TA505 Group Hides Malware in Legitimate Certificates

Data Breach Today

APT Group Targets Banks With Backdoor Malware to Penetrate Networks TA505, a sophisticated advanced persistent threat group, is now using legitimately signed certificates to disguise malware that can penetrate banking networks, security researchers warn in a new report

Groups 242

A Year Later, Cybercrime Groups Still Rampant on Facebook

Krebs on Security

Almost exactly one year ago, KrebsOnSecurity reported that a mere two hours of searching revealed more than 100 Facebook groups with some 300,000 members openly advertising services to support all types of cybercrime, including spam, credit card fraud and identity theft.

Groups 197

Leak Exposes OilRig APT Group's Tools

Data Breach Today

Group, Apparently Backed By Iran, Was Broadening Its Targets, Analysts Say A set of malicious tools, along with a list of potential targets and victims, belonging to an APT group dubbed OilRig has leaked online, exposing some of the organization's methods and goals, analysts say

Groups 222

Democratic Campaign Group Left 6 Million Emails Exposed

Data Breach Today

UpGuard Finds Misconfigured Amazon S3 Bucket Left Addresses Exposed Security firm UpGuard found that a misconfigured Amazon S3 bucket belonging to the Democratic Senatorial Campaign Committee left the email addresses of more than 6 million U.S. citizens exposed to the internet.

Groups 248

Microsoft Takes Control of 99 Websites From APT Group

Data Breach Today

Phosphorus Group Waged Spear-Phishing Campaign, Company Reports Microsoft is using its legal muscle to push back against an advanced persistent threat group that is says is "widely associated with Iranian hackers."

Groups 253

Pacha Group declares war to rival crypto mining hacking groups

Security Affairs

Two hacking groups associated with large-scale crypto mining campaigns, Pacha Group and Rocke Group , wage war to compromise as much as possible cloud-based infrastructure. SecurityAffairs – Pacha Group, cryptocurrency miners).

ScarCruft APT Group Targets Bluetooth With Malware: Report

Data Breach Today

Kaspersky Lab Says Korean-Speaking Group Expanding Its Arsenal ScarCruft, a Korean-speaking APT group that has been targeting organizations mainly in Southeast Asia over the past three years, is developing new malware that targets Bluetooth-enabled devices, according to Kaspersky Lab

Groups 219

Despite Doxing, OilRig APT Group Remains a Threat

Data Breach Today

Researchers Describe What They've Learned From Data Dump Despite a doxing of its targets and tools in March, the advanced persistent threat group known as OilRig remains a significant threat to governments and businesses, researchers at Palo Alto Network's Unit 42 report

Groups 242

FIN8 Group Returns, Targeting POS Devices With New Tools

Data Breach Today

Groups 182

Lotsy group targets Italian and Spanish-speaking users

Security Affairs

Group-IB discovered massive fraudulent campaigns carried out by Lotsy group involving the use of dozens of well-known brands aimed at Italian and Spanish-speaking customers. Group-IB’s Brand Protection team has detected a total of 114 related fake web-resources involved in the scheme.

Toyota Australia, Healthcare Group Hit By Cyberattacks

Data Breach Today

A healthcare group acknowledged it was the victim of a ransomware attack. Country Has Faced a Series of Security Incidents in Recent Weeks Australia has faced a few tough weeks on the cybersecurity front. Toyota Australia's computer systems were still down Friday after an attempted cyberattack. And last week, suspected nation-state attackers hit Parliament's email systems

Groups 189

Groups Offer Ideas for Improving Healthcare Cybersecurity

Data Breach Today

Mark Warner Several industry groups have offered suggestions - ranging from better cyber information sharing to new regulatory "safe harbors" for entities complying with best practices - in response to Sen. Recommendations Made in Response to Request by Sen.

Groups 173

Groups Ask FDA to Rethink Some Medical Device Cyber Proposals

Data Breach Today

But a variety of changes are needed, say some of the healthcare sector companies and groups that submitted feedback to the agency

Groups 240

'Sea Turtle' DNS Hijacking Group Conducts Espionage: Report

Data Breach Today

Cisco Talos Researchers Describe Group's Methods A nation-state sponsored espionage campaign dubbed "Sea Turtle" has been manipulating the domain name system to target more than 40 organizations, including intelligence agencies - especially in North Africa and the Middle East, Cisco Talos warns.

Groups 228

Magecart Cybercrime Groups Harvest Payment Card Data

Data Breach Today

Researchers say they are tracing at least six active Magecart groups, each with unique infrastructure, skimmers and targeting

Groups 199

MuddyWater APT Group Upgrades Tactics to Avoid Detection

Data Breach Today

Groups 197

Xenotime Group Sets Sights on Electrical Power Plants

Data Breach Today

Groups 178

Magecart Cybercrime Groups Mass Harvest Payment Card Data

Data Breach Today

Researchers say they are tracing at least six active Magecart groups, each with unique infrastructure, skimmers and targeting

Groups 238

Secur Solutions Group data leak exposes 800,000 Singapore blood donors

Security Affairs

Secur Solutions Group data leak – Another clamorous data leak made the headlines, personal information of 808,201 blood donors in Singapore was exposed online. SecurityAffairs – Secur Solutions Group, data breach).

'Rex Mundi' Hacker Extortion Group: Busted

Data Breach Today

Seven Gang Members Arrested in France, Eighth Busted in Thailand, Police Say Cyber extortion group Rex Mundi has been shut down following the arrest of seven suspects in France and a French national in Thailand, police say.

