While we mostly see skimmers on Magento based websites, this does not mean that less-popular ecommerce platforms are safe from infections with similar payment information stealing malware.Our security analyst Christopher Morrow recently found an injection on a lesser known open source ecommerce platform named Zen Cart, which itself is a fork from the older OsCommerce. Credit card skimmers are not found as often for Zen Cart. This is because the Zen Cart user base is quite small (0.1%) when compared to other open source platforms like Magento (0.8%) or Prestashop (0.6%) – according to W3’s latest information.
In this year’s Preventive Priorities Survey, a cyberattack on U.S. critical infrastructure was ranked as the number one threat. Given heightened tensions with Iran following the death of Qasem Soleimani, ongoing Russian election interference, and the ever-present prospect that tensions with China could boil over, the likelihood of a significant cyberattack on the United States in the next year is high.
LOLBITS is a C# reverse shell that uses Microsoft’s Background Intelligent Transfer Service (BITS) to communicate with the Command and Control backend. The Command and Control backend is hidden behind an apparently harmless flask web application and it’s only accesible when the HTTP requests received by the app contain a valid authentication header.
Scammers have thought about another tactic of how to swindle money from gullible users. They have managed a web page that offers monetary refunds for people who are claimed to be victims of data leaking attempts. The hackers pretend to be from the United States Federal Trading Commission in order to create a legitimate look.
Bluewall is a firewall framework designed for offensive and defensive cyber professionals. This framework allows Cybersecurity professionals to quickly setup their environment while staying within their scope.