Lazarus Group Targets Freight Logistics Firm

Data Breach Today

ESET Report Ties 'Vyveva' Backdoor to North Korean APT Group The Lazarus Group, a North Korean-linked APT group, has recently deployed a previously undocumented backdoor called "Vyveva" to target a freight logistics company in South Africa, according to ESET

196
196

Lazarus Group Targeted COVID-19 Research

Data Breach Today

Kaspersky: North Korean APT Group Used Malware in Attempt to Steal Information The Lazarus Group, a North Korean advanced persistent threat gang, apparently recently targeted a national ministry of health and a drug manufacturer involved in developing a COVID-19 vaccine in an attempt to steal information, according to the security firm Kaspersky.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Chinese Hacking Group Targets Airlines, Semiconductor Firms

Data Breach Today

Chimera' Exfiltrates Intellectual Property, Personal Data A hacking group with apparent ties to China is targeting airlines and semiconductor firms to steal intellectual property and personal data in repeated exfiltration efforts, according to the NCC Group

Chinese Hacking Group 'Cloned' NSA Exploit Tool

Data Breach Today

Researchers: 'Jian' Hacking Tool Targeted Zero-Day Flaw in Windows A Chinese hacking group reportedly "cloned" and deployed a zero-day exploit developed by the NSA's Equation Group before Microsoft patched the Windows flaw being exploited, according to Check Point Research.

214
214

ABCs of Data Normalization for B2B Marketers

Data normalization. It’s not a far stretch to suggest that the topic isn’t exactly what gets marketers excited in their day-to-day workflow. However, if lead generation, reporting, and measuring ROI is important to your marketing team, then data normalization matters - a lot. In this eBook, we’ll break down the ins and outs of data normalization and review why it’s so critical for your marketing strategies and goals!

North Korean Group Targets Security Researchers - Again

Data Breach Today

Google: Attackers Leverage Social Media Accounts A North Korean government-backed threat group that was detected targeting security researchers in January is once again staging a campaign against them using advanced social engineering techniques, Google reports

Hacking Group Conducted Espionage Campaign Targeting Telcos

Data Breach Today

McAfee: RedDelta Group Used Fake Job Website to Target Employees A hacking group used a fake Huawei careers website to lure telecommunications workers and infect the job seekers' devices with malware that could steal information, says McAfee's Advanced Threat Research Strategic Intelligence team

175
175

Lebanese Hacking Group Targeting Telcos and ISPs

Data Breach Today

Researchers: Lebanese Cedar's Campaigns Expand Beyond Middle East An APT group known as Lebanese Cedar has launched a cyberespionage campaign targeting telecommunication companies and ISPs, according to the Israeli security firm ClearSky, which says the attacks have spread beyond the Middle East to the U.S. and Europe.

Lazarus Group Tied to TFlower Ransomware

Data Breach Today

Sygnia Researchers Say Hackers Using Their MATA Framework to Deliver Malware The Lazarus Group, a North Korean hacking operation also known as Hidden Cobra, is deploying TFlower ransomware using its MATA malware framework, security firm Sygnia reports

Ransomware Group Turns to Facebook Ads

Krebs on Security

Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up. The ad was designed to turn the screws to the Italian beverage vendor Campari Group , which acknowledged on Nov.

Best Practices for Modern Records Management and Retention

Speaker: Sean Baird, Director of Product Marketing at Nuxeo

Documents are at the heart of many business processes. Organizations in highly regulated industries are realizing that traditional records management practices are insufficient and ineffective in today’s digital world. Join Sean Baird as he highlights best practices for effective records management and retention. He will explore how digital transformation can counteract the costs, inefficiencies, and end-user considerations that make it difficult to maintain compliance. He will highlight real-world successes and analyze the key strategies and technologies that help organizations find balance.