Groups 161

Israel surveillance firm NSO group can mine data from major social media

Security Affairs

The Israeli surveillance firm NSO Group informed its clients that it is able to scoop user data by mining from major social media. The Financial Times reported that the Israeli surveillance firm NSO Group informed its clients that it is able to mine user data from major social media.

The Radisson Hotel Group has suffered a data breach

Security Affairs

The hotel chain Radisson Hotel Group suffered a security breach that exposed personal information of the members of its loyalty scheme. The incident has happened on September 11, but the IT staff at the Radisson Hotel Group identified it only on October first.

Groups 107

Russian APT groups target European governments ahead of May Elections

Security Affairs

Russian APT groups are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections. According to experts from FireEye, Russia-linked APT28 (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) and Sandworm Team (also TeleBots ) cyberespionage groups are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections. SecurityAffairs – Russian APT group, cyberespionage).

Nation-State and Crime Groups Keep Blending, Europol Warns

Data Breach Today

More Advanced Attack Tools Easier to Access, Europol's Steven Wilson Warns Distinguishing nation-state attacks from organized crime continues to grow more difficult because some attackers wear both hats, a Europol official reports.

Groups 212

OilRig APT group: the evolution of attack techniques over time

Security Affairs

Security researcher Marco Ramilli presents a comparative analysis of attacks techniques adopted by the Iran-Linked OilRig APT group. I would define this group of references as reports. Those reports have been divided into 4 timing groups in order to simplify the evaluation process.

The Pyramid Hotel Group data leak exposes 85GB of security logs of major hotel chains

Security Affairs

vpnMentor researches have recently discovered that hotel brands managed by The Pyramid Hotel Group have suffered a data leak. SecurityAffairs – Pyramid Hotel Group, data leak ).

RiskIQ: Magecart Group Targeting Unsecured AWS S3 Buckets

Data Breach Today

Groups 156

Noose Tightens Around Dark Overlord Hacking Group

Data Breach Today

Serbia Makes Arrest; UK Close to Sentencing Another The noose appears to be tightening around the Dark Overlord, a group of international hackers who have stolen and held for ransom sensitive information from dozens of companies, healthcare organizations and U.S.

Groups 148

Ransomware, Trojan and Miner together against “PIK-Group”

Security Affairs

Security expert Marco Ramilli analyzed a new piece of malware apparently designed to target PIK-Group that implements ransomware , Trojan, and Miner capabilities. which according to google translate would be: “PIK Group of Companies order details”. SecurityAffairs – PIK Group, hacking).

TA505 Group Launches New Targeted Attacks

Dark Reading

Russian-speaking group has sent thousands of emails containing new malware to individuals working at financial institutions in the US, United Arab Emirates, and Singapore

Groups 105

Microsoft says Russian APT28 espionage group hit Democratic Institutions in Europe

Security Affairs

Microsoft says Russian APT28 group carried out multiple cyberattacks on democratic institutions in Europe between September and December 2018. The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Lazarus Group Widens Tactics in Cryptocurrency Attacks

Threatpost

Cryptography Government Malware Web Security apt campaign Cryptocurrency Lazarus Group macos users North Korea South Korea widened tactics WindowsMacOS users, as well as Windows, are in the cross-hairs, especially those based in South Korea.

China-Linked APT15 group is using a previously undocumented backdoor

Security Affairs

ESET researchers reported that China-linked cyberespionage group APT15 has been using a previously undocumented backdoor for more than two years. Experts discovered that since December 2016, the APT15 group has been using the previously undocumented backdoor dubbed Okrum.

Groups 101

Recently discovered Hexane group targets the oil and gas industry

Security Affairs

The Hexane group has been active since at least the middle of 2018, it intensified its activity since early 2019 with an escalation of tensions within the Middle East. “Dragos identified a new activity group targeting industrial control systems (ICS) related entities: HEXANE.

Symantec: 'Orangeworm' Group Hits Healthcare Organizations

Data Breach Today

Europe and Asia are getting hit with a backdoor that comes from a long-observed group, which Symantec calls Orangeworm. Custom Backdoor Lands on X-Ray and MRI Machines Large healthcare companies in the U.S.,

Groups 139

A Cyber Espionage Group Re-Emerges

Data Breach Today

A group of suspected Chinese cyber espionage actors, dubbed TEMP.Periscope or Leviathan, has re-emerged, targeting the maritime industry as well as others, according to a report from FireEye. FireEye Describes Campaign by Suspected Chinese Actors; Is Asia Next Target?

Groups 138

Machete cyber-espionage group targets Latin America military

Security Affairs

Security experts from ESET uncovered a cyber-espionage group tracked as Machete that stole sensitive files from the Venezuelan military. Security experts from ESET reported that a cyberespionage group tracked as Machete has stolen sensitive files from the Venezuelan military.

BlackTech espionage group exploited ASUS update process to deliver Plead Backdoor

Security Affairs

The BlackTech cyber-espionage group exploited the ASUS update process for WebStorage application to deliver the Plead backdoor. The cyber espionage group tracked as BlackTech compromised the ASUS update process for WebStorage application to deliver the Plead backdoor.

Hunting the ICEFOG APT group after years of silence

Security Affairs

A security researcher found new evidence of activities conducted by the ICEFOG APT group, also tracked by the experts as Fucobha. The APT group is considered a persistent collector of sensitive information, Kaspersky team detected a series of attacks against the defense supply chain (e.g.

Groups 108

Group-IB UncoversAPT- attacks on Banks: The Sound of Silence

Security Affairs

Researchers at security firm Group-IB have exposed the attacks carried out by the Silence cybercriminal group, providing details on its tactics and tools. Experts at security firm Group-IB have exposed the attacks committed by Silence cybercriminal group.