Magecart Five Widens Attack Vectors, Targeting of Airbus Suppliers, & Tortoiseshell Developments

Digital Shadows

Coming to you from London this week, Jamie Collier, Philip Doherty, and Josh Poole join Viktoria Austin for our weekly threat intelligence updates. The team kicks off with a discussion around the top story of the week - Magecart Five Widens Attack Vectors.

Recent Magecart Five activity has included loading malicious Javascript files onto commercial-grade Layer 7 routers, injecting malicious code into a free, open-source app module, distributing phishing emails via an unspecified spamming service containing the KPOT trojan, embedding compromised websites with redirect code that results in the download of the RIG or Fallout exploit toolkits onto a target machine, and creating a phishing website imitating “G-Cleaner”, a w Windows garbage cleanup tool.

The team also discussed the other top stories of the week including:
- Suspected Chinese Threat Actor Targets Airbus Suppliers
- Tortoiseshell Lures American military-veteran job seekers
- Zendesk discloses 2016 data breach

 

Check out the full threat intelligence summary report at https://resources.digitalshadows.com/weekly-intelligence-summary

Previous Post
The Tyurin Indictment- Mapping To The Mitre ATT&CK™ Framework
The Tyurin Indictment- Mapping To The Mitre ATT&CK™ Framework

Director of Security Engineering, Richard Gold, joins Viktoria Austin in this special episode of ShadowTalk...

Next Post
Tortoiseshell Targets IT Providers, The Tyurin Indictment, And Emotet’s Return
Tortoiseshell Targets IT Providers, The Tyurin Indictment, And Emotet’s Return

The team digs into the first story of the week: Tortoiseshell Group (a newly identified threat group) has r...

Like what you hear?
Rate us on iTunes!

Rate Here