Groups - Information Management Today

Magniber Ransomware Group Exploiting Microsoft Zero Day

Data Breach Today

MARCH 16, 2023

Microsoft Patches Another SmartScreen Signature-Based Vulnerability A financial motivated hacking group has been exploiting a now-patched zero-day vulnerability in the Windows operating system to deliver ransomware. Google Threat Analysis Group attributed the campaign to Magniber ransomware group.

Ransomware

Ransomware IT

RA Group Using Babuk Ransomware Source Code in Fresh Attacks

Data Breach Today

MAY 17, 2023

New Ransomware Gang Attacked 4 US and Korean Organizations in April Security researchers say a new Babuk knockoff ransomware group emerged in April and has already claimed targets in the United States and South Korea.

Ransomware

Ransomware Security

Enigmatic Hacking Group Operating in Ukraine

Data Breach Today

MAY 12, 2023

Attackers Target both Ukraine and pro-Russian Actors A newly uncovered hacking group with a string of cyberespionage successes is targeting Ukrainian and pro-Russian targets alike. Malwarebytes in a Wednesday dubs the threat actor "Red Stinger," saying the group is the same as the "Bad Magic" threat actor revealed by Kaspersky in March.

Webinars

The Power of Storytelling in Risk Management

ERM Program Fundamentals for Success in the Banking Industry

MORE WEBINARS

Royal Ransomware Group Builds Its Own Malware Loader

Data Breach Today

MAY 17, 2023

Malware Designed to Load Crypto-Lockers Remains Key Tool for Ransomware Groups The Royal ransomware group, which spun off from Conti in early 2022, is refining its downloader malware using tactics and techniques that appear to draw directly from other post-Conti groups, as well as working closely with trusted former associates of Conti, REvil and Hive, (..)

Ransomware

Ransomware IT

How to Package and Price Embedded Analytics

Just by embedding analytics, application owners can charge 24% more for their product. How much value could you add? This framework explains how application enhancements can extend your product offerings. Brought to you by Logi Analytics.

Analytics

Russian Group Possibly Behind Cyberespionage in Central Asia

Data Breach Today

MAY 10, 2023

Bitdefender Spots Novel 'DownEx' Malware Targeting Foreign Government Agencies A possibly Russian state hacking group has been deploying a novel backdoor dubbed DownEx against international governmental targets located in Kazakhstan and Afghanistan, reports Bitdefender. At least one victim appears to be an embassy located in Kazakhstan.

Government

Chinese Threat Group Leaks Hacking Secrets in Failed Attack

Data Breach Today

FEBRUARY 14, 2023

The Tonto Team Used Spear-Phishing Emails to Target Group-IB Employees Group-IB says a July 2022 spear-phishing attempt on its own employees came from the Chinese threat actor known variously as Tonto Team and CactusPete. Malwarebytes says the group has ramped up spying against Russian government agencies.

Phishing

Phishing Government IT

North Korea's BlueNoroff Group Targets macOS Systems

Data Breach Today

MAY 23, 2023

BlueNoroff Changed Attack Tactics in 2023 After Its TTPs Were Leaked The BlueNoroff hacker group, which is associated with the North Korean military's Reconnaissance General Bureau, is using RustBucket malware to target macOS systems of users primarily in the United States and Asia - a tactic observed for the first time since the group began its operations. (..)

Military

Military IT

LockBit Ransomware Group Reportedly Behind Royal Mail Attack

Data Breach Today

JANUARY 12, 2023

Attack Is Disrupting International Mail Export Services The cyber incident at the Royal Mail that is impeding exports from the United Kingdom is reportedly a ransomware attack by the LockBit ransomware-as-a-service group. Britain's national postal service told customers Thursday not to post export items.

Ransomware

ABCs of Data Normalization for B2B Marketers

Advertiser: ZoomInfo

At its core, data normalization is the process of creating context within your marketing database by grouping similar values into one common value. Well, marketers rely on this grouping to reach their goals. Why is this so essential?

