Media and Entertainment
ABS-CBN Sites Compromised By MageCart Skimmer, China Arrests Suspect For Huazhu Group Data Breach
18 - 25 September 2018
ABS-CBN, one of the largest media and entertainment groups in the Philippines, took down two of its online shopping sites last week after they were found infected by the MageCart skimmer.

ABS-CBN, one of the largest media and entertainment groups in the Philippines, took down two of its online shopping sites last week after they were found infected by the MageCart skimmer. The payment skimmer had been installed on the sites since August and the personal and payment data of more than 200 customers were sent to Russian servers. The skimmer has been used by MageCart, a threat actor active since 2015, to siphon payment card information using malicious scripts. Other former victims of MageCart skimmer infection include the British Airways, TicketMaster and Feedify.
n addition, China has arrested a 30-year-old suspect on suspicion of hacking and siphoning customer data from hotels under Huazhu Group and attempting to sell it on overseas websites. Huazhu Group, one of China’s largest hoteliers, had made a police report in August after confidential information like guest membership information, personal IDs, email addresses, and check-in records were being sold online. Investigations are ongoing.
References:
[1] ABS-CBN sites hacked; customer data stolen
[2] China arrests suspect for customer data leak at hotel operator Huazhu
n addition, China has arrested a 30-year-old suspect on suspicion of hacking and siphoning customer data from hotels under Huazhu Group and attempting to sell it on overseas websites. Huazhu Group, one of China’s largest hoteliers, had made a police report in August after confidential information like guest membership information, personal IDs, email addresses, and check-in records were being sold online. Investigations are ongoing.
References:
[1] ABS-CBN sites hacked; customer data stolen
[2] China arrests suspect for customer data leak at hotel operator Huazhu
More Weekly Cyber Newsanalysis and insights

Weekly Comments
MageCart skimmer attacks continue to be in the limelight this week. Online tech retailer Newegg and ABS-CBN, one of the largest media and entertainment groups in the Philippines, are the latest MageCart victims after attackers injected the skimmer on their websites to pilfer credit card details.

Financial Aid Office of U.S. Department of Education Hit By Phishing Attack
The U.S. Department of Education’s financial aid office was hit by a phishing campaign that attempted to obtain access to student accounts at several colleges.

KrisFlyer Air Miles Sold in Dark Web Marketplaces, Chinese Police Arrest 21 Over Data Theft at Alibaba’s Delivery Arm
Comparitech, a UK tech research company, found several dark web marketplaces peddling frequent flyer miles from airline reward programmes, including Kris Flyer, Delta SkyMiles, and British Airways.

Suspected Pegasus Spyware Infection Found in Singapore, ICA Warns of Fake Visa Application Site
Researchers found suspected infection of the Pegasus spyware in 45 countries, including Singapore.

Fake Bitcoin Sites Use Names of Singapore Leaders to Solicit Investments, Japan’s Cryptocurrency Exchange Loses US$62 Million In Hack
The Monetary Authority of Singapore (MAS) found three fake bitcoin sites that were using the names of Singapore leaders–Prime Minister Lee Hsien Loong and Deputy Prime Minister Tharman Shanmugaratnam–to solicit investments.

SingHealth Cyber Attacker Entered Network In August Last Year, TheDarkOverLord Resurfaces With Stolen Patient Records
Further investigation into the cyberattack on SingHealth, which compromised the personal and health data of 1.5 million patients, showed that the attacker had entered the healthcare group’s network as early as August last year by infecting workstations with malware.
Ensign Consulting
Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.
Ensign Systems Integration
Architecting and implementing cybersecurity solutions that bolster defences
Ensign Managed Security Services
Managing your security operations for advanced threat detection, continuous monitoring, and triage services
Ensign Labs
Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence