Rewterz

Rewterz Threat Alert – A New Class of Bugs Affecting Windows and its Drivers

March 21, 2019
Rewterz

Rewterz Threat Advisory – Oracle Solaris Multiple Third Party Components Multiple Vulnerabilities

March 22, 2019

Rewterz Threat Alert – Two new Magecart Data Breaches – IoCs

Severity

Medium

Analysis Summary

Two Magecart-related breaches have been observed involving credit card fraud. One of these has been resolved but was never disclosed while the other is still in process.

In both cases, the potential victims of credit card fraud, the consumers, have not been informed.

Impact

Credit card fraud

Indicators of Compromise

IP(s) / Hostname(s) secure[.]livechatinc[.]org
www[.]cdnmage[.]com
www[.]js-cloud[.]com
www[.]magescripts[.]pw
URLs cdnassels[.]com
cdnmage[.]com
cmytuok[.]top
configsysrc[.]info
hxxp[:]//magescripts[.]pw/ext-payment[.]js
hxxps[:]//mypiltow[.]com/js/mage/bundle[.]js
hxxps[:]//secure[.]livechatinc[.]org/license/9655505/v2/get_dynamic_config[.]js
js-cloud[.]com
magejavascripts[.]com
magescripts[.]pw
magesecuritys[.]com
mcloudjs[.]com
mypiltow[.]com

Remediation

Block the threat indicators at their respective controls..

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.