17 November 2020

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

FinServ Cyber
Bank_Security – A Threat Actor is selling a Remote Code Execution affecting a Payment system working in AU 🇦🇺, NZ 🇳🇱, HK 🇭🇰, PH 🇵🇭… Bank_Security – Twitter – Nov 16 2020 08:29A Threat Actor is selling a Remote Code Execution affecting a Payment system working in AU 🇦🇺, NZ 🇳🇱, HK 🇭🇰, PH 🇵🇭 etc.

Supported payment methods:
– POS terminal
– Unionpay
– WeChat
– Alipay

The actor provided DB Configs and "ls" results…

Bank_Security – A Threat Actor is selling a Remote Code Execution affecting a Payment system working in AU 🇦🇺, NZ 🇳🇿, HK 🇭🇰, PH 🇵🇭… Bank_Security – Twitter – Nov 16 2020 09:07A Threat Actor is selling a Remote Code Execution affecting a Payment system working in AU 🇦🇺, NZ 🇳🇿, HK 🇭🇰, PH 🇵🇭 etc.

Supported payment methods:
– POS terminal
– Unionpay
– WeChat
– Alipay

The actor provided DB Configs and "ls" results…

BleepinComputer – Adult site users targeted with ZLoader malware via fake Java update – @Ionut_Ilascu
BleepinComputer – Twitter – Nov 17 2020 08:30Adult site users targeted with ZLoader malware via fake Java update – @Ionut_Ilascu
hXXps://www[.]bleepingcomputer[.]com/news/security/adult-site-users-targeted-with-zloader-malware-via-fake-java-update/
EduardKovacs – The North Korea-linked Lazarus group has been targeting users in South Korea via a supply chain attack that involve… EduardKovacs – Twitter – Nov 16 2020 18:12The North Korea-linked Lazarus group has been targeting users in South Korea via a supply chain attack that involves software required by government and banking websites….
How well are you protected against Emotet?MalwareTips.com – Nov 14 2020 22:03Hi all, I'm sure by now we have all heard about Emotet threat. The way it gets distributed is via documents with malicious Macro. Users are tricked into executing the macro. [IMG……
InfoSecHotSpot – Attackers Target Porn Site Goers in ‘Malsmoke’ Zloader Attack A fake Java update found on various porn sites actual… InfoSecHotSpot – Twitter – Nov 17 2020 00:28Attackers Target Porn Site Goers in ‘Malsmoke’ Zloader Attack A fake Java update found on various porn sites actually downloads the well-known Zloader malware. hXXps://bit[.]ly/36FxTOV…
InfoSecHotSpot – Week in security with Tony Anscombe ESET research uncovers a backdoor targeting POS systems – Why you shouldn’t sha… InfoSecHotSpot – Twitter – Nov 14 2020 18:58Week in security with Tony Anscombe ESET research uncovers a backdoor targeting POS systems – Why you shouldn't share your Netflix password – Data of millions of hotel guests exposed The post Week in security with Tony Anscombe appeared first on…
New skimmer attack uses WebSockets and a fake credit card form to steal dataCyberSecurity Help – Blog – Nov 16 2020 10:07The use of WebSockets is notable because typically skimmer attacks exfiltrate data using XHR requests or HTML tags.
New skimmer attack uses fake credit card form to steal dataHackRead – Nov 14 2020 16:01By Sudais Asif The unique aspect of this attack is that WebSockets is used instead of other methods such as HTML tags to extract the information needed. This is a post from HackRead[.]com Read the original post: …
Shiny Hacker hacked Pluto TV service, 3.2M accounts exposedSecurity Affairs – Nov 15 2020 11:02A hacker has shared 3.2 million Pluto TV user accounts on a hacking forum for free, he claims they were stolen by ShinyHunters threat actor. Pluto TV is an American internet television service,…
VK_Intel – The `new` TrickBot loader relies on “fileless” method from “MemoryModule” library to map its core DLL from memory u… VK_Intel – Twitter – Nov 17 2020 06:31The `new` TrickBot loader relies on "fileless" method from "MemoryModule" library to map its core DLL from memory using this source code with no filesystem DLL loading (eg LoadLibrary calls)…
