Iranian Threat Group Befriends Victims

Data Breach Today

APT42 Operates on Behalf of the Islamic Revolutionary Guard Corps An Iranian state-sponsored group in operation since 2015 relies on highly targeted social engineering to try and attack individuals and organizations that Tehran deems enemies of the regime, says a new report from cyberthreat intelligence firm Mandiant.

Feds: Chinese Hacking Group Undeterred by Indictment

Data Breach Today

Indictment 'Did Not Hinder APT41’s Operations,' says HHS HC3 Two federal indictments against APT41, a Chinese state-sponsored hacking group, haven't slowed down its operations, the U.S.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cyberattack Disrupts InterContinental Hotels Group Operation

Data Breach Today

Ongoing Attack Affects Hospitality Chain's Reservation System Patrons of InterContinental Hotels Group hotels might need to call the front desk rather than book hotel rooms online due to an ongoing cyberattack.

Iranian Group Used Android Backdoor

Data Breach Today

A Page From an Information Professional’s Book of Secrets: The Right Time to Deploy Your AI

Speaker: Dick Stark and Casey Steenport

Join our experts for this insightful webinar where members from our team will be available to answer your questions so you can walk away feeling confident in how AI & automation can empower your organization’s service management overall.

Records Management Professionals Group surpasses 12,000 members on LinkedIn

IG Guru

Check out the group here. IG News Records Management LinkedIn Records Management Group

Evilnum Hacking Group Updates TTPs Targeting Fintech

Data Breach Today

Group Now Uses MS Office Word Documents to Deliver Payload The Evilnum hacking group has updated its tactics, techniques and procedures, now uses MS Office Word documents and leverages document template injection to deliver malicious payloads to its victims' machines.

Ransomware Group Debuts Searchable Victim Data

Krebs on Security

Cybercrime groups that specialize in stealing corporate data and demanding a ransom not to publish it have tried countless approaches to shaming their victims into paying.

Iranian Group Targets Israeli Firms

Data Breach Today

ClearSky: Attackers Lure Victims With Fake Job Offers Researchers at cybersecurity firm ClearSky say an Iranian APT group, dubbed "Siamesekitten," is targeting Israeli companies in a supply chain attack campaign.

Lazarus Group Targeted COVID-19 Research

Data Breach Today

Kaspersky: North Korean APT Group Used Malware in Attempt to Steal Information The Lazarus Group, a North Korean advanced persistent threat gang, apparently recently targeted a national ministry of health and a drug manufacturer involved in developing a COVID-19 vaccine in an attempt to steal information, according to the security firm Kaspersky.

Best Practices for Modern Records Management and Retention

Speaker: Sean Baird, Director of Product Marketing at Nuxeo

Documents are at the heart of many business processes. Organizations in highly regulated industries are realizing that traditional records management practices are insufficient and ineffective in today’s digital world. Join Sean Baird as he highlights best practices for effective records management and retention. He will explore how digital transformation can counteract the costs, inefficiencies, and end-user considerations that make it difficult to maintain compliance. He will highlight real-world successes and analyze the key strategies and technologies that help organizations find balance.

How 'Mespinoza' Ransomware Group Hits Targets

Data Breach Today

Palo Alto Networks Report Describes Tactics of Group Leveraging Open-Source Tools The gang behind the ransomware strain known as Mespinoza, aka PYSA, is targeting manufacturers, schools and others, mainly in the U.S.

Mercenary Hacking Group Deploys Android Malware

Data Breach Today

StrongPity Campaign Targeted Syrian E-Governance Website Hack-for-hire group StrongPity deployed Android malware to target Syria's e-government site visitors as part of its latest cyberespionage campaign, a new report by security firm Trend Micro details

Search Here: Ransomware Groups Refine High-Pressure Tactics

Data Breach Today

Free Searching on Stolen Data and Higher Ransom Demands Among Latest Innovations Seeking maximum profits, ransomware groups continually refine the tactics they use to bypass defenses, infect victims and pressure them into paying.

