Microsoft says Russian APT28 espionage group hit Democratic Institutions in Europe

Security Affairs

Microsoft says Russian APT28 group carried out multiple cyberattacks on democratic institutions in Europe between September and December 2018. The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Magecart Cybercrime Groups Harvest Payment Card Data

Data Breach Today

Researchers say they are tracing at least six active Magecart groups, each with unique infrastructure, skimmers and targeting

Groups 178

Magecart Cybercrime Groups Mass Harvest Payment Card Data

Data Breach Today

Researchers say they are tracing at least six active Magecart groups, each with unique infrastructure, skimmers and targeting

Groups 232

The Radisson Hotel Group has suffered a data breach

Security Affairs

The hotel chain Radisson Hotel Group suffered a security breach that exposed personal information of the members of its loyalty scheme. The incident has happened on September 11, but the IT staff at the Radisson Hotel Group identified it only on October first.

Groups 107

'Rex Mundi' Hacker Extortion Group: Busted

Data Breach Today

Seven Gang Members Arrested in France, Eighth Busted in Thailand, Police Say Cyber extortion group Rex Mundi has been shut down following the arrest of seven suspects in France and a French national in Thailand, police say.

Groups 156

Noose Tightens Around Dark Overlord Hacking Group

Data Breach Today

Serbia Makes Arrest; UK Close to Sentencing Another The noose appears to be tightening around the Dark Overlord, a group of international hackers who have stolen and held for ransom sensitive information from dozens of companies, healthcare organizations and U.S.

Groups 140

Apple Disables Group FaceTime Following Major Privacy Glitch

Threatpost

Mobile Security Privacy apple FaceTime FaceTime groups iphone iPhone bug security flawThe bug allows iPhone users to FaceTime other iOS users and eavesdrop on their conversations - even when the other end of the line doesn't pick up.

GreyEnergy cyberespionage group targets Poland and Ukraine

Security Affairs

Security researchers from ESET published a detailed analysis of a recently discovered cyber espionage group tracked as GreyEnergy. Experts from ESET speculate the BlackEnergy threat actor evolved into two separate APT groups, namely TeleBots and GreyEnergy.

Groups 109

A Cyber Espionage Group Re-Emerges

Data Breach Today

A group of suspected Chinese cyber espionage actors, dubbed TEMP.Periscope or Leviathan, has re-emerged, targeting the maritime industry as well as others, according to a report from FireEye. FireEye Describes Campaign by Suspected Chinese Actors; Is Asia Next Target?

Groups 133

Group-IB UncoversAPT- attacks on Banks: The Sound of Silence

Security Affairs

Researchers at security firm Group-IB have exposed the attacks carried out by the Silence cybercriminal group, providing details on its tactics and tools. Experts at security firm Group-IB have exposed the attacks committed by Silence cybercriminal group.

Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder

Security Affairs

The popular US whistleblower Edward Snowden has reported the abuse of surveillance made by many governments, he blamed the Israeli company NSO Group for developing and selling surveillance software to Saudi Arabia. Speaking during a conference in Tel Aviv on Wednesday, Snowden explained that the spy software developed by NSO Group enabled the murder of dissident journalist Jamal Khashoggi, at a conference in Tel Aviv on Wednesday. Security Affairs – NSO Group, Khashoggi).

Magecart Group Ups Ante: Now Goes After Admin Credentials

Threatpost

The group's skimmer has added some capabilities that steals credentials from admins. Uncategorized Vulnerabilities Web Security admin credentials data breach digital skimmer e-commerce group 11 magecart Magecart group Skimmer VisionDirect VisionDirect data breach

Iowa Health Group Data Breach Hits 1.4 Million Patients

Data Breach Today

UnityPoint Health Says Hackers' Likely Goal Was Business Email Compromise Fraud A large Midwestern health network says a successful phishing campaign exposed a raft of personal and medical data stored in its email systems. The count of affected victims numbers 1.4

Groups 186

EU Mass Surveillance Alive and Well, Privacy Groups Warn

Data Breach Today

Groups 147

North Korea-linked group Lazarus targets Latin American banks

Security Affairs

According to security reearchers at Trend Micro, the North Korea-linked APT group Lazarus recently targeted banks in Latin America. The North Korea-linked APT group Lazarus recently targeted banks in Latin America, Trend Micro experts reported.

Groups 112

Cobalt Group Pushes Revamped ThreadKit Malware

Threatpost

Cryptography Hacks Malware Vulnerabilities cobalt group cobint CreateThread Eastern Europe Europol exploit kit Jackpotting JavaScript backdoor more_eggs PetrWrap ThreadKit ThreadKit Malware XOR routineThreat actors have updated their malware to include a macro-based delivery framework.

NATO Group Catfished Soldiers to Prove a Point About Privacy

WIRED Threat Level

With $60 and a few fake Facebook accounts, researchers were able to identify service members in a military exercise, track their movement, and even persuade them to disobey orders. Security

Alleged Iran-linked APT groups behind global DNS Hijacking campaign

Security Affairs

Security expert uncovered a DNS hijacking campaign targeting organizations in various industries worldwide and suspects Iranian APT groups. According to the experts, the campaign is carried out, with “moderate confidence,” by APT groups linked to the Iranian Government.

Magecart Threat Group Racks Up More Hack Victims

Threatpost

The threat group has racked up a list of victims including Feedify, Groopdealz and British Airways. Uncategorized breach British Airways digital card skimmer Feedify hack magecart Magecart group

Group-IB helped to arrest phone scammers profiting off the backs of the Russian elderly

Security Affairs

Moscow police department operatives, with the participation of Group-IB experts, took down a group of phone scammers who for several years have been extorting money from the elderly.