Marketing

Ransomware Groups Hit Unpatched IBM File Transfer Software

Data Breach Today

MARCH 30, 2023

Buhti and IceFire Ransom Groups Tied to Attacks Targeting Vulnerable Servers Security experts are urging users of IBM's Aspera Faspex file-exchange application to take it offline immediately unless they've patched a flaw being actively exploited by ransomware groups, including Buhti and IceFire.

Ransomware

Ransomware Security IT

Microsoft Patches Zero-Day Bug Exploited by Ransomware Group

Data Breach Today

APRIL 12, 2023

Attackers Drop Nokoyawa Ransomware; Experts See Increasing Criminal Sophistication Microsoft has issued fixes for 114 vulnerabilities, including patching a zero-day flaw being actively exploited by a ransomware group and updating guidance to block a vulnerability from 2013 that was recently exploited for the software supply chain attack on 3CX users, (..)

Ransomware

LockBit Group Goes From Denial to Bargaining Over Royal Mail

Data Breach Today

FEBRUARY 7, 2023

Ransomware Remains a Royal Pain, as Criminals' Latest Extortion Attempt Highlights The LockBit group has gone from denying it had any involvement in the ransomware attack on Britain's Royal Mail, to trying to bargain for a ransom.

Ransomware

Ransomware IT

Chinese APT Group Deploying New Malware Backdoor

Data Breach Today

MARCH 3, 2023

Mustang Panda Using MQsTTang Tool to Target Victims in Asia and Europe, Eset Finds Chinese APT group Mustang Panda is deploying a previously unseen malware backdoor dubbed MQsTTang as part of a spear-phishing campaign targeting governmental organizations, specifically in Ukraine and Taiwan, security firm Eset says.

Phishing

Phishing Security IT

Partner Webinar: A Framework for Building Data Mesh Architecture

Speaker: Jeremiah Morrow, Nicolò Bidotti, and Achille Barbieri

In this webinar, learn how Enel Group worked with Agile Lab to implement Dremio as a data mesh solution for providing broad access to a unified view of their data, and how they use that architecture to enable a multitude of use cases. Leveraging Dremio for data governance and multi-cloud with Arrow Flight.

Government

Iranian Threat Group Befriends Victims

Data Breach Today

SEPTEMBER 7, 2022

APT42 Operates on Behalf of the Islamic Revolutionary Guard Corps An Iranian state-sponsored group in operation since 2015 relies on highly targeted social engineering to try and attack individuals and organizations that Tehran deems enemies of the regime, says a new report from cyberthreat intelligence firm Mandiant.

How 'Mespinoza' Ransomware Group Hits Targets

Data Breach Today

JULY 16, 2021

Palo Alto Networks Report Describes Tactics of Group Leveraging Open-Source Tools The gang behind the ransomware strain known as Mespinoza, aka PYSA, is targeting manufacturers, schools and others, mainly in the U.S. million, according to Palo Alto Networks' Unit 42, which says the group leverages open-source tools.

Ransomware

Ransomware Manufacturing

Search Here: Ransomware Groups Refine High-Pressure Tactics

Data Breach Today

JULY 13, 2022

Free Searching on Stolen Data and Higher Ransom Demands Among Latest Innovations Seeking maximum profits, ransomware groups continually refine the tactics they use to bypass defenses, infect victims and pressure them into paying.

Ransomware

Ransomware Group Behind Victoria Fire Department Outage

Data Breach Today

JANUARY 11, 2023

Vice Society Claims Credit for Data Leak Affecting Current, Former Employees The Vice Society ransomware group today claimed responsibility for a December 2022 attack on an Australian state fire department that led to a widespread IT outage. Fire Rescue Victoria warned current and former employees and job applicants of data leak.

Ransomware

Ransomware IT

Best Practices for Modern Records Management and Retention

Speaker: Sean Baird, Director of Product Marketing at Nuxeo

In this webinar, we will: Examine the pitfalls that prevent groups from failing to meet company and regulatory expectations. He will highlight real-world successes and analyze the key strategies and technologies that help organizations find balance.

