In late May 2024, Unit 42 researchers observed an adversary compromising multiple web servers to gain access to the environment of a multinational organization headquartered in North America.
Based on overlaps in adversary infrastructure and tools, as well as tactics, techniques and procedures (TTPs), it’s possible to attribute the activity identified to the same threat actor behind the Silent Skimmer campaign. In September 2023, an online payment scraping campaign was uncovered and dubbed Silent Skimmer. Since then, there has been little to no news of Silent Skimmer – until now.
Read more…
Source: Palo Alto Unit 42
Related:
- International Criminal Court hit with cyber security attack
June 30, 2025
The International Criminal Court has been targeted by a “sophisticated” cyberattack and is taking measures to limit any damage, the global tribunal announced Monday. The ICC, which also was hit by a cyberattack in 2023, said the latest incident had been contained but did not elaborate further on the impact or possible motive. “A Court-wide impact ...
- Konica Minolta bizhub Multifunction Printer: Pass-Back Attack Vulnerability (NOT FIXED)
June 30, 2025
During security testing, Rapid7 discovered that Konica Minolta bizhub 227 Multifunction printers (MFPs) were vulnerable to a pass-back attack. The affected products identified were: Konica Minolta bizhub MFPs Firmware Version: GCQ-Y3 and earlier This issue has been assigned the following CVEs: CVE-2025-6081: LDAP pass-back vulnerability The Konica Minolta bizhub Multifunction printer (MFP) is an all-in-one enterprise printer designed ...
- Bluetooth security flaw could let hackers spy on your device via microphone
June 30, 2025
Security researchers have uncovered three vulnerabilities in a Bluetooth chipset present in dozens of devices from multiple manufacturers. The vulnerabilities, they say, can be exploited to eavesdrop on people’s conversations, steal call history and contacts information, and possibly even deploy malware on vulnerable devices. However, exploiting the flaws for these purposes is quite difficult, so practical ...
- Hackers hijacked hundreds of devices in an outlandish intel campaign aimed at US and Asian targets
June 29, 2025
A recently disclosed cyber espionage operation, dubbed LapDogs, has drawn scrutiny following revelations from SecurityScorecard’s Strike Team. The operation, believed to be conducted by China-aligned threat actors, has quietly infiltrated over 1,000 devices across the United States, Japan, South Korea, Taiwan, and Hong Kong. What makes this campaign distinctive is its use of hijacked SOHO routers ...
- Hacktivist groups led a massive surge in DDoS on US businesses following an attack on Iran
June 28, 2025
An abrupt and massive rise in Distributed Denial of Service (DDoS) attacks against U.S. businesses has coincided with Washington’s involvement in the Israel-Iran conflict. According to Radware’s Director of Threat Intelligence, Pascal Geenens, between June 21 and 22, 2025, hacktivist-led DDoS claims surged by 800%. This dramatic increase was paralleled by a 900% drop in ...
- FBI, cybersecurity firms say a prolific hacking crew is now targeting airlines and the transportation sector
June 28, 2025
The FBI and cybersecurity firms are warning that the prolific hacking group known as Scattered Spider is now targeting airlines and the transportation sector. In a brief statement on Friday shared with TechCrunch, the FBI said it had “recently observed” cyberattacks resembling Scattered Spider to include the airline sector. Executives from Google’s cybersecurity unit Mandiant and ...