17Apr-25
Inside the Attack: The Javascript Code Behind Credit Card Theft
Introduction
This paper will describe the analysis of a JavaScript script found during the activities of the Incident Response Team. The script found turned out to be designed to steal credit card data to exfiltrate sensitive information during online transactions on an e-commerce site. The script was later found to be connected to a type of attack known as “web skimming”...
13Feb-25
The rise of Savastan0: a look into a growing carding marketplace
Introduction
Carding is a sort of fraud in which unauthorized individuals, referred to as "carders," utilize stolen payment card information for their own benefit. This can involve not only making unlawful withdrawals and transactions, but also selling card information to other criminals in order to make money. First of all, it is useful giving a look to carding main terminology: Fullz: it...
20Jan-25
Zyxel vulnerability exploited by “Helldown” ransomware group
Introduction
As Yarix's Incident Response Team, our responsibilities are to manage critical issues related to cyber-attacks carried out by cybercriminals, intervening promptly in order to guarantee security to victim companies and to minimize latent risks, analyzing the systems within their infrastructures and indicating precise remediation actions capable of re-establishing a state of security sufficient for normal operational recovery. In the course of...
5Dec-24