Exchange bug goes unpatched and exploited. GoldenSpy does your taxes (and spies on you). Magecart evolution. Threat made good.

0
223

Microsoft continues to urge users of its Exchange email servers to patch and bring them up to date. A known, and it’s worth emphasizing patched, vulnerability (CVE-2020-0688) has been under active exploitation by nation-state intelligence services since April. As ZDNet asks, why would any intelligence service worthy of its trenchcoats (we paraphrase and mix many metaphors) burn a zero-day when they could just waltz in through a known hole?

Trustwave says it’s found a new malware family, “GoldenSpy,” embedded in tax software companies doing business in China have been required by their Chinese bank to install. It does the taxes; it also opens a system-level backdoor.

A Malwarebytes report describes how Magecart operators have improved their game. The paycard skimming malware is now being hidden in EXIF metadata of image files. There are several criminal gangs known to use Magecart. This particular upgrade appears to be the work of Magecart Group 9.

The extortionists who compromised Indiabulls have made good on their threat to begin releasing data if the company didn’t pay the ransom. The Hindustan Times reports that the first tranche of company information has been leaked.

Where do…

Read More…