Recent Posts

Recent Blog Posts

The PhishLabs Blog

Major CMS Vulnerability, Chinese Espionage Group exposed, Chip Card Charges, and more | TWIC - October 31, 2014

Posted by Lindsey Havens on Oct 31, '14

TWIC_branding

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

  • ‘Replay’ Attacks Spoof Chip Card Charges (KrebsOnSecurity)
    An odd new pattern of credit card fraud emanating from Brazil and targeting U.S. financial institutions could spell costly trouble for banks that are just beginning to issue customers more secure chip-based credit and debit cards.

  • Samsung 'Find My Mobile' Flaw Allows Hacker to Remotely Lock Your Device (TheHackerNews)
    The National Institute of Standards and Technology (NIST) is warning users of a newly discovered Zero-Day flaw in the Samsung Find My Mobile service, which fails to validate the sender of a lock-code data received over a network.

  • Attackers Exploit Drupal Vulnerability (BankInfoSecurity)
    A mass, automated attack has potentially compromised a vulnerability that exists in the majority of all websites that run the popular Drupal content management system. More than 1 million websites use Drupal.

  • Australian E-Health records breached twice in the last year (The Register)
    Australia's Office of the Information Commissioner (OAIC) has released its Annual report of the Information Commissioner’s activities in relation to eHealth 2013–14, complete with a report on two data breaches in the systems used to store personally controlled electronic health records (PCEHRs).

  • New Chinese Cyber-Espionage Group Exposed (CIO Today)
    A new group of hackers operating in China has been discovered. The group, dubbed Axiom, has ties to the Chinese government and has attacked some 43,000 computers around the world, according to a report by cyber-security firm Novetta Solutions, which led the group that uncovered Axiom.

  • CurrentC gets user email addresses pickpocketed (nakedsecurity)
    Thieves may have nicked email addresses out of CurrentC, according to Merchant Customer Exchange (MCX), the group of merchants behind the mobile payment system that's promising to put up stiff competition against Apple Pay and Google Wallet.

     

Topics: Phishing, Vulnerability, The Week in Cybercrime, Data Breach, Cyberespionage

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all