Comedy of Errors: Ransomware Group Extorts Wrong Victim

Data Breach Today

Not the First Time Ineptitude - or Blatant Lying - Invalidates Criminals' Claims The Cl0p ransomware group has been attempting to extort Thames Water, a public utility in England. Just one problem: the group attacked an entirely different water provider.

ABCs of Data Normalization for B2B Marketers

Data normalization. It’s not a far stretch to suggest that the topic isn’t exactly what gets marketers excited in their day-to-day workflow. However, if lead generation, reporting, and measuring ROI is important to your marketing team, then data normalization matters - a lot. In this eBook, we’ll break down the ins and outs of data normalization and review why it’s so critical for your marketing strategies and goals!

Hitachi Sells Identity Management Business to Volaris Group

Data Breach Today

CEO Says Newly Renamed Bravura Security a Good Fit With Volaris' Software Strength Japanese conglomerate Hitachi has sold its small identity-as-a-service practice to Canadian software specialist Volaris Group to drive better execution around core products.

BlackMatter Group Debuts Linux-Targeting Ransomware

Data Breach Today

VMware ESXi Servers Targeted by Crypto-Locking Malware, MalwareHunterTeam Warns The new BlackMatter Russian-speaking ransomware-as-a-service group, which announced its launch last month, has created a Linux version of its malware designed to target VmWare's ESXi servers hosting virtual machines, according to MalwareHunterTeam.

Iranian APT Group Charming Kitten Updates Malware Arsenal

Data Breach Today

and Microsoft Outlook Emails An Iranian government-backed hacking group known as Charming Kitten has updated its malware arsenal to include an email inbox scrapping tool, proof of the group's dedication to developing and maintaining purpose-built capabilities.

Chinese Hacking Group Targets Airlines, Semiconductor Firms

Data Breach Today

Chimera' Exfiltrates Intellectual Property, Personal Data A hacking group with apparent ties to China is targeting airlines and semiconductor firms to steal intellectual property and personal data in repeated exfiltration efforts, according to the NCC Group

12 Considerations When Evaluating Data Lake Engine Vendors for Analytics and BI

Businesses today compete on their ability to turn big data into essential business insights. Modern enterprises leverage cloud data lakes as the platform used to store data. 57% of the enterprises currently using a data lake cite improved business agility as a benefit.

Group Behind SolarWinds Attack Targeted Microsoft Customers

Data Breach Today

Company Says Russian-Linked Group Targeted Its Customer Support System The Russian-linked cyberespionage group behind the supply-chain attack against SolarWinds targeted Microsoft's customer support system as part of a new campaign, the company disclosed in a report.

Are Ransomware-as-a-Service Groups in Decline?

Data Breach Today

The latest edition of the ISMG Security Report discusses how ransomware-as-a-service groups are shifting their business models, how investigators battling cybercrime have been hindered by GDPR, and how employees consider workplace "choice" a key factor for job satisfaction

GDPR 200

How Chinese Hacking Groups Target Russia

Data Breach Today

Reports From Group IB, Positive Technologies Offer Details Researchers at Group-IB say Chinese threat actors apparently were responsible for an attack on Russian federal executive authorities in 2020.

Conti Ransomware Group Diaries, Part I: Evasion

Krebs on Security

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue.

Lyceum Group Targets Two Tunisia-Based Entities

Data Breach Today

The Group Updated Its Malware Arsenal With New Capabilities Researchers at Kaspersky report that Lyceum group, known for targeting organizations in the energy and telecommunications sectors across the Middle East, has attacked two entities in Tunisia with an updated malware arsenal

Cyber Standoff: 51 Groups Tied to Russia-Ukraine War Attacks

Data Breach Today

Ukrainian Official: Country Hit By Over 1,600 'Major Cyber Incidents' This Year A crowded field of 51 threat groups in the Russia-Ukraine cyberwar has attacked 29 nations - with attacks in Ukraine aimed at "sowing chaos and confusion" on and off the battlefield.

ISMG Editors: Ransomware Groups Aiming for Smaller Targets

Data Breach Today

Also: BEC Attack Headaches and Inside the Nomad Bridge Hack In the latest weekly update, four editors at Information Security Media Group discuss key takeaways from ISMG's recent Government Summit, how hackers siphoned nearly $200 million from cryptocurrency bridge Nomad and how midsized businesses are the new frontier for ransomware.

Researchers Uncover Mysterious 'Metador' Cyber-Espionage Group

Dark Reading

Researchers from SentinelLabs laid out what they know about the attackers and implored the researcher community for help in learning more about the shadowy group

93

Lazarus Group Hid RATs in BMP Images

Data Breach Today

Group Used Fresh Tactic to Target South Korea Malwarebytes researchers report the North Korean APT group Lazarus rolled out a new weapon during a recent phishing campaign targeting South Korea in which the gang incorporated malicious BMP files in an image-laden document

Aggah APT Group Targets Taiwan, South Korea

Data Breach Today

Spear-Phishing Campaign Exploits PowerPoint Vulnerability The Aggah APT group, believed to be of Pakistani origin, apparently was behind a recent spear-phishing campaign targeting manufacturing firms in Taiwan and South Korea, according to Anomali Threat Research

Chinese APT Groups Targeted Asian Telecoms

Data Breach Today

Cybereason: Attacks Exploited Microsoft Exchange Servers Chinese APT groups compromised networks of telecom providers across Southeast Asia in an effort to harvest customers' sensitive communications, according to Cybereason.

Lebanese Hacking Group Targeting Telcos and ISPs

Data Breach Today

Researchers: Lebanese Cedar's Campaigns Expand Beyond Middle East An APT group known as Lebanese Cedar has launched a cyberespionage campaign targeting telecommunication companies and ISPs, according to the Israeli security firm ClearSky, which says the attacks have spread beyond the Middle East to the U.S. and Europe.

Medical Group: 655,000 Affected by 'Network Outage' Breach

Data Breach Today

Large Illinois Group Practice Says PHI Exposed After suffering a network systems outage that lasted at least a week in July, DuPage Medical Group, the largest mulispeciality group practice in Illinois, is now reporting a data breach affecting more than 655,000 individuals

US Government Warns Against Paying Ransom to Karakurt Group

Data Breach Today

Extortion Group Won’t Stop Data Leaks Even If Its Demands Are Met, Feds Say U.S. government agencies have issued a warning to organizations in the country against paying ransom to the Karakurt data extortion group.

Who's Disrupting Ransomware Groups' Stolen Data Leak Sites?

Data Breach Today

Major Drama in the Online Underworld Who's been disrupting ransomware operations' data leak sites by targeting them with distributed denial-of-service attacks?

Chinese APT Group Deploys ‘Most Sophisticated’ Shellcode

Data Breach Today

Newly Discovered BendyBear's Advanced Features Include Anti-Analysis Capabilities BlackTech, a Chinese advanced persistent threat group, is deploying a sophisticated new shellcode called BendyBear as part of its latest espionage campaign, security firm Palo Alto Networks reports

Cox Media Group Affiliates Go Offline

Data Breach Today

Ransomware Suspected as a Possible Reason for the Outage at Some Outlets Cox Media Group's TV and radio affiliates' ability to livestream content was mostly offline Thursday evening, possibly due to an unspecified cyber incident, says the security firm Recorded Future

Pro-Russian Killnet Group in DDoS Attacks on Czech Entities

Data Breach Today

Group Also Claims to Have Targeted the US, Poland, Germany and UK Pro-Russia threat group Killnet claims to have hit several victims with DDoS attacks in recent days.

Ransomware Groups Refine Shakedown and Monetization Models

Data Breach Today

Popular: Using Initial Access Brokers, Mediation as a Service, Healthcare Hits Ransomware-wielding attackers continue to seek new ways to maximize profits with minimal effort.