Bill Toulas over on Bleeping Computer refers to the organisation Fangxiao as a malicious for-profit group. Fangxiao runs a massive of over 42,000 web domains that impersonate popular brands that redirect users to sites carrying adware apps, dating sites and that favourite of those browsing the web “free” giveaways. This …
Two very different hacking campaigns in the wild now
These two articles from Bleeping Computer shows the wide range of cyber security issues an organisation has to be aware of and take action about. One is the traditional malware getting into your systems and stealing sensitive information which it then sends out to the threat actors, to be used …
Continue reading “Two very different hacking campaigns in the wild now”
A couple of stories about supply chain compromise
The first is that threat actors have compromised a media company and are using its infrastructure to distribute malware: Hundreds of U.S. news sites push malware in supply-chain attack (bleepingcomputer.com) The company has not yet been named but the attack has impacted to many hundreds of news sites. The second …
Continue reading “A couple of stories about supply chain compromise”
User’s not understanding what secure configurations are, is the first step towards a cyber security incident. UPDATED
This original post was made on 23 August 2022 Update 21 October 2022 There has been another “mis-configuration story this week – Microsoft exposed thousands of client records when they mis-configured a server. Following a report in the summer of patient information leaking from a health care company because of …
My latest article on our training website CyberAwake.co.uk
Yesterday CyberAwake published my article looking at how snippets of information can leak out of a company and aid a threat actor:
If there is way for threat actors to abuse legitimate tools, of course they do it!
Google’s Tag Manager (GTM) is a system for managing HTML and Javascript analytic tags on website, especially ecommerce sites. A report by The Recorded Future has found that threat actors have been installing malicious e-skimmers scripts that can steal customer card data and other personally identifiable information exploiting GTM. Google …
Do you use FishPig ecommerce software? You don’t know. Then check now because it may have been compromised.
This is a classic supply chain attack. UK based FishPig, seller of Magento WordPress integrations, ecommerce software has discovered that its distribution server had been compromised, which allowed threat actors backdoor access to the customer’s systems. The ecommerce software is believed to be used by more than 200,000 websites. Breach …