Cybercrime Never Takes a Vacation: Cybersecurity in the Hospitality Industry

The Trustwave SpiderLabs team conducted a multi-month investigation into the cyber threats facing the hospitality industry worldwide and has released a detailed report displaying how threat actors conduct attacks, the methodologies used, and what organizations can do to protect themselves from specific types of attacks. The report, 2023 Hospitality Sector Threat Landscape: Trustwave Threat Intelligence…

Read More

MetaStealer Family of Go Infostealers Targeting Businesses Using macOS

On September 11, 2023, SentinelOne researchers reported the technical details a campaign targeting unspecified businesses that operate macOS in their environments with a series of infostealers written in Go they dubbed the “MetaStealer” family. Context According to the report, the campaign has been “proactively targeting macOS businesses by posing as fake clients in order to…

Read More

“Spacecolon” Toolkit Used to Target Multiple Industries with Scarab Ransomware, including Hospitality and Entertainment Organizations

Context On August 22, 2023, researchers at ESET released the technical details of the Spacecolon toolset, which they observed being leveraged in multiple campaigns to deploy the Scarab ransomware against multiple industries. According to the report, the campaigns are not specifically targeted, but are opportunistic in nature. Known targets include “a hospital and a tourist…

Read More

Raccoon Stealer Returns from Hiatus with Updated Version

On August 14, 2023, the threat actor managing Raccoon Stealer announced the return of the tool after a six-month break, as well as an updated version 2.3.0 with updates based on “feedback and analysis of customer requirements and market trends.” Context On August 15, 2023, researchers at Cyberint reported technical details of a resurgent campaign…

Read More

eCommerce Sites Targeted in Active Campaign via Magento 2 Exploit

Context On August 9, 2023, Akamai researchers reported a campaign they dubbed “Xurum,” which leverages the “patched critical security flaw (CVE-2022-24086, CVSS score: 9.8) in Adobe Commerce and Magento Open Source that, if successfully exploited, could lead to arbitrary code execution.” Technical Details Key takeaways from the Akamai report include: “We have observed activity in…

Read More