Cyber News Rundown: Magecart Massive Attack | Webroot


Reading Time: ~ 2 min.

Magecart Launches Largest E-commerce Attack to Date

Roughly 2000 e-commerce sites were compromised in the latest
campaign targeting an out-of-date version of Magento software. It’s believed an
additional 95,000 sites that haven’t patched to the latest Magento version could
also be targeted by the payment skimming malware. The campaign began last
Friday and by Monday had stolen data from over 1,900 stores serving tens of
thousands of customers.

Staples Delivery System Responsible for Data Breach

Nearly two weeks after being contacted by a cybersecurity
firm regarding their use of unsecured VPN servers, Staples
has released a statement about a data breach that stemmed from a flaw in their delivery
systems. Because Staples’ delivery tracking system required only an order
number to pull up the entire order summary, customers were able to enter any
number around their own order and access payment and other sensitive
information belonging to other Staples customers. While the company has since
resolved the flaw, it seems they have not yet contacted victims whose
information was exposed.

Staffing Firm Suffers Second Ransomware Attack in 2020

Information Systems
, a global IT staffing firm, has recently fallen victim
to their second ransomware attack of the year. Following a January attack by
the REvil ransomware group, which released a small portion of company data
after not receiving a ransom payment, Artech has now been infiltrated by the
MAZE group, likely using a prior backdoor to the systems. Secondary ransomware
attacks typically stem from improper resolution of the initial attack that
leaves a system an easy target for another group.

Misconfigured Elasticsearch Exposes Over 100,000 Razer Customers

A security researcher found an unsecured Elasticsearch
cluster late last month containing highly sensitive information for over
100,000 Razer
customers. The exposed data contained personally identifiable information and order
details with everything but the actual payment card data. Fortunately, Razer
was quick to resolve the issue after being notified and set up an email worried
customers could contact for more information.

SunCrypt Ransomware Targets University Hospital New Jersey (UHNJ)

Over 240GB of data was allegedly stolen from the University
Hospital New Jersey
after a SunCrypt ransomware attack. The attack was
likely initiated against university systems shortly after a TrickBot infection
last month compromised systems. The owners of SunCrypt have already released
1.7GB of the stolen data, which equates to roughly 48,000 documents containing
highly sensitive personal information on patients and employees.

About the Author

Connor Madsen

Threat Research Analyst

As a Threat Research Analyst, Connor is tasked with discovering and identifying new malware variants, as well as testing current samples to ensure efficacy. Don’t miss the latest security news from around the world in his weekly Cyber News Rundown blog.

Source link