How 'Mespinoza' Ransomware Group Hits Targets

Data Breach Today

Palo Alto Networks Report Describes Tactics of Group Leveraging Open-Source Tools The gang behind the ransomware strain known as Mespinoza, aka PYSA, is targeting manufacturers, schools and others, mainly in the U.S.

NSO Group Hacked

Schneier on Security

NSO Group, the Israeli cyberweapons arms manufacturer behind the Pegasus spyware — used by authoritarian regimes around the world to spy on dissidents, journalists, human rights workers, and others — was hacked. Why does NSO Group have that list?

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Lazarus Group Targeted COVID-19 Research

Data Breach Today

Kaspersky: North Korean APT Group Used Malware in Attempt to Steal Information The Lazarus Group, a North Korean advanced persistent threat gang, apparently recently targeted a national ministry of health and a drug manufacturer involved in developing a COVID-19 vaccine in an attempt to steal information, according to the security firm Kaspersky.

Chinese Hacking Group Targets Airlines, Semiconductor Firms

Data Breach Today

Chimera' Exfiltrates Intellectual Property, Personal Data A hacking group with apparent ties to China is targeting airlines and semiconductor firms to steal intellectual property and personal data in repeated exfiltration efforts, according to the NCC Group

Best Practices for Modern Records Management and Retention

Speaker: Sean Baird, Director of Product Marketing at Nuxeo

Documents are at the heart of many business processes. Organizations in highly regulated industries are realizing that traditional records management practices are insufficient and ineffective in today’s digital world. Join Sean Baird as he highlights best practices for effective records management and retention. He will explore how digital transformation can counteract the costs, inefficiencies, and end-user considerations that make it difficult to maintain compliance. He will highlight real-world successes and analyze the key strategies and technologies that help organizations find balance.

Group Behind SolarWinds Attack Targeted Microsoft Customers

Data Breach Today

Company Says Russian-Linked Group Targeted Its Customer Support System The Russian-linked cyberespionage group behind the supply-chain attack against SolarWinds targeted Microsoft's customer support system as part of a new campaign, the company disclosed in a report.

Chinese Group Apparently Targeted Russian Defense Contractor

Data Breach Today

Cybereason: Attack Used Previously Undocumented PortDoor Malware An attack group, likely based in China, recently conducted a spear-phishing attack against a defense contractor that develops nuclear submarine technology for the Russian Navy, according to the security firm Cybereason

Ransomware Group Turns to Facebook Ads

Krebs on Security

Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up. The ad was designed to turn the screws to the Italian beverage vendor Campari Group , which acknowledged on Nov.

Chinese Hacking Group 'Cloned' NSA Exploit Tool

Data Breach Today

Researchers: 'Jian' Hacking Tool Targeted Zero-Day Flaw in Windows A Chinese hacking group reportedly "cloned" and deployed a zero-day exploit developed by the NSA's Equation Group before Microsoft patched the Windows flaw being exploited, according to Check Point Research.

206
206

APT Group Targets Fintech Companies

Data Breach Today

Report: Little-Known Evilnum Group Relies on Spear-Phishing Emails A little-known advanced persistent threat group dubbed Evilnum has been targeting fintech firms in the U.K.

ABCs of Data Normalization for B2B Marketers

Data normalization. It’s not a far stretch to suggest that the topic isn’t exactly what gets marketers excited in their day-to-day workflow. However, if lead generation, reporting, and measuring ROI is important to your marketing team, then data normalization matters - a lot. In this eBook, we’ll break down the ins and outs of data normalization and review why it’s so critical for your marketing strategies and goals!

Lebanese Hacking Group Targeting Telcos and ISPs

Data Breach Today

Researchers: Lebanese Cedar's Campaigns Expand Beyond Middle East An APT group known as Lebanese Cedar has launched a cyberespionage campaign targeting telecommunication companies and ISPs, according to the Israeli security firm ClearSky, which says the attacks have spread beyond the Middle East to the U.S. and Europe.

