Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Login or Register to Hide ads and Accessing all features on the forum
Navigation:   Red Security General News News Credit-Card Skimmer Has Unlikely Target: Microsoft ASP.NET Sites

News 

Credit-Card Skimmer Has Unlikely Target: Microsoft ASP.NET Sites

0 Replies, 1588 Views

Mr.Kurd

   07-08-2020, 10:13 AM
::1 Try me
Administrators
#1
Big Grin 
In The Name OF Allah
Al-Salam Alekum

[Image: POS-malware.jpeg]

Good Big Grin 

Quote:A campaign discovered by Malwarebytes Labs in mid-April has lifted credentials from a number of e-commerce portals.


Researchers have identified a credit-card skimming campaign that’s been active since mid-April that has a rather specific and unusual target: ASP.NET-based websites running on Microsoft Internet Information Services (IIS) servers.

New research from Malwarebytes Labs recently uncovered the campaign, which already has compromised at least a dozen websites that range from sports organizations, health and community associations, and a credit union — all via a malicious code injected into existing JavaScript libraries on each of the sites.

The campaign seems to be exploiting an older version of ASP.NET, version 4.0.30319, which is no longer officially supported and contains multiple vulnerabilities, according to the report by Malwarebytes director of threat research Jerome Segura.



The Soruce
Wa Salam Alekum
Rs
* Thankful to Allah *
Kurdy

Messages In This Thread
Credit-Card Skimmer Has Unlikely Target: Microsoft ASP.NET Sites - by Mr.Kurd - 07-08-2020, 10:13 AM

Possibly Related Threads…
Thread Author Replies Views Last Post
Star News WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug News 0 1,818 11-07-2020, 04:13 PM
Last Post: News
Star News Update Windows 10 to patch critical vulnerability in Microsoft store games News 0 1,784 11-06-2020, 04:22 AM
Last Post: News
Star News OAuth Consent Phishing Ramps Up with Microsoft Office 365 Attacks News 1 2,460 10-01-2020, 06:40 PM
Last Post: Mr.Kurd
Star News Microsoft Exchange Server DlpUtils AddTenantDlpPolicy Remote Code Execution - CXSecu News 0 1,533 09-18-2020, 08:12 AM
Last Post: News
Star News Magento Sites Vulnerable to RCE Stemming From Magmi Plugin Flaws News 0 1,555 09-02-2020, 02:17 PM
Last Post: News
Star News Four More Bugs Patched in Microsoft’s Azure Sphere IoT Platform News 0 1,545 08-26-2020, 03:41 AM
Last Post: News
Star News Microsoft Edge Now Alerts Users Of Breached Passwords Mr.Kurd 0 2,363 04-03-2020, 08:09 AM
Last Post: Mr.Kurd
Rainbow News Vulnerability In WPvivid Backup Plugin Could Expose Files Of WordPress Sites Mr.Kurd 0 1,651 04-01-2020, 11:11 AM
Last Post: Mr.Kurd
Rainbow News Microsoft Alerts Users Of Zero-Day RCE Vulnerability In Windows 7 Under Active Exploi Mr.Kurd 0 1,668 03-26-2020, 09:03 AM
Last Post: Mr.Kurd
Exclamation News Hackers Exploiting 2 Unpatched Windows 0-Day Vulnerabilities in Wide – Microsoft Warn Mr.Kurd 0 1,972 03-24-2020, 07:56 AM
Last Post: Mr.Kurd



Users browsing this thread: 1 Guest(s)