Records Management

Australian Firm Costa Group Suffers Phishing Attack

Data Breach Today

OCTOBER 8, 2022

Phishing Incident Caused Service Disruptions and Delays Australian fruit and vegetable supplier Costa Group says it was subjected to a malicious and sophisticated phishing attack in August that resulted in unauthorized access to its servers.

Phishing

Phishing Security Access IT

Stung by Free Decryptor, Ransomware Group Embraces Extortion

Data Breach Today

MARCH 22, 2023

BianLian Follows in Karakurt's Footsteps by Moving Away From Crypto-Locking Malware Not all ransomware groups wield crypto-locking malware. After security researchers released a free decryptor for its malware, instead of encrypting files, the group chose to steal them and demand ransom solely for their safe return. Take BianLian.

Ransomware

Ransomware Encryption Security IT

Medical Group: 655,000 Affected by 'Network Outage' Breach

Data Breach Today

SEPTEMBER 1, 2021

Large Illinois Group Practice Says PHI Exposed After suffering a network systems outage that lasted at least a week in July, DuPage Medical Group, the largest mulispeciality group practice in Illinois, is now reporting a data breach affecting more than 655,000 individuals.

Data breaches

Evilnum Hacking Group Updates TTPs Targeting Fintech

Data Breach Today

JULY 2, 2022

Group Now Uses MS Office Word Documents to Deliver Payload The Evilnum hacking group has updated its tactics, techniques and procedures, now uses MS Office Word documents and leverages document template injection to deliver malicious payloads to its victims' machines. and Europe.

IT

A Page From an Information Professional’s Book of Secrets: The Right Time to Deploy Your AI

Speaker: Dick Stark and Casey Steenport

Decision-makers have been experimenting with Artificial Intelligence in smaller groups and have started adopting AI into mainstream environments in their organizations. The big buzz is around Artificial Intelligence, and how it can help information management and IT service delivery teams crush their goals.

Artificial Intelligence

North Korean APT Group Now Deploying Linux Malware Variant

Data Breach Today

APRIL 21, 2023

Eset Says Discovery Solidifies North Korea's Ties to 3CX Attack A North Korean backdoor targeting Linux desktop users shares infrastructure with the hacking group behind the 3CX software supply chain hack.

Cybersecurity

Cybersecurity IT

Comedy of Errors: Ransomware Group Extorts Wrong Victim

Data Breach Today

AUGUST 16, 2022

Not the First Time Ineptitude - or Blatant Lying - Invalidates Criminals' Claims The Cl0p ransomware group has been attempting to extort Thames Water, a public utility in England. Just one problem: the group attacked an entirely different water provider.

Ransomware

Iranian Group Used Android Backdoor

Data Breach Today

AUGUST 9, 2021

IBM: Campaign Targeted Reformists Before Election A group dubbed "ITG18," which apparently is linked to an Iranian advanced persistent threat group, deployed an Android backdoor it used to exfiltrate sensitive information from at least 20 reformists in Iran in the run up to the country's June 18 presidential election, IBM's Security Intelligence reports. (..)

Security

Security IT

Mercenary Hacking Group Deploys Android Malware

Data Breach Today

JULY 24, 2021

StrongPity Campaign Targeted Syrian E-Governance Website Hack-for-hire group StrongPity deployed Android malware to target Syria's e-government site visitors as part of its latest cyberespionage campaign, a new report by security firm Trend Micro details.

Government

Government Security IT

Meta Cracks Down on South Asian Cyberespionage Groups

Data Breach Today

MAY 5, 2023

South Asian Cyberespionage Actors Used Fake Facebook Profiles to Trick Victims Social media giant Meta took down hundreds of fake Facebook and Instagram accounts used by South Asia advanced persistent threat groups to glean sensitive information and coax users into installing malware.

IT

BlackMatter Group Debuts Linux-Targeting Ransomware

Data Breach Today

AUGUST 9, 2021

VMware ESXi Servers Targeted by Crypto-Locking Malware, MalwareHunterTeam Warns The new BlackMatter Russian-speaking ransomware-as-a-service group, which announced its launch last month, has created a Linux version of its malware designed to target VmWare's ESXi servers hosting virtual machines, according to MalwareHunterTeam.

Ransomware

Ransomware IT

Cyberattack Disrupts InterContinental Hotels Group Operation

Data Breach Today

SEPTEMBER 7, 2022

Ongoing Attack Affects Hospitality Chain's Reservation System Patrons of InterContinental Hotels Group hotels might need to call the front desk rather than book hotel rooms online due to an ongoing cyberattack.

Cybersecurity

Ransomware Group Debuts Searchable Victim Data

Krebs on Security

JUNE 14, 2022

Cybercrime groups that specialize in stealing corporate data and demanding a ransom not to publish it have tried countless approaches to shaming their victims into paying. The latest innovation in ratcheting up the heat comes from the ALPHV/BlackCat ransomware group, which has traditionally published any stolen victim data on the Dark Web.

Ransomware

Ransomware Security Privacy IT

Iranian Group Likely Behind Albanian Government Attack

Data Breach Today

AUGUST 4, 2022

Group Published Ransomware Execution Video on Website A cyberattack that temporarily paralyzed Albania's pivot to digital government likely came from Iranian hackers. The attack occurred just days before members of the Mujahedin-e-Khalq, a group dedicated to overthrow of the Islamic Republic of Iran, were set to host a two-day conference.

Government

Government Ransomware

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

Department of the Treasury says the Trickbot group is associated with Russian intelligence services, and that this alliance led to the targeting of many U.S. Members of the Trickbot Group publicly gloated over the ease of targeting the medical facilities and the speed with which the ransoms were paid to the group.”

Ransomware

Ransomware Cybersecurity Government Security

RTM Locker RaaS Group Turns to Linux, NAS and ESXi Hosts

Data Breach Today

APRIL 28, 2023

Highly Structured Group Using Traces of Babuk Ransomware's Leaked Source Code RTM Locker ransomware-as-a-service operators have now turned their attention to Linux, network-attached storage devices and ESXi hosts.

Ransomware

LockBit Ransomware Group Claims SpaceX Contractor Data Theft

Data Breach Today

MARCH 14, 2023

It's the latest PR-grabbing attempt by the prolific LockBit extortion group. Extortionists With Penchant for Splashy PR Moves Call on Elon Musk to Pay Ransom The LockBit ransomware operation claims to have stolen data from a Texas-based supplier to Elon Musk's SpaceX, which designs, manufactures and launches rockets and spacecraft.

Ransomware

Ransomware Manufacturing IT

Feds: Chinese Hacking Group Undeterred by Indictment

Data Breach Today

SEPTEMBER 27, 2022

Indictment 'Did Not Hinder APT41’s Operations,' says HHS HC3 Two federal indictments against APT41, a Chinese state-sponsored hacking group, haven't slowed down its operations, the U.S. government acknowledges in a warning telling the healthcare sector to be vigilant about the threat actor.

Government

Government IT

Iranian APT Group Charming Kitten Updates Malware Arsenal

Data Breach Today

AUGUST 24, 2022

and Microsoft Outlook Emails An Iranian government-backed hacking group known as Charming Kitten has updated its malware arsenal to include an email inbox scrapping tool, proof of the group's dedication to developing and maintaining purpose-built capabilities. Tool Can Steal Gmail, Yahoo!

Government

Government IT

How Chinese Hacking Groups Target Russia

Data Breach Today

AUGUST 10, 2021

Reports From Group IB, Positive Technologies Offer Details Researchers at Group-IB say Chinese threat actors apparently were responsible for an attack on Russian federal executive authorities in 2020.

Iranian Group Targets Israeli Firms

Data Breach Today

AUGUST 20, 2021

ClearSky: Attackers Lure Victims With Fake Job Offers Researchers at cybersecurity firm ClearSky say an Iranian APT group, dubbed "Siamesekitten," is targeting Israeli companies in a supply chain attack campaign. The attackers are luring victims with fake job offer emails that direct recipients to websites that download malware.

Cybersecurity

Group Behind SolarWinds Attack Targeted Microsoft Customers

Data Breach Today

JUNE 26, 2021

Company Says Russian-Linked Group Targeted Its Customer Support System The Russian-linked cyberespionage group behind the supply-chain attack against SolarWinds targeted Microsoft's customer support system as part of a new campaign, the company disclosed in a report.

Marketing

Marketing IT

Lazarus Group Targeted COVID-19 Research

Data Breach Today

DECEMBER 24, 2020

Kaspersky: North Korean APT Group Used Malware in Attempt to Steal Information The Lazarus Group, a North Korean advanced persistent threat gang, apparently recently targeted a national ministry of health and a drug manufacturer involved in developing a COVID-19 vaccine in an attempt to steal information, according to the security firm Kaspersky.

Manufacturing

Manufacturing Security

Ransomware Group Turns to Facebook Ads

Krebs on Security

NOVEMBER 10, 2020

Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up. The ad was designed to turn the screws to the Italian beverage vendor Campari Group , which acknowledged on Nov. Of course, it didn’t cost the ransomware group anything. ”

Ransomware

Ransomware Security IT

Magniber Ransomware Group Exploiting Microsoft Zero Day

RA Group Using Babuk Ransomware Source Code in Fresh Attacks

Webinars

Trending Sources

Enigmatic Hacking Group Operating in Ukraine

Webinars

Royal Ransomware Group Builds Its Own Malware Loader

How to Package and Price Embedded Analytics

Russian Group Possibly Behind Cyberespionage in Central Asia

Chinese Threat Group Leaks Hacking Secrets in Failed Attack

North Korea's BlueNoroff Group Targets macOS Systems

LockBit Ransomware Group Reportedly Behind Royal Mail Attack

ABCs of Data Normalization for B2B Marketers

Ransomware Groups Hit Unpatched IBM File Transfer Software

Microsoft Patches Zero-Day Bug Exploited by Ransomware Group

LockBit Group Goes From Denial to Bargaining Over Royal Mail

Chinese APT Group Deploying New Malware Backdoor

Partner Webinar: A Framework for Building Data Mesh Architecture

Iranian Threat Group Befriends Victims

How 'Mespinoza' Ransomware Group Hits Targets

Search Here: Ransomware Groups Refine High-Pressure Tactics

Ransomware Group Behind Victoria Fire Department Outage

Best Practices for Modern Records Management and Retention

Australian Firm Costa Group Suffers Phishing Attack

Stung by Free Decryptor, Ransomware Group Embraces Extortion

Medical Group: 655,000 Affected by 'Network Outage' Breach

Evilnum Hacking Group Updates TTPs Targeting Fintech

A Page From an Information Professional’s Book of Secrets: The Right Time to Deploy Your AI

North Korean APT Group Now Deploying Linux Malware Variant

Comedy of Errors: Ransomware Group Extorts Wrong Victim

Iranian Group Used Android Backdoor

Mercenary Hacking Group Deploys Android Malware

Meta Cracks Down on South Asian Cyberespionage Groups

BlackMatter Group Debuts Linux-Targeting Ransomware

Cyberattack Disrupts InterContinental Hotels Group Operation

Ransomware Group Debuts Searchable Victim Data

Iranian Group Likely Behind Albanian Government Attack

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

RTM Locker RaaS Group Turns to Linux, NAS and ESXi Hosts

LockBit Ransomware Group Claims SpaceX Contractor Data Theft

Feds: Chinese Hacking Group Undeterred by Indictment

Iranian APT Group Charming Kitten Updates Malware Arsenal

How Chinese Hacking Groups Target Russia

Iranian Group Targets Israeli Firms

Group Behind SolarWinds Attack Targeted Microsoft Customers

Lazarus Group Targeted COVID-19 Research

Ransomware Group Turns to Facebook Ads

Stay Connected