all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Behind the Google shopping ad masks. [Research Saturday]

Add to bookmarks
Sept. 23, 2023, 7 a.m. | N2K Networks

CyberWire Daily thecyberwire.com

Maxim Zavodchik from Akamai joins Dave to discuss their research on "Xurum: New Magento Campaign Discovered." Akamai researchers have discovered an ongoing server-side template injection campaign that is exploiting digital commerce websites. This campaign targets Magento 2 shops, and was dubbed Xurum in reference to the domain name of the attacker’s command and control (C2) server. 
The research states "The attacker uses an advanced web shell named “wso-ng” that is activated only when the attacker sends the cookie “magemojo000” to …

akamai attacker campaign command commerce dave digital discuss domain domain name exploiting google injection magento masks name reference research researchers server shopping template template injection websites xurum

Visit resource

More from thecyberwire.com / CyberWire Daily

Retirement plan breach shakes financial giant. 22 hours ago | thecyberwire.com
biden breach called cornell +24
Ransomware is just a prescription for chaos. 1 day, 22 hours ago | thecyberwire.com
addresses benefits breach carriers +27
An unprecedented surge in credential stuffing. 2 days, 22 hours ago | thecyberwire.com
as-a-service bank botnet ceo +33
Encore: Jack Rhysider: Get your experience points in everything. [Media] [Career Notes] 4 days, 12 hours ago | thecyberwire.com
career computer darknet darknet diaries +19
Cerber ransomware strikes Linux. [Research Saturday] 5 days, 12 hours ago | thecyberwire.com
application cado security cerber cerber ransomware +16
Kaiser Permanente's privacy predicament. 5 days, 22 hours ago | thecyberwire.com
breaches cisa cobalt cobalt strike +35
Cyber Talent Insights: Strengthening the cyber talent pipeline apparatus. (Part 3 of 3) [Special Edition] 6 days, 14 hours ago | thecyberwire.com
center changing conversation cyber +17
Cyber Talent Insights: Strengthening the cyber talent pipeline apparatus. (Part 3 of 3) [Special Edition] 6 days, 14 hours ago | thecyberwire.com
center changing conversation cyber +17
The shadowy adversary in Cisco's crosshairs. 6 days, 22 hours ago | thecyberwire.com
adaptive security adversary amazon amazon ring +35

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

DevSecOps Engineer

@ LinQuest | Beavercreek, Ohio, United States
View on infosec-jobs.com

Senior Developer, Vulnerability Collections (Contractor)

@ SecurityScorecard | Remote (Turkey or Latin America)
View on infosec-jobs.com

Cyber Security Intern 03416 NWSOL

@ North Wind Group | RICHLAND, WA
View on infosec-jobs.com

Senior Cybersecurity Process Engineer

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com

Sr. Manager, Cybersecurity and Info Security

@ AESC | Smyrna, TN 37167, Smyrna, TN, US | Santa Clara, CA 95054, Santa Clara, CA, US | Florence, SC 29501, Florence, SC, US | Bowling Green, KY 42101, Bowling Green, KY, US
View on infosec-jobs.com
View more jobs