Chinese APT Group Deploys ‘Most Sophisticated’ Shellcode

Data Breach Today

Newly Discovered BendyBear's Advanced Features Include Anti-Analysis Capabilities BlackTech, a Chinese advanced persistent threat group, is deploying a sophisticated new shellcode called BendyBear as part of its latest espionage campaign, security firm Palo Alto Networks reports

Bank Groups Object to Proposed Breach Notification Regulation

Data Breach Today

ABA, Others Call Requirements Too Burdensome The American Bankers Association and three other banking groups have voiced objections to provisions in a proposed federal cyber incident notification regulation.

Magecart Groups Hide Behind 'Bulletproof' Hosting Service

Data Breach Today

Researchers Find Groups Hiding JavaScript Skimmers and Phishing Pages Several Magecart groups hide their JavaScript skimmers, phishing domains and other malicious tools behind a "bulletproof" hosting service called Media Land, according to researchers with RiskIQ.

White House Establishes Group to Investigate Exchange Attacks

Data Breach Today

Federal Agencies Working on Incident Response, Other Issues The White House on Wednesday unveiled the formation of a Unified Coordination Group to lead the government's response to attacks exploiting unpatched vulnerabilities in on-premises Microsoft Exchange email servers

U.S. Imposes Sanctions on Iranian APT Group

Data Breach Today

Treasury Department on Thursday imposed sanctions on an Iranian advanced persistent threat group, 45 associated individuals and a front company the Iranian government used for a years-long malware campaign that targeted Iranian dissidents, journalists and others

Group Behind WannaCry Now Using New Malware

Data Breach Today

CISA Warns That Lazarus Group Has Added 3 New Tools A sophisticated hacking group associated with the North Korean government that's been tied to a number of high-profile attacks, including WannaCry, is using three new malware variants, according to the U.S.

APT Groups Planting Backdoors: Report

Data Breach Today

Researchers Say Groups With Apparent Ties to Iran Exploiting VPN Vulnerabilities Since August, security researchers have warned that attackers are targeting unpatched VPN servers with known vulnerabilities.

Alert: APT Groups Targeting US Think Tanks

Data Breach Today

CISA and FBI Say Focus Is on Those Working on International Affairs, National Security CISA and the FBI have issued a warning that advanced persistent threat groups are waging cyberespionage campaigns against U.S.

Payment Card Skimming Group Deployed Raccoon Infostealer

Data Breach Today

Researchers: Fraudsters Hit E-Commerce Sites For Payment Credential Theft A JavaScript card skimmer group dubbed "FakeSecurity" recently deployed the Raccoon information stealer malware in order to target e-commerce sites to steal payment card details from victims, according to security firm Group-IB.

Alert: APT Groups Targeting COVID-19 Researchers

Data Breach Today

are warning medical institutions, pharmaceutical companies, universities and others about "password-spraying campaigns" by advance persistent threat groups seeking to steal COVID-19 research data.

FBI and CISA: APT Groups Targeting Government Agencies

Data Breach Today

Three FortiOS Vulnerabilities Being Exploited for the Campaign CISA and the FBI warn in a new alert that unidentified nation-state actors are scanning for three vulnerabilities in Fortinet's operating system, FortiOS, to potentially target government and private sector companies for cyberespionage

Additional Hacking Tools Tied to North Korean-Linked Group

Data Breach Today

Cybereason Finds Kimsuky Group Using Fresh Spying Tools, Infrastructure Researchers with Cybereason have uncovered a fresh set of malicious tools tied to a North Korean-linked hacking group called Kimsuky, according to a recent analysis.

236
236

Microsoft: Hacking Groups Shift to New Targets

Data Breach Today

Lazarus Group Reportedly Now Wielding Ransomware

Data Breach Today

Kaspersky Discovers 2 Incidents Involving VHD Ransomware The Lazarus Group, the North Korean hacking group behind the WannaCry worm, the theft of $81 million from a Bangladesh bank and the attacks on Sony Pictures, apparently is expanding into ransomware, according to the security firm Kaspersky

US Seizes $2 Million in Cryptocurrency From Terrorist Groups

Data Breach Today

Justice Department Describes How Groups Raised Funds The U.S. Justice Department has seized more than $2 million worth of cryptocurrency from terrorists groups who solicited donations via social media and waged fraud campaigns