Lazarus Group Hid RATs in BMP Images

Data Breach Today

Group Used Fresh Tactic to Target South Korea Malwarebytes researchers report the North Korean APT group Lazarus rolled out a new weapon during a recent phishing campaign targeting South Korea in which the gang incorporated malicious BMP files in an image-laden document

Groups Urge Biden, Congress to Bolster Health Sector Cyber

Data Breach Today

hammers out national infrastructure legislation, implements President Biden's recent cybersecurity executive order and adopts other related initiatives, more attention and funding needs to be allocated to strengthen the healthcare sector's cybersecurity posture, industry groups urge

Hacking Group Conducted Espionage Campaign Targeting Telcos

Data Breach Today

McAfee: RedDelta Group Used Fake Job Website to Target Employees A hacking group used a fake Huawei careers website to lure telecommunications workers and infect the job seekers' devices with malware that could steal information, says McAfee's Advanced Threat Research Strategic Intelligence team

164
164

Cox Media Group Affiliates Go Offline

Data Breach Today

Ransomware Suspected as a Possible Reason for the Outage at Some Outlets Cox Media Group's TV and radio affiliates' ability to livestream content was mostly offline Thursday evening, possibly due to an unspecified cyber incident, says the security firm Recorded Future

Lazarus Group Tied to TFlower Ransomware

Data Breach Today

Sygnia Researchers Say Hackers Using Their MATA Framework to Deliver Malware The Lazarus Group, a North Korean hacking operation also known as Hidden Cobra, is deploying TFlower ransomware using its MATA malware framework, security firm Sygnia reports

Group Behind WannaCry Now Using New Malware

Data Breach Today

CISA Warns That Lazarus Group Has Added 3 New Tools A sophisticated hacking group associated with the North Korean government that's been tied to a number of high-profile attacks, including WannaCry, is using three new malware variants, according to the U.S.

Additional Hacking Tools Tied to North Korean-Linked Group

Data Breach Today

Cybereason Finds Kimsuky Group Using Fresh Spying Tools, Infrastructure Researchers with Cybereason have uncovered a fresh set of malicious tools tied to a North Korean-linked hacking group called Kimsuky, according to a recent analysis.

236
236

Magecart Groups Hide Behind 'Bulletproof' Hosting Service

Data Breach Today

Researchers Find Groups Hiding JavaScript Skimmers and Phishing Pages Several Magecart groups hide their JavaScript skimmers, phishing domains and other malicious tools behind a "bulletproof" hosting service called Media Land, according to researchers with RiskIQ.

Chinese APT Group Deploys ‘Most Sophisticated’ Shellcode

Data Breach Today

Newly Discovered BendyBear's Advanced Features Include Anti-Analysis Capabilities BlackTech, a Chinese advanced persistent threat group, is deploying a sophisticated new shellcode called BendyBear as part of its latest espionage campaign, security firm Palo Alto Networks reports

North Korean Group Targets Security Researchers - Again

Data Breach Today

Google: Attackers Leverage Social Media Accounts A North Korean government-backed threat group that was detected targeting security researchers in January is once again staging a campaign against them using advanced social engineering techniques, Google reports

APT Groups Planting Backdoors: Report

Data Breach Today

Researchers Say Groups With Apparent Ties to Iran Exploiting VPN Vulnerabilities Since August, security researchers have warned that attackers are targeting unpatched VPN servers with known vulnerabilities.

Alert: APT Groups Targeting COVID-19 Researchers

Data Breach Today

are warning medical institutions, pharmaceutical companies, universities and others about "password-spraying campaigns" by advance persistent threat groups seeking to steal COVID-19 research data.

U.S. Imposes Sanctions on Iranian APT Group

Data Breach Today

Treasury Department on Thursday imposed sanctions on an Iranian advanced persistent threat group, 45 associated individuals and a front company the Iranian government used for a years-long malware campaign that targeted Iranian dissidents, journalists and others

White House 'Stands Down' SolarWinds, Exchange Response Groups

Data Breach Today

Unified Coordination Groups Were Created to Respond to Cybersecurity Incidents The White House announced Monday that it is "standing down" two Unified Coordination Groups that were created to coordinate the federal response to the SolarWinds supply chain attack and attacks on vulnerable on-premises Microsoft Exchange email servers.

New ransomware group Hive leaks Altus group sample files

Security Affairs

On June 14th, Altus Group, a commercial real estate software solutions firm, disclosed a security breach, now Hive ransomware gang leaked its files. On June 14th, Altus Group, a commercial real estate software solutions company, has announced that its data was breached.

US Seizes $2 Million in Cryptocurrency From Terrorist Groups

Data Breach Today

Justice Department Describes How Groups Raised Funds The U.S. Justice Department has seized more than $2 million worth of cryptocurrency from terrorists groups who solicited donations via social media and waged fraud campaigns

234
234

Russian Hacking Group's Backdoor Uses Dropbox

Data Breach Today

Researchers Describe Turla Group's 'Crutch' Malware As part of a cyberespionage campaign, the Russian hacking group known as Turla deployed a backdoor called "Crutch" that uses Dropbox resources to help gather stolen data, according to the security firm ESET

Payment Card Skimming Group Deployed Raccoon Infostealer

Data Breach Today

Researchers: Fraudsters Hit E-Commerce Sites For Payment Credential Theft A JavaScript card skimmer group dubbed "FakeSecurity" recently deployed the Raccoon information stealer malware in order to target e-commerce sites to steal payment card details from victims, according to security firm Group-IB.

Lazarus Group Reportedly Now Wielding Ransomware

Data Breach Today

Kaspersky Discovers 2 Incidents Involving VHD Ransomware The Lazarus Group, the North Korean hacking group behind the WannaCry worm, the theft of $81 million from a Bangladesh bank and the attacks on Sony Pictures, apparently is expanding into ransomware, according to the security firm Kaspersky

Alert: APT Groups Targeting US Think Tanks

Data Breach Today

CISA and FBI Say Focus Is on Those Working on International Affairs, National Security CISA and the FBI have issued a warning that advanced persistent threat groups are waging cyberespionage campaigns against U.S.

Microsoft: Hacking Groups Shift to New Targets

Data Breach Today

Gamaredon Group Using Fresh Tools to Target Outlook

Data Breach Today

Suspected Russia-Linked Hackers Have Previously Focused on Ukraine The Gamaredon hacking group is now using a new set of malicious tools to compromise Microsoft Outlook as a way of sending spear-phishing emails to victims' contact lists, according to security firm ESET.

Pro-India APT Group Deploys Android Spyware

Data Breach Today

SunBird and HornBill Malicious Apps Mainly Target Users in South Asia Researchers at the security firm Lookout have identified two new Android spyware tools used for cyberespionage campaigns in South Asia which they say are linked to "Confucius," an pro-India advanced persistent threat group

Privacy Group Files Complaint Over iOS Tracking

Data Breach Today

APT Group Using Backdoor for Espionage

Data Breach Today

Kaspersky Describes 'Operation TunnelSnake' That Appears to Have China Connection An ongoing advanced persistent threat campaign dubbed "Operation TunnelSnake" has been using a Windows rootkit named Moriya to deploy a passive backdoor to spy on victims, the security firm Kaspersky reports

APT Groups Target Firms Working on COVID-19 Vaccines

Data Breach Today

Microsoft Says Attacks on Seven Companies Blocked Three state-sponsored advanced persistent threat groups - one Russian, two North Korean - have been targeting companies across the globe involved with COVID-19 vaccine and treatment development, Microsoft says

221
221

Chinese Hacking Group Rebounds With Fresh Malware

Data Breach Today

Researchers: TA416 Ramping Up Phishing Emails Targeting Diplomatic Missions A Chinese advanced persistent threat group has recently begun ramping up its activities with a new phishing campaign leveraging updated malware that's targeting diplomatic missions around the world to collect data and monitor communications, according to Proofpoint.

White House Establishes Group to Investigate Exchange Attacks

Data Breach Today

Federal Agencies Working on Incident Response, Other Issues The White House on Wednesday unveiled the formation of a Unified Coordination Group to lead the government's response to attacks exploiting unpatched vulnerabilities in on-premises Microsoft Exchange email servers