In late May 2024, Unit 42 researchers observed an adversary compromising multiple web servers to gain access to the environment of a multinational organization headquartered in North America.
Based on overlaps in adversary infrastructure and tools, as well as tactics, techniques and procedures (TTPs), it’s possible to attribute the activity identified to the same threat actor behind the Silent Skimmer campaign. In September 2023, an online payment scraping campaign was uncovered and dubbed Silent Skimmer. Since then, there has been little to no news of Silent Skimmer – until now.
Read more…
Source: Palo Alto Unit 42
Related:
- Court-Authorized Operation Disrupts Worldwide Botnet Used by People’s Republic of China State-Sponsored Hackers
September 18, 2024
The Justice Department today announced a court-authorized law enforcement operation that disrupted a botnet consisting of more than 200,000 consumer devices in the United States and worldwide. As described in court documents unsealed in the Western District of Pennsylvania, the botnet devices were infected by People’s Republic of China (PRC) state-sponsored hackers working for Integrity ...
- Lebanon: Nine killed, 300 wounded in a new wave of explosions across the country
September 18, 2024
At least nine people have been killed and 300 were wounded in Lebanon in a new wave of blasts related to communication devices, the Health Ministry has said, a day after thousands of pagers used by Hezbollah detonated across the country. Multiple explosions were reported across Lebanon on Wednesday, with state-run National News Agency saying that ...
- iPadOS 18 is bricking some iPad Pro 2024 units, leading Apple to pull the update
September 18, 2024
iPadOS 18 recently landed alongside iOS 18, adding all sorts of tweaks, improvements, and new features to Apple’s tablets, but if you have one of Apple’s latest iPads, you won’t be able to download it right now. Initially, iPadOS 18 was available for the iPad Pro 11-inch (2024) and the iPad Pro 13-inch (2024), but ...
- Almost 500GB of data allegedly leaked in RansomHub attack on Kawasaki
September 18, 2024
Kawasaki Motors Europe (KME) recently released a statement confirming it was the victim of a cyber attack. The attack caused significant service disruptions as the cybercriminals threatened to release stolen data. KME confirmed, “At the start of September, Kawasaki Motors Europe (KME) was the subject of a cyberattack which, although not successful, resulted in the company’s ...
- Nine killed, 2,750 wounded across Lebanon as Hezbollah pagers explode
September 17, 2024
At least nine people were killed and about 2,750 were wounded by exploding handheld pagers across Lebanon, the country’s health minister has said. Firass Abiad said that an eight-year-old girl was among those killed and that more than 200 people are in critical condition after the communication devices exploded on Tuesday, with injuries mostly reported to ...
- Cyber threats continue to plague Philippine financial institutions
September 17, 2024
The financial industry remains a prime target for cyberattacks, despite the Bangko Sentral ng Pilipinas’ (BSP) new framework to enhance cyber resilience, a global cybersecurity and digital privacy company has warned. Kaspersky, a cybersecurity firm, reported that the finance sector experiences the highest losses due to online fraud, as scammers increasingly exploit customer data for account ...