AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 07/20/2022

Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems

300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuDrive, Harbortouch and InTouchPOS services.

Magecart campaigns have been skimming payment-card credentials of unsuspecting customers using three online restaurant-ordering systems, affecting about 300 restaurants that use the services and compromising tens of thousands of cards so far, researchers have found.

Two separate ongoing Magecart campaigns have injected e-skimmer scripts into the online ordering portals of restaurants using three separate platforms: MenuDrive, Harbortouch, and InTouchPOS, researchers from Recorded Future revealed in a blog postthis week. One appears to have begun last November, and the other in January, they said.

Russian Hackers Target Ukrainians Via Copycat DoS App

Researchers have spotted what they believe is the first recorded instance of Android malware distributed by prolific state-sponsored Russian hacking group Turla.

Also known as Venomous Bear among many other monikers, the APT group is linked to Russia’s Federal Security Service (FSB), a successor to the KGB.

As such, it’s currently involved in operations targeting Ukrainian forces and pro-Ukrainian activists, many of whom have been encouraged to enlist in a volunteer “IT army” to DDoS Russian assets.

To do so, some are encouraged to use apps like StopWar, an Android application designed to make it easy for Ukraine supporters to DDoS pre-selected Russian sites direct from their smartphone.

It is this app, spotted by Google’s Threat Analysis Group (TAG) in March, that the Turla group has now spoofed in an attempt to infect users with malware.

(ISC)2 offers free cyber security certifications to one million people

Cyber security professional association (ISC)2 has announced that it will be offering its entry-level cyber security certification for free to 1 million people.

The initiative is an extension of the ‘100k in the UK scheme’ announced earlier this year and aims to tackle the cyber security skills gap which (ISC)2 said stands at 2.7 million.

The certification on offer is the (ISC)2 Certified in Cybersecurity qualification which was originally introduced at the start of the year as a pilot program.

Included in the package is the certification exam itself, plus the self-paced training course too. 

At least 500,000 of the individuals receiving the free certification will be from “a range of diverse backgrounds and circumstances,” the organisation said.

Specifically, the organisation will be approaching historically black colleges and universities, minority-serving institutions, tribal organisations, and women’s organisations across the US and the globe.

Current university students, recent graduates, those seeking a career change, and other professionals are all encouraged to participate in the initiative, especially those currently employed by, or looking to be employed by, SMBs

Hacker hijacks NFT artist DeeKay’s Twitter account, steals $150,000 worth of NFTs from fans

NFT artist DeeKay Kwon had his Twitter account hacked at the end of last week by scammers who managed to steal NFTs valued at $150,000 from his followers.

DeeKay Kwon, who is an acclaimed digital artist and animator, described in a series of tweets how the hacker had posted a link to what claimed to be an exclusive new NFT collection from Kwon:

“The LetsWalk Collection Airdrop is now live! Only 1,000 lucky people are able to claim! Good luck!”

Some of DeeKay’s almost 180,000 followers clicked on the link and were taken to a bogus version of the artist’s genuine website, and in their rush to claim their NFTs approved transactions that raided their wallets.

In total, NFTs valued at $150,000 are thought to have been stolen from victims’ wallets.

One victim, who according to his Twitter profile claims to be a former engineer at Coinbase, said that he fell for the attack, and had seven NFTs stolen from him.

Roughly 150 Patients Harmed by Flaw in the New VA Medical Records System, Watchdog Finds

A glitch in the Department of Veterans Affairs‘ new electronic medical records system caused harm to at least 149 patients at the VA’s Spokane, Washington, hospital, including a suicidal veteran forced to call the VA’s crisis line in desperation after his psychiatry referral was lost.

A report published Thursday by the VA’s Office of Inspector General found that the Oracle Cerner Millennium electronic health records system used at the facility contained an overflow bucket for orders or referrals that didn’t match up with the system’s drop-down menu of file destinations.

But physicians and hospital staff weren’t aware of the folder, referred to as the “unknown queue,” so when they ordered any follow-on appointments, specialty care or lab work that didn’t match a destination, the orders effectively disappeared from their view.

Related Posts