From cfr.org

In this year’s Preventive Priorities Survey, a cyberattack on U.S. critical infrastructure was ranked as the number one threat. Given heightened tensions with Iran following the death of Qasem Soleimani, ongoing Russian election interference, and the ever-present prospect that tensions with China could boil over, the likelihood of a significant cyberattack on the United States in the next year is high.

Read more…

Microsoft warns about Internet Explorer zero-day, but no patch yet

From zdnet.com

Internet Explorer IE

Microsoft has published a security advisory today about an Internet Explorer (IE) vulnerability that is currently being exploited in the wild — a so-called zero-day.

The company’s security advisory (ADV200001) currently only includes workarounds and mitigations that can be applied in order to safeguard vulnerable systems from attacks.

At the time of writing, there is no patch for this issue. Microsoft said it was working on a fix, to be released at a later date.

Read more…

LOLBITS : C# Reverse Shell Using BITS As Communication Protocol

From kalilinuxtutorials.com

LOLBITS : C# Reverse Shell Using BITS As Communication Protocol

LOLBITS is a C# reverse shell that uses Microsoft’s Background Intelligent Transfer Service (BITS) to communicate with the Command and Control backend. The Command and Control backend is hidden behind an apparently harmless flask web application and it’s only accesible when the HTTP requests received by the app contain a valid authentication header.

Read more…

Hackers try to get users involved in money swindling schemes

From 2-spyware.com

Scammers mimic the FTC to gather payments from victims

Scammers have thought about another tactic of how to swindle money from gullible users. They have managed a web page that offers monetary refunds for people who are claimed to be victims of data leaking attempts. The hackers pretend to be from the United States Federal Trading Commission[1] in order to create a legitimate look.

Read more…