TA505 Group Hides Malware in Legitimate Certificates

Data Breach Today

APT Group Targets Banks With Backdoor Malware to Penetrate Networks TA505, a sophisticated advanced persistent threat group, is now using legitimately signed certificates to disguise malware that can penetrate banking networks, security researchers warn in a new report

Groups 208

A Year Later, Cybercrime Groups Still Rampant on Facebook

Krebs on Security

Almost exactly one year ago, KrebsOnSecurity reported that a mere two hours of searching revealed more than 100 Facebook groups with some 300,000 members openly advertising services to support all types of cybercrime, including spam, credit card fraud and identity theft.

Groups 198

Leak Exposes OilRig APT Group's Tools

Data Breach Today

Group, Apparently Backed By Iran, Was Broadening Its Targets, Analysts Say A set of malicious tools, along with a list of potential targets and victims, belonging to an APT group dubbed OilRig has leaked online, exposing some of the organization's methods and goals, analysts say

Groups 197

Microsoft Takes Control of 99 Websites From APT Group

Data Breach Today

Phosphorus Group Waged Spear-Phishing Campaign, Company Reports Microsoft is using its legal muscle to push back against an advanced persistent threat group that is says is "widely associated with Iranian hackers."

Groups 246

'Sea Turtle' DNS Hijacking Group Conducts Espionage: Report

Data Breach Today

Cisco Talos Researchers Describe Group's Methods A nation-state sponsored espionage campaign dubbed "Sea Turtle" has been manipulating the domain name system to target more than 40 organizations, including intelligence agencies - especially in North Africa and the Middle East, Cisco Talos warns.

Groups 225

Groups Offer Ideas for Improving Healthcare Cybersecurity

Data Breach Today

Mark Warner Several industry groups have offered suggestions - ranging from better cyber information sharing to new regulatory "safe harbors" for entities complying with best practices - in response to Sen. Recommendations Made in Response to Request by Sen.

Groups 160

Groups Ask FDA to Rethink Some Medical Device Cyber Proposals

Data Breach Today

But a variety of changes are needed, say some of the healthcare sector companies and groups that submitted feedback to the agency

Groups 224

Magecart Cybercrime Groups Harvest Payment Card Data

Data Breach Today

Researchers say they are tracing at least six active Magecart groups, each with unique infrastructure, skimmers and targeting

Groups 187

Secur Solutions Group data leak exposes 800,000 Singapore blood donors

Security Affairs

Secur Solutions Group data leak – Another clamorous data leak made the headlines, personal information of 808,201 blood donors in Singapore was exposed online. SecurityAffairs – Secur Solutions Group, data breach).

Magecart Cybercrime Groups Mass Harvest Payment Card Data

Data Breach Today

Researchers say they are tracing at least six active Magecart groups, each with unique infrastructure, skimmers and targeting

Groups 238

Russian APT groups target European governments ahead of May Elections

Security Affairs

Russian APT groups are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections. According to experts from FireEye, Russia-linked APT28 (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) and Sandworm Team (also TeleBots ) cyberespionage groups are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections. SecurityAffairs – Russian APT group, cyberespionage).

Nation-State and Crime Groups Keep Blending, Europol Warns

Data Breach Today

More Advanced Attack Tools Easier to Access, Europol's Steven Wilson Warns Distinguishing nation-state attacks from organized crime continues to grow more difficult because some attackers wear both hats, a Europol official reports.

Groups 198

Ransomware, Trojan and Miner together against “PIK-Group”

Security Affairs

Security expert Marco Ramilli analyzed a new piece of malware apparently designed to target PIK-Group that implements ransomware , Trojan, and Miner capabilities. which according to google translate would be: “PIK Group of Companies order details”. SecurityAffairs – PIK Group, hacking).

'Rex Mundi' Hacker Extortion Group: Busted

Data Breach Today

Seven Gang Members Arrested in France, Eighth Busted in Thailand, Police Say Cyber extortion group Rex Mundi has been shut down following the arrest of seven suspects in France and a French national in Thailand, police say.

