Magecart Five Widens Attack Vectors, Targeting of Airbus Suppliers, & Tortoiseshell Developments

October 4, 2019 Digital Shadows

Coming to you from London this week, Jamie Collier, Philip Doherty, and Josh Poole join Viktoria Austin for our weekly threat intelligence updates. The team kicks off with a discussion around the top story of the week - Magecart Five Widens Attack Vectors.

Recent Magecart Five activity has included loading malicious Javascript files onto commercial-grade Layer 7 routers, injecting malicious code into a free, open-source app module, distributing phishing emails via an unspecified spamming service containing the KPOT trojan, embedding compromised websites with redirect code that results in the download of the RIG or Fallout exploit toolkits onto a target machine, and creating a phishing website imitating “G-Cleaner”, a w Windows garbage cleanup tool.

The team also discussed the other top stories of the week including:
- Suspected Chinese Threat Actor Targets Airbus Suppliers
- Tortoiseshell Lures American military-veteran job seekers
- Zendesk discloses 2016 data breach

 

Check out the full threat intelligence summary report at https://resources.digitalshadows.com/weekly-intelligence-summary

Previous Post
Mapping the Tyurin Indictment to the Mitre ATT&CK™ framework
Mapping the Tyurin Indictment to the Mitre ATT&CK™ framework

When the attacker, Andrei Tyurin, pleaded guilty, we thought we could look at the attacker goals, their TTP...

Next Post
Your Data at Risk: FBI Cyber Division Shares Top Emerging Cyber Threats to Your Enterprise
Your Data at Risk: FBI Cyber Division Shares Top Emerging Cyber Threats to Your Enterprise

Data breaches are not slowing down. Nobody expects to be a victim, but the data shows the exponential growt...