Magecart Attackers Save Stolen Credit-Card Data in .JPG File
Magecart attackers have found a new way to hide their nefarious online activity by saving data they’ve skimmed from credit cards online into a fake .JPG file on a website they’ve injected with malicious code.
RMIT attack underlines need to train all staff in cyber safety
The start of the first semester at RMIT has been interrupted by the latest cyberattack on an Australian university. The alleged phishing assault – which involves tricking the receiver of an email or other
message into allowing the perpetrator access to the IT infrastructure – emphasises the importance of cybersecurity awareness training for all employees.
Almost half of Australia’s top twenty universities appear to have had no set protection in place against hackers trying to trick their staff and students to take over their computer system for malicious use.
FBI warns of the PYSA ransomware operators targeting US & UK Education Sector in an extortion
Cybercriminals have recently targeted K-12 schools and colleges with PYSA ransomware, using stolen
files to secure ransom payments. The Federal Bureau of Investigations (FBI) released a 'flash warning'
earlier this week, noting that the malicious campaign has already infected the twelve US States and the United Kingdom.
PYSA/Mespinoza can obtain access to victims' networks through phishing campaigns or brute-forced Remote Desktop Protocol (RDP) credentials.
The threat-actors behind this ransomware were also found to perform network reconnaissance using
open-source software like Advanced Port Scanner and Advanced IP Scanner before installing and
detonating the ransomware payload. They also mount other software to elevate rights and transfer
laterally, such as Mimikatz, Koadic, and PowerShell Empire. The ransomware was already spotted on the dark web in 2019, which was initially used to target prominent corporations.