Groups 161

The Radisson Hotel Group has suffered a data breach

Security Affairs

The hotel chain Radisson Hotel Group suffered a security breach that exposed personal information of the members of its loyalty scheme. The incident has happened on September 11, but the IT staff at the Radisson Hotel Group identified it only on October first.

Groups 103

Lazarus Group Widens Tactics in Cryptocurrency Attacks

Threatpost

Cryptography Government Malware Web Security apt campaign Cryptocurrency Lazarus Group macos users North Korea South Korea widened tactics WindowsMacOS users, as well as Windows, are in the cross-hairs, especially those based in South Korea.

Microsoft says Russian APT28 espionage group hit Democratic Institutions in Europe

Security Affairs

Microsoft says Russian APT28 group carried out multiple cyberattacks on democratic institutions in Europe between September and December 2018. The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Noose Tightens Around Dark Overlord Hacking Group

Data Breach Today

Serbia Makes Arrest; UK Close to Sentencing Another The noose appears to be tightening around the Dark Overlord, a group of international hackers who have stolen and held for ransom sensitive information from dozens of companies, healthcare organizations and U.S.

Groups 144

Symantec: 'Orangeworm' Group Hits Healthcare Organizations

Data Breach Today

Europe and Asia are getting hit with a backdoor that comes from a long-observed group, which Symantec calls Orangeworm. Custom Backdoor Lands on X-Ray and MRI Machines Large healthcare companies in the U.S.,

Groups 139

A Cyber Espionage Group Re-Emerges

Data Breach Today

A group of suspected Chinese cyber espionage actors, dubbed TEMP.Periscope or Leviathan, has re-emerged, targeting the maritime industry as well as others, according to a report from FireEye. FireEye Describes Campaign by Suspected Chinese Actors; Is Asia Next Target?

Groups 134

FIN6 group starts using LockerGoga and Ryuk Ransomware

Security Affairs

Security experts at FireEye observed the financially motivated group FIN6 adding the LockerGoga and Ryuk ransomware to its arsenal. According to cybersecurity experts at FireEye, the FIN6 cybercrime group is diversifying its activities and added LockerGoga and Ryuk ransomware to its arsenal.

GreyEnergy cyberespionage group targets Poland and Ukraine

Security Affairs

Security researchers from ESET published a detailed analysis of a recently discovered cyber espionage group tracked as GreyEnergy. Experts from ESET speculate the BlackEnergy threat actor evolved into two separate APT groups, namely TeleBots and GreyEnergy.

Groups 105

Group-IB UncoversAPT- attacks on Banks: The Sound of Silence

Security Affairs

Researchers at security firm Group-IB have exposed the attacks carried out by the Silence cybercriminal group, providing details on its tactics and tools. Experts at security firm Group-IB have exposed the attacks committed by Silence cybercriminal group.

EU Mass Surveillance Alive and Well, Privacy Groups Warn

Data Breach Today

Groups 152

Iowa Health Group Data Breach Hits 1.4 Million Patients

Data Breach Today

UnityPoint Health Says Hackers' Likely Goal Was Business Email Compromise Fraud A large Midwestern health network says a successful phishing campaign exposed a raft of personal and medical data stored in its email systems. The count of affected victims numbers 1.4

Groups 188

APT40 cyberespionage group supporting growth of China’s naval sector

Security Affairs

A cyber-espionage group, tracked as APT40, apparently linked to the Chinese government is focused on targeting countries important to the country’s Belt and Road Initiative. The cyber-espionage group tracked as APT40 (aka TEMP.

Apple Disables Group FaceTime Following Major Privacy Glitch

Threatpost

Mobile Security Privacy apple FaceTime FaceTime groups iphone iPhone bug security flawThe bug allows iPhone users to FaceTime other iOS users and eavesdrop on their conversations - even when the other end of the line doesn't pick up.

