» Annie Blog

Summary Researchers from SecureList from Kaspersky revealed new details regarding the Horns&Hooves cyber campaign, active since March 2023, which targeted over a thousand users and businesses in Russia (including retailers), using malicious JScript (JS) scripts disguised as legitimate email attachments. These scripts deploy the legitimate remote administration tool, NetSupport, for malicious purposes, granting attackers remote access…

On 3 December 2024, the RH-ISAC intel team was informed about a possible digital skimmer that may be present on an unnamed e-commerce website. JJ Josing, Principal Threat Researcher at the RH-ISAC, started his initial investigation into this incident. Our investigation discovered a script block containing heavily obfuscated JavaScript in the HTML of the checkout…

Summary A ransomware attack on Blue Yonder, a supply chain software provider for major supermarkets and fast-moving consumer goods (FMCG) suppliers, has severely disrupted operations. Blue Yonder confirmed the attack impacted its private cloud services, which support demand forecasting, automated ordering, and warehouse and supply management. A task force, alongside with third-party cybersecurity firms, is…

VIENNA, VA (November 19, 2024) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) released its annual Holiday Season Cyber Threat Trends report, revealing that fraud and ransomware are expected to plague the threat landscape facing retailers, hospitality, and travel businesses during their busiest season. The report predicts that social engineering, ransomware, and…

Summary In early October 2024, EclecticIQ analysts discovered a large-scale phishing campaign targeting e-commerce shoppers in Europe and the USA. This campaign, which capitalized on the heightened online shopping activity around Black Friday, is believed to have been orchestrated by a Chinese financially motivated threat actor, referred to as SilkSpecter. The campaign enticed victims with fake discounted…