cyb3rops – Egregor Ransomware prints its ransom note on POS systems in Argentina and Chilecyb3rops – Twitter – Nov 17 2020 08:53Egregor Ransomware prints its ransom note on POS systems in Argentina and Chile
cybersecboardrm – New skimmer attack uses fake credit card form to steal data #Cybersecurity #security cybersecboardrm – Twitter – Nov 15 2020 00:24New skimmer attack uses fake credit card form to steal data #Cybersecurity #security hXXps://www[.]hackread[.]com/skimmer-attack-fake-credit-card-steal-data/
threatpost – The Lazarus group is using a new supply-chain #cyberattack against visitors to websites operated by the South Korea… threatpost – Twitter – Nov 16 2020 18:28The Lazarus group is using a new supply-chain #cyberattack against visitors to websites operated by the South Korean #government and financial firms.
hXXps://threatpost[.]com/hacked-software-south-korea-supply-chain-attack/161257/
FinServ Data Breaches
Report: Facebook Credit Card Scam Exposed Via Huge Data LeakMalwareTips.com – Nov 17 2020 06:13Led by Noam Rotem and Ran Locar, vpnMentor’s research team recently uncovered a potentially massive phishing and credit card fraud operation targeting Facebook users. We discovered the… Click to expand……
Fraud & Money Laundering
Explosion in digital commerce pushed fraud incentive levels sky-highHelp Net Security – News – Nov 17 2020 04:30A rise in consumer digital traffic has corresponded with a rise in fraud attacks, Arkose Labs reveals. As the year progresses and more people than ever are online, historically ‘normal’ online behavioral patterns are no longer applicable and…
Former Hong Kong beach volleyball player arrested over money-laundering chargesSouth China Morning Post – News – Nov 16 2020 07:41A former Hong Kong beach volleyball player and primary school teacher, who was convicted of assaulting a police officer during last year’s social unrest, was arrested on Sunday for allegedly laundering HK$5.8 million (US$748,000) following his…
Giving money laundering a whole new meaningTheAge.com – Nov 17 2020 11:00Cashless Apple Pay and Samsung Pay are gaining ground as payment methods of choice, as users embrace digital-wallet phone transactions in record numbers.
Kenya: Sportpesa Faces Sh30bn Money Laundering ProbeHumanitarian News blogs – Nov 16 2020 15:40[Nation] A State agency charged with tracking illicit money is investigating SportPesa for possible money laundering in the wake of claims the sports betting firm wired $278 million (Sh30 billion) from its local accounts to offshore…
Lloyds Probe Over HBOS Fraud Facing Fresh Delays, Times SaysBloomberg – Nov 14 2020 11:55Want the lowdown on European markets? In your inbox before the open, every day. Sign up here . A probe into allegations of a possible cover-up of fraud by Lloyds Banking Group executives has hit fresh delays, the Times reported . The investigation into…
Shehbaz, Tareen booked on money laundering, fraud chargesPakistan Defence – Nov 15 2020 13:04Shehbaz, Tareen booked on money laundering, fraud charges Babar Khan On Nov 15, 2020 Last updated Nov 15, 2020 LAHORE: The Federal Investigation Agency (FIA) has booked PML-N President Shehbaz Sharif, his sons Hamza and Salman, PTI leader Jahangir…
Tucson banker gets prison for fraud: Must pay back $1.25MThe Washington Times stories: News – Nov 16 2020 19:55TUCSON, Ariz. (AP) – A Tucson banker has been sentenced to nearly two years in prison for defrauding an 82-year-old customer. Federal prosecutors said 38-year-old Jacob Roach was given a 40-month prison term and ordered to pay $1.25 million…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal