Magecart hits again, leveraging compromised sites and newly registered domains

During alert monitoring, ThreatLabZ researchers came across multiple cases of shopping sites being compromised and injected with a skimming script. This injected script looks for the payment method and personally identifiable information ...
What's Falling Out of Your Wallet: S3 Bucket Vulnerabilities & the CapitalOne Breach

IAM Root: AWS IAM Simulator Tutorial

If you needed yet another reason to be paranoid about your personal information being exposed, the recent Capital One breach should be sufficient nightmare fuel for you. This is even more supporting ...

Magecart activity and campaign enhancements

Magecart is a hacker group known for skimming credit or debit card details by injecting malicious JavaScript code into e-commerce sites. Back in September 2018, the Zscaler ThreatLabZ research team published a ...

Malicious JavaScript injected into WordPress sites using the latest plugin vulnerability

WordPress is by far the most popular content management system (CMS) and, because of its wide usage, it is also popular among cybercriminals. Most of the WordPress sites that have been compromised ...

Abuse of hidden “well-known” directory in HTTPS sites

WordPress and Joomla are among the most popular Content Management Systems (CMSs). They have also become popular for malicious actors, as cybercriminals target sites on these platforms for hacking and injecting malicious ...
Alert Service Compromised to Send Out Spam Message

Alert Service Compromised to Send Out Spam Message

An unknown individual compromised an alert service and abused their access to send out a spam message to some of the service’s customers. The Queenland Early Warning Network (EWN) alert service disclosed ...

Black Friday & Cyber Monday Deals: Phishing and Site Skimmers

It’s that time of year again! The most glorious of shopping seasons has arrived, and users have commenced their annual tradition of flooding e-stores in search of the best deals that their ...

Magecart campaign remains active

| | Compromise, Malware
The Zscaler ThreatLabZ team has been tracking the Magecart campaign for several months. Magecart is a notorious hacker group that has been responsible for large attacks on the e-commerce sites of well-known ...

Spam campaigns leveraging .tk domains

For the last couple quarters, the Zscaler ThreatLabZ research team has been closely monitoring services that provide free domain names. We’ve identified a campaign utilizing '.tk' TLD (top level domain) domains that ...
Red Hen website suffers SEO spam compromise

Red Hen website suffers SEO spam compromise

A website belonging to an eatery currently making waves in the news has been compromised with SEO spam. We take a look at what's happened, and explain what the hackers are up ...
Loading...