Facebook Let Dozens of Cybercrime Groups Operate in Plain Sight

WIRED Threat Level

Researchers found 74 groups offering stolen credit cards and hacking tools with simple Facebook searches. Who needs the dark web? Security Security / Security News

Magecart Group Ups Ante: Now Goes After Admin Credentials

Threatpost

The group's skimmer has added some capabilities that steals credentials from admins. Uncategorized Vulnerabilities Web Security admin credentials data breach digital skimmer e-commerce group 11 magecart Magecart group Skimmer VisionDirect VisionDirect data breach

Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder

Security Affairs

The popular US whistleblower Edward Snowden has reported the abuse of surveillance made by many governments, he blamed the Israeli company NSO Group for developing and selling surveillance software to Saudi Arabia. Speaking during a conference in Tel Aviv on Wednesday, Snowden explained that the spy software developed by NSO Group enabled the murder of dissident journalist Jamal Khashoggi, at a conference in Tel Aviv on Wednesday. Security Affairs – NSO Group, Khashoggi).

North Korea-linked group Lazarus targets Latin American banks

Security Affairs

According to security reearchers at Trend Micro, the North Korea-linked APT group Lazarus recently targeted banks in Latin America. The North Korea-linked APT group Lazarus recently targeted banks in Latin America, Trend Micro experts reported.

Groups 109

Whitefly espionage group was linked to SingHealth Singapore Healthcare Breach

Security Affairs

Security experts at Symantec linked the massive Singapore Healthcare breach suffered by SingHealth to the ‘Whitefly’ cyberespionage group. In 2018, the largest healthcare group in Singapore, SingHealth, has suffered a massive data breach that exposed personal information of 1.5

Cobalt Group Pushes Revamped ThreadKit Malware

Threatpost

Cryptography Hacks Malware Vulnerabilities cobalt group cobint CreateThread Eastern Europe Europol exploit kit Jackpotting JavaScript backdoor more_eggs PetrWrap ThreadKit ThreadKit Malware XOR routineThreat actors have updated their malware to include a macro-based delivery framework.

Magecart Threat Group Racks Up More Hack Victims

Threatpost

The threat group has racked up a list of victims including Feedify, Groopdealz and British Airways. Uncategorized breach British Airways digital card skimmer Feedify hack magecart Magecart group

Facebook Boots 74 Cybercrime Groups From Platform

Threatpost

The 74 cybercrime groups were offering illicit services - from email spamming tools to stolen credentials - right on Facebook's platform. Facebook Hacks Credential Theft cybercriminal facebook security Stolen Credentials stolen payment card

IATA Passenger Experience and Baggage Working Group

RFID Global Solution, Inc.

The post IATA Passenger Experience and Baggage Working Group appeared first on RFID Global Solution. In Rio de Janeiro, May 6-9, 2019. Events baggage tracking IATA rfid

CVE-2019-0797 Windows Zero-Day exploited by FruityArmor and SandCat APT Groups

Security Affairs

One of the zero-day flaws ( CVE-2019-0797 ) patched this week by Microsoft has been exploited in targeted attacks by several threats groups, including FruityArmor and SandCat APT groups.

Groups 106

Alleged Iran-linked APT groups behind global DNS Hijacking campaign

Security Affairs

Security expert uncovered a DNS hijacking campaign targeting organizations in various industries worldwide and suspects Iranian APT groups. According to the experts, the campaign is carried out, with “moderate confidence,” by APT groups linked to the Iranian Government.

RiskIQ: British Airways Breach Ties to Cybercrime Group

Data Breach Today

Magecart Gang Tweaked Script on BA's Server to Scrape Card Data, Researchers Say The British Airways breach, in which up to 380,000 website and mobile users' payment card details were stolen, traces to card-scraping code injected into a script on the airline's website by the cybercrime group called Magecart, says security firm RiskIQ

Groups 100

Analyzing the evolution of MageCart cybercrime groups’ TTPs

Security Affairs

Researchers from RiskIQ and FlashPoint analyzed the evolution of Magecart groups, in particular of a gang tracked as Group 4 that appears to be very sophisticated. Security firms have monitored the activities of a dozen Magecart groups at least since 2015. According to a joint report published by RiskIQ and FlashPoint, s ome groups are more advanced than others, in particular, the gang tracked as Group 4 appears to be very sophisticated.