254
254

Pro-India APT Group Deploys Android Spyware

Data Breach Today

SunBird and HornBill Malicious Apps Mainly Target Users in South Asia Researchers at the security firm Lookout have identified two new Android spyware tools used for cyberespionage campaigns in South Asia which they say are linked to "Confucius," an pro-India advanced persistent threat group

Russian Hacking Group's Backdoor Uses Dropbox

Data Breach Today

Researchers Describe Turla Group's 'Crutch' Malware As part of a cyberespionage campaign, the Russian hacking group known as Turla deployed a backdoor called "Crutch" that uses Dropbox resources to help gather stolen data, according to the security firm ESET

Chinese Hacking Group Rebounds With Fresh Malware

Data Breach Today

Researchers: TA416 Ramping Up Phishing Emails Targeting Diplomatic Missions A Chinese advanced persistent threat group has recently begun ramping up its activities with a new phishing campaign leveraging updated malware that's targeting diplomatic missions around the world to collect data and monitor communications, according to Proofpoint.

At Least 10 APT Groups Exploiting Exchange Flaws

Data Breach Today

ESET: Some Attacks Happened Before Microsoft Was Notified of Vulnerabilities At least 10 APT groups exploited unpatched Microsoft Exchange vulnerabilities in attacks against thousands of companies in the last three months, according to researchers at the Slovak security firm ESET

Iranian Hacking Group Suspected of Deploying Ransomware

Data Breach Today

ClearSky: 'MuddyWater' APT Linked to Attacks Targeting Israel, Others A hacking group with links to Iran's government is suspected of using ransomware in attempts to damage the systems of organizations in Israel and other countries, the security firm ClearSky reports

APT Groups Target Firms Working on COVID-19 Vaccines

Data Breach Today

Microsoft Says Attacks on Seven Companies Blocked Three state-sponsored advanced persistent threat groups - one Russian, two North Korean - have been targeting companies across the globe involved with COVID-19 vaccine and treatment development, Microsoft says

236
236

Privacy Group Files Complaint Over iOS Tracking

Data Breach Today

Hacking of Accounting Firm Affects Medical Group

Data Breach Today

Apparent Ransomware Incident Exposes Patient Information An apparent ransomware attack on an accounting firm in December exposed the patient data of Community Care Physicians, a large upstate New York medical group, as well as other clients of the firm

Microsoft Exchange: At Least 10 APT Groups Exploiting Flaws

Data Breach Today

Gamaredon Group Using Fresh Tools to Target Outlook

Data Breach Today

Suspected Russia-Linked Hackers Have Previously Focused on Ukraine The Gamaredon hacking group is now using a new set of malicious tools to compromise Microsoft Outlook as a way of sending spear-phishing emails to victims' contact lists, according to security firm ESET.

Hacker-for-Hire Group DeathStalker Implements New Malware

Data Breach Today

PowerPepper' Backdoor Targets Smaller Firms The hacker-for-hire group DeathStalker, known for conducting espionage campaigns against small and medium-sized businesses, has started using a new malware strain called PowerPepper, according to a report from the security firm Kaspersky

Another Threat Group Joins Ransomware Extortion Racket

Data Breach Today

FireEye: 'FIN11' Deploys Clop Ransomware A newly identified financially motivated threat group, dubbed "FIN11," is deploying Clop ransomware and exfiltrating data from its targets for extortion efforts, according to researchers at FireEye Mandiant

Did 4 Major Ransomware Groups Truly Form a Cartel?

Dark Reading

An analysis of well-known extortion groups and their cryptocurrency transactions reveals the answer

New Hacking Group Targets Gambling Firms: Report

Data Breach Today

APT Group Steals Source Code and Data, Not Money, Researchers Say A newly identified hacking group has been targeting gambling companies in Asia, the Middle East and Europe, using backdoors to steal source code and other data, according to new research from security firm Trend Micro