[HackerNews] New Golang-based Linux Malware Targeting eCommerce Websites

Weaknesses in e-commerce portals are being exploited to deploy a Linux backdoor as well as a credit card skimmer that’s capable of stealing payment information from compromised websites.
“The attacker started with automated e-commerce attack probes, testing for dozens of weaknesses in common online store platforms,” researchers from Sansec Threat Research¬†said¬†in an analysis. “After a day and a

Source: Read More (The Hacker News)

You might be interested in …

[ZDNet] Average time to fix high severity vulnerabilities grows from 197 days to 246 days in 6 months: report

All posts, ZDNet

A new report from NTT Application Security found that the window of exposure for many companies’ vulnerabilities is growing. Source: Read More (Latest topics for ZDNet in Security)

Read More

[BleepingComputer] Chinese threat actors hacked NYC MTA using Pulse Secure zero-day

Chinese-backed threat actors breached New York City’s Metropolitan Transportation Authority (MTA) network in April using a Pulse Secure zero-day. Still, they failed to cause any data loss or gain access to systems controlling the transportation fleet. […] Source: Read More (BleepingComputer)

Read More

[ThreatPost] Colonial Pipeline Shells Out $5M in Extortion Payout, Report

All posts, ThreatPost

According to news reports, Colonial Pipeline paid the cybergang known as DarkSide the ransom it demanded in return for a decryption key. Source: Read More (Threatpost)

Read More