The NCSC-UK’s Exercise in a Box tool set has been updated to help organisations keep their employees safe while working from home
www.zdnet.com/article/remote-working-this-free-tool-tests-how-good-your-security-really-is/ The ‘Home and Remote Working’ exercise has been added to the NCSC-UK’s Exercise in a Box, a toolkit designed to help small and medium-sized businesses prepare to defend against cyber attacks by testing employees with scenarios based around real hacking incidents – and lessons on how to respond.
US Secret Service creates new Cyber Fraud Task Force
www.bleepingcomputer.com/news/security/us-secret-service-creates-new-cyber-fraud-task-force/ CFTF’s main goal is to investigate and defend American individuals and businesses from a wide range of cyber-enabled financial crimes, from business email compromise (BEC) scams and ransomware attacks to data breaches and the illegal sale of stolen personal information and credit cards on the Internet and the dark web.
Injecting Magecart into Magento Global Config
www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/injecting-magecart-into-magento-global-config/ This attack shows the relative ease in which a Magento system can be compromised to inject malicious JavaScript into web pages.