{"id":28769,"date":"2019-07-12T09:04:04","date_gmt":"2019-07-12T15:04:04","guid":{"rendered":"https://www.webroot.com/blog/?p=28769"},"modified":"2019-07-12T09:38:50","modified_gmt":"2019-07-12T15:38:50","slug":"cyber-news-rundown-major-spike-in-magecart-attacks","status":"publish","type":"post","link":"https://www.webroot.com/blog/2019\/07\/12\/cyber-news-rundown-major-spike-in-magecart-attacks\/","title":{"rendered":"Cyber News Rundown: Major Spike in Magecart Attacks"},"content":{"rendered":"\n<h2>Magecart Attacks See Spike in Automation<\/h2>\n\n\n\n<p>The latest attack in the long string of <a href=\"https:\/\/www.infosecurity-magazine.com\/news\/magecart-blitz-stuns-962-ecommerce\/\">Magecart\nbreaches<\/a> has apparently affected over 900 e-commerce sites in under 24\nhours. This increase over the previous attack, which affected 700 sites, suggests\nthat its authors are working on improving the automation of these information-stealing\nattacks. The results of these types of attacks can be seen in the latest major\nfines being issued under GDPR, including one to Marriott for $123 million and\nanother to British Airways for a whopping $230.5 million. <\/p>\n\n\n\n<h2>Agent Smith Android Malvertiser Spotted<\/h2>\n\n\n\n<p>Researchers have been tracking the resurgence of an <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/25-million-android-devices-infected-by-agent-smith-malware\/\">Android-based\nmalware campaign<\/a> that disguises itself as any number of legitimate\napplications to deliver spam advertisements. After being installed from a\nthird-party app store, the malware checks both a hardcoded list and the command-and-control\nserver for available apps to swap out for malicious copies, without alerting\nthe device owner. The majority of targeted devices have been located in southwestern\nAsia, with other attacks showing up in both Europe and North America.<\/p>\n\n\n\n<h2>Third Florida City Faces Ransomware Attack<\/h2>\n\n\n\n<p>Almost exactly one month after the <a href=\"https:\/\/arstechnica.com\/information-technology\/2019\/06\/is-there-something-in-the-water-third-florida-city-hit-by-ransomware\/\">ransomware\nattack<\/a> on Lake City, Florida, a third Florida city is being faced a hefty\nBitcoin ransom to restore their systems after discovering a variant of the Ryuk\nransomware. Similar to the prior two attacks, this one began with an employee\nopening a malicious link from an email, allowing the malware to spread through connected\nsystems. It is still unclear if the city will follow the others and pay the ransom.\n<\/p>\n\n\n\n<h2>British Airways Receives Record GDPR Fine<\/h2>\n\n\n\n<p>Following a data breach last year that affected over 500,000\ncustomers, British Airways has been hit with a total fine amount of <a href=\"https:\/\/threatpost.com\/post-data-breach-british-airways-slapped-with-record-230m-fine\/146272\/\">$230.5\nmillion<\/a>. The amount is being seen as a warning to other companies regarding\nthe severity of not keeping customer data safe, though it\u2019s still much less\nthan the maximum fine amount of up to 4% of the company\u2019s annual turnover.<\/p>\n\n\n\n<h2>Georgia Court System Narrowly Avoids Ransomware Attack<\/h2>\n\n\n\n<p>Thanks to the quick work of the IT team from <a href=\"https:\/\/arstechnica.com\/information-technology\/2019\/07\/georgia-courts-systems-recovering-from-apparent-ryuk-ransomware\/\">Georgia\u2019s\nAdministrative Office of the Courts (AOC)<\/a>, a ransomware attack that hit\ntheir systems was swiftly isolated, leading to minimal damage. Even more\nfortunate for the AOC, the only server that was affected was an applications\nserver used by some courts but which shouldn\u2019t disrupt normal court\nproceedings. Just days after the initial attack, the IT teams (aided by\nmultiple law enforcement agencies) were already in the process of returning to\nnormal operations without paying a ransom. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Magecart Attacks See Spike in Automation The latest attack in the long string of Magecart breaches has apparently affected over 900 e-commerce sites in under 24 hours. This increase over the previous attack, which affected 700 sites, suggests that its authors are working on improving the automation of these information-stealing attacks. The results of these [&hellip;]<\/p>\n","protected":false},"author":47,"featured_media":28771,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3005],"tags":[21936,21940,21943,21944],"yst_prominent_words":[3873,11841,22201,3563,3565,12335,12331,19613,23845,24747,24751,24745,3477,5423,3937,5103,4397,5003,24749,24743],"acf":[],"_links":{"self":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/28769"}],"collection":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/users\/47"}],"replies":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/comments?post=28769"}],"version-history":[{"count":2,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/28769\/revisions"}],"predecessor-version":[{"id":28775,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/28769\/revisions\/28775"}],"wp:featuredmedia":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/media\/28771"}],"wp:attachment":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/media?parent=28769"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/categories?post=28769"},{"taxonomy":"post_tag","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/tags?post=28769"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/yst_prominent_words?post=28769"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}