Creating data governance committees, forums and working groups

Information Management Resources

You may have a data governance forum, data steering group, or something similar. Whatever you call it is not important, it’s who sits on it and what it does that is. Data governance Data management Data strategy

Iran-Linked APT39 group use off-the-shelf tools to steal data

Security Affairs

An Iran-linked cyber-espionage group tracked as APT39 is carrying out a widespread campaign using a broad range of custom and off-the-shelf tools. The APT39 cyberespionage group is carrying out a widespread campaign using a broad range of custom and off-the-shelf tools.

Groups 100

North Korea's Lazarus Group Targets Russian Companies For First Time

Dark Reading

In an unusual development, the group known for its attacks against companies in countries viewed as geopolitical foes is now going after companies in a country considered an ally, Check Point Software says

Recent Andariel Group ActiveX Attacks Point to Future Targets

Threatpost

Changes in the group's script may indicate that the hackers may start using attack vectors other than ActiveX. Government Hacks ActiveX ActiveX vulnerability andariel group apt Code Injection Lazarus Group North Korea South Korea zero day

RiskIQ: British Airways Breach Ties to Cybercrime Group

Data Breach Today

Magecart Gang Tweaked Script on BA's Server to Scrape Card Data, Researchers Say The British Airways breach, in which up to 380,000 website and mobile users' payment card details were stolen, traces to card-scraping code injected into a script on the airline's website by the cybercrime group called Magecart, says security firm RiskIQ

Groups 100

MoneyTaker hacking group stole 1 million US dollars from Russian PIR Bank

Security Affairs

The cybersecurity firm Group-IB is involved in the incident response on an attack on the Russian PIR Bank conducted by MoneyTaker hacking group. The bank hired Group-IB in order to respond to the incident and limit the damages. ” states Group-IB.

New Gallmaker APT group eschews malware in cyber espionage campaigns

Security Affairs

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. A new cyber espionage group tracked as Gallmaker appeared in the threat landscape.

Apple Patches Group FaceTime Flaw

Dark Reading

Teenaged Fortnite player gets credit for finding the bug

Cybercrime Groups and Nation-State Attackers Blur Together

Data Breach Today

North Korean Hackers are 'Rational Actors,' Ex-Intelligence Chief Warns "This is not a crazy state; this is a rational state pursuing rational objectives."

Groups 137

Leafminer cyber espionage group targets Middle East

Security Affairs

Hackers belonging an Iran-linked APT group tracked as ‘Leafminer’ have targeted government and various organizations in the Middle East. An Iran-linked APT group tracked as ‘Leafminer’ has targeted government and businesses in the Middle.

Magecart Group Targets Shopper Approved in Latest Attack

Threatpost

Malware Web Security data breach magecart Magecart group shopper approved Skimmer ticketmasterThe breach also impacted hundreds of Shopper Approved's customers.

Public Google Groups Leaking Sensitive Data at Thousands of Orgs

Threatpost

Cloud Security Privacy Web Security exposed data google groups misconfiguration public settings sensitive informationThe exposed information includes accounts payable and invoice data, customer support emails, password-recovery mails, links to employee manuals, staffing schedules and other internal resources.

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Security Affairs

” The TA505 group was first spotted by Proofpoint back 2017, it has been active at least since 2015 and targets organizations in financial and retail industries. The post TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal appeared first on Security Affairs.

Groups 107

New Threat Group Conducts Malwareless Cyber Espionage

Dark Reading

Gallmaker group is relying exclusively on legitimate tools and living-off-the-land tactics to make detection very difficult

Seedworm APT Group targeted more than 130 victims in 30 organizations since Sept

Security Affairs

‘ The Seedworm APT Group has targeted more than 130 victims in 30 organizations since September including NGOs, oil and gas, and telecom businesses. The post Seedworm APT Group targeted more than 130 victims in 30 organizations since Sept appeared first on Security Affairs.

Groups 109

Group-IB: More than 70% of Russian banks are not ready for cyberattacks

Security Affairs

According to a new research conducted by Group-IB experts, 74 percent of Russian banks were not ready for cyberattacks. Group-IB , an international company that specializes in preventing cyberattacks , has conducted high-tech cybercrimes research based on an analysis of responses to information security incidents carried out by Group-IB Incident Response team in 2018. In 2018, Group-IB Incident Response team has detected the use of such vector in Russia and Eastern Europe.

Improving engineer productivity at SMS group with OpenText Exceed TurboX

OpenText Information Management

As part of a global workforce of 13,500 employees, SMS group engineers perform countless complex calculations and simulations when designing and constructing solutions for clients.

Cyber espionage group used CVE-2018-8589 Windows Zero-Day in Middle East Attacks

Security Affairs

2018 Patch Tuesday has been exploited by at least one APT group in attacks in the Middle East. Kaspersky did not explicitly attribute the attack to a specific threat actor but pointed out that the CVE-2018-8589 exploit code is being used by at least one cyber espionage APT group.

Groups 107

Groups find IT essential in making the shift to value

Information Management Resources

Value-based care Group practices Healthcare analytics Health outcomes EHR HITMultispecialty organizations such as Crystal Run Healthcare, the Carle Foundation and Marshfield Clinic are using technology ranging from care management to analytics to improve care.

APT28 group return to covert intelligence gathering ops in Europe and South America.

Security Affairs

Experts from Symantec collected evidence that APT28 group returns to covert intelligence gathering operations in Europe and South America. The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Groups 107