Tag Archive for: Sites

Phases of Russia’s hybrid war. Stone Panda’s back. Bogus sites harvest credentials. Stone Panda’s back. CISA issues guidance.

/in


Dateline Moscow, Kyiv, Prague, Berlin, Brussels, London, New York, Washington: a lull in maneuver, but a continuation of fire (and cyber ops).

Ukraine at D+41: Russia reconstitutes maneuver forces; expect fire and cyber. (The CyberWire) Infantry and armor withdraw from the north of Ukraine, but Russian artillery continues its reduction of such Ukrainian cities as are within range. Cyber operations continue, and Ukraine is apparently getting some help from abroad (at least some defensive help).

Live Updates: U.N. Security Council to Meet as Evidence of War Crimes Mounts (New York Times) China and Russia are unlikely to support any measures that France, the U.S. and Britain propose. European leaders sought to impose more sanctions, but were divided on whether to ban Russian natural gas.

When It Comes to U.N. Diplomacy, Not All Abstentions Are Equal (World Politics Review) Abstentions at the U.N. may seem like a way to avoid hard choices on tough crises. But U.N. diplomacy is rarely that simple. In recent weeks, U.N. members from China to Burkina Faso have abstained on votes in U.N. forums on the war in Ukraine, or just not voted on them. What do such ambiguous votes and nonvotes mean?

Russia-Ukraine war: what we know on day 42 of the Russian invasion (the Guardian) Donetsk governor says Russian artillery has killed civilians at aid point, while Russian governor claims border guards were fired at

Russia’s invasion of Ukraine: List of key events on Day 42 (Al Jazeera) As the Russia-Ukraine war enters its 42nd day, here is a look at the main developments.

Russian military ‘weeks’ from being ready for new push as war takes its toll (The Telegraph) ‘Significant movement’ of troops away from Kyiv to regroup, rearm and resupply as Nato appeals to allies for weapons to reinforce Ukraine

Russia’s failure to take down Kyiv was a defeat for the ages (AP NEWS) Kyiv was a Russian defeat for the ages. The fight started poorly for the invaders and went downhill from there. When President Vladimir Putin launched his war on Feb. 24 after months of buildup on Ukraine’s borders, he sent hundreds of helicopter-borne commandos — the best of the best of Russia’s “spetsnaz” special forces…

Source…

Malware Infiltrates 500 eCommerce Sites

/in


An estimated 500 eCommerce websites were infiltrated by MageCart attackers, who seemingly installed credit digital card skimmers to lift users’ personal data, including card numbers, email addresses, phone numbers and more.

MageCart is a blanket term to define rival cyber gangs that troll eCommerce sites with the sole purpose of slipping skimmers into unsuspecting sites, which then triggers malicious code, according to Sansec, an eCommerce malware and vulnerability detection firm.

Once the skimmer is in place, visitors entering payment information for a purchase unknowingly send a code that relays the data to the attacker-controlled servers.

See also: Managing Remote FinTech Risk: In Digital Payments We Trust, But Verify Continuously

Sansec discovered the latest slew of infiltrations and said the jeopardized sites had used malicious scripts hosted at the domain naturalfreshmall.com.

“The Natural Fresh skimmer shows a fake payment popup, defeating the security of a (PCI compliant) hosted payment form,” Sansec tweeted, adding that all payments were being directed to a naturalfreshmall payment domain.

Read more: Credit Card Skimmer Leads to Costco Data Breach

The hackers made changes to the existing files and/or inserted different files that offered “no fewer than 19 backdoors that the hackers could use to retain control over the sites in the event the malicious script was detected and removed and the vulnerable software was updated,” according to Sansec.

“It is essential to eliminate each and every one of them because leaving one in place means that your system will be hit again next week,” per a Sansec article.

The files that were infiltrated were entirely malicious, or part of the Magento code “but had malicious code added to them.”

Sansec said regardless of the method, they recommend eCommerce sites run a malware scanner to ensure all skimmers are discovered.

You may also enjoy: Ransomware Reaches Beyond Money With More…

Source…

Log4j threat and how it had a massive effect on various companies and sites?

/in


Log4Shell is an internet vulnerability that affects millions of machines and is caused by a piece of software called Log4j, which is both obscure and nearly ubiquitous. The programme is used to keep track of everything that happens behind the scenes in a variety of computer systems.

The most significant vulnerability she’s seen in her career, according to Jen Easterly, director of the United States Cybersecurity and Infrastructure Security Agency. Hundreds of thousands, if not millions, of efforts, have already been made to take advantage of the flaw.

So, what exactly is this innocuous bit of internet infrastructure, how can hackers take advantage of it, and what kind of havoc may it cause?

log4j

What is the function of Log4j?

Log4j keeps track of events, such as faults and ordinary system processes, and sends out diagnostic warnings to administrators and users. Apache provides open source software.

Software Foundation is a nonprofit organisation dedicated to the advancement of software

When you type in or click on a poor online link and get a 404 error notice, this is a common example of Log4j in the workplace. There is no such webpage, according to the web server that hosts the domain of the web address you attempted to visit. It also uses Log4j to log the occurrence for the server’s system administrators.

Across all software applications, similar diagnostic messages are used. Log4j is used by the server in the online game Minecraft to log activity such as total memory utilised and user instructions sent into the console, for example.

What is the functionality of Log4Shell?

Log4Shell works by taking advantage of a Log4j feature that allows users to specify custom code for log message formatting. If a separate server maintains a directory linking user names and actual names, this feature allows Log4j to log not just the username associated with each attempt to log in to the server, but also the person’s true name. The Log4j server must communicate with the server that holds the real names in order to accomplish this.

This type of code, however, can be used for more than merely formatting log messages. Third-party servers can upload software code to Log4j that can conduct a…

Source…

The 10 most invasive sites on the internet

/in


We all know that our online browsing habits are being tracked. Unless you take steps to prevent it, most websites see where you come from, what you are searching for and what you like. Tap or click here for 8 hidden maps and trackers you need to switch off.

All this data is valuable to sites and services, as they use it to serve targeted advertising. Ever searched for something on Amazon and then seen an ad for a similar product on Facebook? That is targeted advertising at work.

Thankfully, not all websites treat you as a treasure trove of information. You might be pleasantly surprised to find out which sites have the least amount of trackers. But on the other end of the spectrum, the biggest culprits shamefully stuff their sites with hundreds of trackers.

Here’s the backstory

There are plenty of ways for a website to track you. Some might be subtle, like an invisible pixel or cookies, while others access your device’s GPS to locate you on the globe. But who are the biggest offenders? 

VPN provider SurfShark launched an investigation to find out, and some of the results are somewhat surprising. Its findings revealed that some of the most commonly-used websites hide up to 100 trackers, all designed to collect as much information on you as possible.

SurfShark analyzed a typical browsing session over the course of a weekend and noted which trackers were activated, who the trackers belonged to and where the information goes once collected.  

Here’s the good news. Websites with the least amount of trackers:

  • Wikipedia (3)
  • TikTok (3)
  • Instagram (4)
  • XVIDEOS (4)
  • Netflix (5)
  • Bandcamp (5)
  • FB Messenger (5)
  • XNXX (6)
  • National Parks Service (6)
  • GameForge (7)

SurfShark explained: “Wikipedia’s privacy summary notes that ‘that some of these [tracking] technologies do not have the best reputation in town and can be used for less-than-noble purposes’ – and that the company uses automatically-received data to ‘administer the sites, provide greater security, and fight vandalism’.”

The most invasive sites

SurfShark found 143…

Source…