While the majority of the RevengeHotels campaign takes place in Brazil, infections have also been detected in Argentina, Bolivia, Chile, Costa Rica, France, Italy, Mexico, Portugal, Spain, Thailand, and Turkey.
The threat group deploys a range of custom Trojans in order to steal guest credit card data from infected hotel systems as well as financial information sent from third-party booking websites such as Booking.com.
* * *
The Trojans are able to burrow into infected computers, creating tunnels back to the operator's command-and-control (C2) server and maintaining persistence. An additional module, dubbed ScreenBooking and written by the group, is used to capture payment card information.
In case you are keeping track:
India plans security audit of WhatsApp after hacking attempt - Reuters
NEW DELHI (Reuters) - India wants to conduct an audit of WhatsApp’s security systems following revelations that a spyware exploited vulnerabilities in the Facebook-owned messaging platform, the country’s technology minister said on Thursday.
The Indian Computer Emergency Team (CERT-In) “sought submission of information from WhatsApp on November 9, 2019, including a need to conduct an audit and inspection of WhatsApp’s security systems and processes,” Ravi Shankar Prasad told parliament in a statement.
Bitcoin Daily: Charities; Hackers Crypto Mining | PYMNTS.com
The event on Dec. 3 is a take on GivingTuesday, which allows people to make donations to charities. The event launched in 2012 and raised around $400 million in the U.S. last year.
"In times of crisis, to reach those lofty ambitions, we need to be friendly not only to traditional financing mechanisms but to the crypto community who’s been very innovative," said Ettore Rossetti, global digital lead of Save the Children in a phone interview with CoinDesk .
Hackers Demand Beer - Infosecurity Magazine
An unusual demand was issued to a Ugandan beer manufacturer whose website was hacked on Tuesday.
Threat actors targeting Nile Breweries Limited removed the contents from the organization's website nilebreweries.com before demanding that a secret beer recipe stored on the brewery's servers be put into production.
To persuade the brewery to comply with their demands, the unidentified cyber-criminals threatened to expose the classified recipe to the public.
Many things are taking place:
Stores, cybersecurity experts prepare for busy online weekend from shoppers, hackers
MOUNT VERNON, Iowa (KCRG) - Thanksgiving hasn't even arrived yet, but the holiday rush has already started at One Mission.
"We are just constantly busy those days, making and shipping products," co-founder John Rhomberg said Tuesday.
The Mount Vernon shop specializes in custom items, like mugs and t-shirts, and it donates 40% of every purchase to charity, making its products popular gifts.
"About a third of our overall annual sales come in about a 20-day period from the very end of November through the first part of December," Rhomberg said.
GitGuardian, the security startup hunting down online secrets to keep companies safe from hackers
When the login details of an Uber engineer were exposed in 2016 – signalling one of the most high-profile breaches of recent years – the names and addresses of 57 million riders and drivers were left at the mercy of hackers.
Yet despite this public lesson in how not to handle private credentials, so-called company secret leakage is an everyday occurrence .
Research from North Carolina State University found that in just six months between October 2017 and April 2018, more than half a million secrets were uploaded to GitHub repositories, including sensitive login details, access keys, auth tokens and private files. A 2019 SANS Institute survey found that half of company data breaches in the past 12 months were a result of credential hacking – higher than any other attack method among firms using cloud-based services.
Holiday travel: Charging phone at airport may let hackers steal data
Savvy air travelers know to search airports for those open electrical outlets to charge our phones.
Some of the better airports even have dedicated charging stations for weary travelers to get more juice on their devices.
* * *
Just this month, the Los Angeles District Attorney's office issued a stern warning to stay away from them: "Avoid using public USB power charging stations in airports, hotels, and other locations because they may contain dangerous malware," the warning from the D.A.'s office said.
Hackers Mass-Scanning Web for Docker Platforms to Mine Cryptocurrencies
A group of hackers has launched a new cryptojacking campaign on Nov. 24, scanning as many as 59,000 IP networks to find Docker platforms that have API endpoints exposed online, business technology publication ZDNet reports Nov. 26.
According to the report, the campaign is targeting vulnerable Docker instances in order to deploy crypto-malware to generate funds for the hacking group by mining Monero ( XMR ).
The mass scanning issue was first discovered by American internet security firm Bad Packets LLC on Nov. 25.
Happening on Twitter
Hotel front desks are now a hotbed for hackers https://t.co/JsK9Q9Vv36 by @SecurityCharlie ZDNet (from USA | UK | Asia | Australia) Thu Nov 28 13:30:25 +0000 2019
#RevengeHotels: cybercrime #campaign targeting hotel front desks worldwide https://t.co/l62nyGlTxD https://t.co/DZppzYGEWc dimitribest (from Miami, USA) Thu Nov 28 11:54:30 +0000 2019
No comments:
Post a Comment