Security Spotlight: Navigating the Cybersecurity Landscape and Illuminating the Dark Corners of the Web

WME Cybersecurity Briefings No. 005

E-Commerce Security Alert: Unveiling Magecart’s Persistent Backdoor


Malicious activities by Magecart attackers have been reported. They are targeting Shopify’s content delivery network (CDN) by creating fake Shopify stores. The backdoor method has enabled them to intercept payment details from thousands of victims.


  • Utilizing Shopify and Cloudflare CDN lends an unwarranted layer of trust to the fake checkout forms.
  • The backdoor potentially affects thousands of users worldwide.
  • The ability to manipulate Shopify’s CDN highlights high technical sophistication.
  • This maneuver illustrates Magecart’s evolving tactics or credit card skimming operations.


It’s essential for e-com platforms and their users to adopt stringent security measures:

  • Continuous Monitoring
  • Vendor Verification
  • Enhanced User Awareness
  • And Others

Cyber Assault on Albania’s Digital Gateway


Albania faced a “wide and complex” cyberattack targeting govt. infrastructure and public online services. The incident marked a huge disruption, precisely mirroring tactics used in other EU countries.


  • The attack initially manifested itself as ransomware and spanned several days.
  • Hackers used the same methodologies observed in Belgium, Germany, Lithuania, Malta, the Netherlands, and Ukraine.
  • Despite the attack’s severity, rapid response and detection mechanisms ensured the integrity of systems and prevented data loss.


For entities facing similar threats:

  • Implement robust detection & response systems.
  • Regularly patch systems.
  • Collaborate with cybersecurity experts.

Rising Threat: JSOutProx Malware Wave Hits Hard


JSOutProx is a sophisticated malware campaign, targeting a broad spectrum of victims. This wave signifies a notable escalation in cyber threats as these threat actors leverage advanced tactics to compromise systems.


  • Widespread Targets: JSOutProx exhibits a global threat footprint, indiscriminately targeting organizations across industries.
  • Advanced Techniques: They use state-of-the-art evasion and propagation methods. JSOutProx can bypass any traditional security measures.
  • Significant Consequences: The potential impacts include data theft, system compromise, and financial loss, among others.


  • We urge organizations to review their cybersecurity posture. Educate staff on the importance of vigilance, particularly regarding phishing attempts. That said, you are advised to utilize advanced security tools like antivirus solutions and behavior analysis tools.

Expansive Cyber Espionage Efforts Linked to China


Recent investigations uncover extensive cyber espionage activities orchestrated by China-linked groups. They’ve been targeting sectors across 17 nations for over three years. The operations are aiming to steal intellectual property and sensitive govt. and military info.


  • Global Reach: Attacks span Asia, Europe, and North America, affecting academia, aerospace, government, and research sectors.
  • Sophisticated Tactics: Advanced malware and social engineering to infiltrate systems.
  • Strategic Targets: Emphasis on govt. targets for intelligence gathering and economic espionage.


To mitigate risks, organizations should enhance detection and response capabilities. Train staff on responding to social engineering attacks. That said, collaborate with international cybersecurity communities for timely threat intelligence sharing

Critical Vulnerability Alert for Cisco Small Business Routers



Cisco’s Small Business Routers identified a series of critical vulnerabilities, specifically impacting models RV110W, RV130, RV130W, and RV215W. The flaws, if exploited, could enable remote attackers to gain full control of the affected devices. They could execute arbitrary code with root privileges.



The identified vulnerabilities pose a big risk:

CVE-2020-3330: Allows full device control using a static password.

CVE-2020-3323: Enables arbitrary code execution through HTTP requests.

CVE-2020-3144: Permits bypassing of authentication for admin privileges.


Cisco has released patches for the affected devices. They have advised users to apply these updates to protect their networks. If your devices have reached end-of-life and are unable to be patched, consider replacing them.

University of Cambridge Medical School Systems Disrupted


The University of Cambridge experiences a cybersecurity incident affecting its Medical School’s computing services. This incident was identified last month, and so far, has led to huge disruptions in IT services. It’s affecting several departments linked to the Clinical School Computing Service (CSCS). A Critical Incident Management Team is managing the response, and the university is implementing business continuity plans to minimize disruption.


The situation is a critical reminder of the vulnerabilities present in digital infrastructure, particularly in prestigious research institutions. It highlights the importance of cybersecurity vigilance and the swift action required to mitigate such threats.

  • The attack targeted IT services provided by CSCS, leading to a forced shutdown of critical systems to contain the breach.
  • Notable disruptions to the work and documents of staff/students, impacting over 5,800 devices.
  • The Zoology Department, Sainsbury Laboratory, Stem Cell Institute, and Milner Institute faced disruptions.
  • The university has taken immediate measures to contain the incident, with some services still offline.


  • Staff/students should follow best security practices i.e. MFA, strong passwords, etc.
  • Immediate password changes are advised if unauthorized access is detected.

Windows Management Experts

Now A Microsoft Solutions Partner for:  

  • Data & AI
  • Digital and App Innovation
  • Infrastructure
  • Security

The Solutions Partner badge highlights WME’s excellence and commitment. Microsoft’s thorough evaluation ensures we’re skilled, deliver successful projects, and prioritize security over everything. This positions WME in a global tech community, ready to innovate on the cloud for your evolving business needs.

Microsoft Solutions Partner Logos - Data & AI PNG
Microsoft Solutions Partner Logos - Digital & App Innovation PNG
Microsoft Solutions Partner Logos - Infrastructure PNG
Microsoft Solutions Partner Logos - Security PNG

Why not reach out to us at WME?

Contact us and let us transform your business’s security into a strategic advantage for your business. Be sure, with WME, you’re just beginning a path toward a more streamlined and secure future.

501 Cambria Ave. STE #384,
Bensalem, PA 19020

Phone: (888) 307-0133
Press 1 at the Menu

WME Cybersecurity Briefings

Footer - 2023-11-07
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.