Blog

On 3 December 2024, the RH-ISAC intel team was informed about a possible digital skimmer that may be present on an unnamed e-commerce website. JJ Josing, Principal Threat Researcher at the RH-ISAC, started his initial investigation into this incident. Our investigation discovered a script block containing heavily obfuscated JavaScript in the HTML of the checkout…

Summary A ransomware attack on Blue Yonder, a supply chain software provider for major supermarkets and fast-moving consumer goods (FMCG) suppliers, has severely disrupted operations. Blue Yonder confirmed the attack impacted its private cloud services, which support demand forecasting, automated ordering, and warehouse and supply management. A task force, alongside with third-party cybersecurity firms, is…

Summary In early October 2024, EclecticIQ analysts discovered a large-scale phishing campaign targeting e-commerce shoppers in Europe and the USA. This campaign, which capitalized on the heightened online shopping activity around Black Friday, is believed to have been orchestrated by a Chinese financially motivated threat actor, referred to as SilkSpecter. The campaign enticed victims with fake discounted…

The battle between humans and bots is heating up, with Black Friday and Cyber Monday standing as prime targets. Some “Black Friday” holiday shopping events have already begun. Based on Kasada’s 2023 findings, the trends observed last year offer valuable insights and preparation strategies for 2024. With threat actors more sophisticated than ever, retailers must…

Executive Summary Researchers from ClearSky Cyber Security has uncovered a new cyber espionage campaign attributed to TA455, a subgroup of the Iranian cyber threat actor known as Charming Kitten (also known as APT35). The cyber espionage campaign, which has been active since at least September 2023, has targeted critical industry sector entities in the aerospace, aviation, and…

As the holiday shopping season approaches, the 2024  Trustwave Risk Radar Report: Retail Sector highlights a growing threat to the retail sector. Cybercriminals have refined their tactics, preparing to launch ransomware and phishing attacks that exploit well-known online brands. These attacks aim to defraud retailers and consumers, with the skills gained being used to infiltrate…

The standards and best practices document provide a high-level overview of the twenty most critical cybersecurity controls hoteliers, online travel agencies (OTAs), and connectivity providers should focus on, particularly highlighting identity and access management (IAM) best practices, which can act as critical barriers for many prevalent fraud operations. Download the document here. The standards and…

Summary Since October 22, 2024, Microsoft Threat Intelligence has observed recorded activity of the Russian threat actor known as Midnight Blizzard conducting a sophisticated spear-phishing campaign aimed at individuals in various sectors, including government, academia, defense, and non-governmental organizations. This ongoing activity involves sending highly targeted emails, which include a signed Remote Desktop Protocol (RDP) configuration file…

In today’s digital landscape, hotels face increasing cybersecurity risks that can jeopardize guest data and damage brand reputation. Regular penetration testing has become an essential practice for hotels to identify vulnerabilities, ensure compliance, and maintain a strong security posture. This article explores the importance of penetration testing for hotels and guides on implementing an effective…

Summary A significant data breach involving Hot Topic, Torrid, and Box Lunch, advertised by the threat actor Satanic, has reportedly exposed the personal data of 350 million customers, including names, emails, addresses, phone numbers, and birthdates, billions of payment details and loyalty points, including the last 4 digits of customers’ credit cards, card types, hashed…