Recently, The American Cancer Society's online store was hacked. According to this article https://www.pymnts.com/news/security-and-risk/2019/malicious-malware-detected-on-american-cancer-society-ecomm-site/ the online store was infected with malware that was buried deep in the website's code that was meant to look like analytics code, but was actually malicious code intended to "scrape credit card numbers for sale on the dark web or other malicious activities." The group behind the attack is known as Magecart, and has carried out similar attacks in the past on other companies like Newegg and British Airways. They are based out of Russia, and the domain used is registered in Moscow. The code has since been removed, but it is recommended that anyone who has recently used the American Cancer Society's online store should contact their payments provider and take necessary actions to safeguard their finances. It is not yet known how the attack was carried out, as it is still undergoing investigation.

A mechanical keylogger for typewriters was used by the soviets on IBM typewriters!  Great bit of history and engineering.

https://arstechnica.com/information-technology/2015/10/how-soviets-used-ibm-selectric-keyloggers-to-spy-on-us-diplomats/

QNAP NAS devices in Germany getting infected by malware named "Qsnatch".
The malware strain was spotted by researchers at the National Cyber Security Centre in Finland, after receiving reports from the "Autoreporter Service" of infected NAS devices trying to communicate with the C2 server.
"QSnatch" gets its name based on targeting QNAP Devices and snatching information.
The malware injects itself into QNAP's devices firmware and then proceeds to steal credentials as well as load malicious code from the C2 server, Roughly infecting 7,000 NAS devices.

After the malware already being injected, The device is compromised and will attempt to download a payload from the C2 server and all its information will be sent back to the C2 server as well as preventing the "Malware Remover App" from running throughout the process.

- Victor Trujillo

https://www.bleepingcomputer.com/news/security/qsnatch-malware-infects-thousands-of-nas-devices-steals-credentials/
 

This is a recent article discussing Amazon's continuing battle against phishing. The most recent hacking attempts have seen the use of 16Shop, malware that has been previously used against mac users. The phishing kit unleashes over 200 URLs that take users to a rather convincing fake website where they unwittingly input private data. These can be difficult to combat because as some fake URLs are taken down, more keep popping up. 

Derek D
https://www.scmagazineuk.com/shoppers-warned-fake-amazon-website-prime-day-2019-starts/article/1590972