On 3 December 2024, the RH-ISAC intel team was informed about a possible digital skimmer that may be present on an unnamed e-commerce website. JJ Josing, Principal Threat Researcher at the RH-ISAC, started his initial investigation into this incident. Our investigation discovered a script block containing heavily obfuscated JavaScript in the HTML of the checkout…
Read More
Summary A ransomware attack on Blue Yonder, a supply chain software provider for major supermarkets and fast-moving consumer goods (FMCG) suppliers, has severely disrupted operations. Blue Yonder confirmed the attack impacted its private cloud services, which support demand forecasting, automated ordering, and warehouse and supply management. A task force, alongside with third-party cybersecurity firms, is…
Read More
Summary In early October 2024, EclecticIQ analysts discovered a large-scale phishing campaign targeting e-commerce shoppers in Europe and the USA. This campaign, which capitalized on the heightened online shopping activity around Black Friday, is believed to have been orchestrated by a Chinese financially motivated threat actor, referred to as SilkSpecter. The campaign enticed victims with fake discounted…
Read More
The battle between humans and bots is heating up, with Black Friday and Cyber Monday standing as prime targets. Some “Black Friday” holiday shopping events have already begun. Based on Kasada’s 2023 findings, the trends observed last year offer valuable insights and preparation strategies for 2024. With threat actors more sophisticated than ever, retailers must…
Read More
Executive Summary Researchers from ClearSky Cyber Security has uncovered a new cyber espionage campaign attributed to TA455, a subgroup of the Iranian cyber threat actor known as Charming Kitten (also known as APT35). The cyber espionage campaign, which has been active since at least September 2023, has targeted critical industry sector entities in the aerospace, aviation, and…
Read More
