Groups, Industry, Retail and Security - Information Management Today

Retailers Take Note: Use Infogov to Reduce Fraud, Boost Security, Ensure Accuracy

Weissman's World

FEBRUARY 1, 2023

If you’re a regular reader, then you know that my pieces are typically more universal than they are industry-specific – though I have been known to opine in such particular places as local government and oil and gas.

Retail

Retail Security Government Records Management

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

Security Affairs

FEBRUARY 19, 2024

The Cactus ransomware gang claims the theft of 1.5TB of data from the Energy management and industrial automation firm Schneider Electric. The Cactus ransomware group claims responsibility for pilfering 1.5TB of data from the Energy management and industrial automation giant Schneider Electric.

Ransomware

Ransomware Digital transformation Encryption Retail

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 21, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Automotive Industry Chinese Organized Crime’s Latest U.S. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Data breaches Security MDM Ransomware

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Security Affairs

DECEMBER 11, 2020

Vietnam-linked APT group APT32 , also known as OceanLotus and APT-C-00, carried out cyber espionage campaigns against Chinese entities to gather intelligence on the COVID-19 crisis. Now the Facebook security team has revealed the real identity of APT32 , linking the group to an IT company in Vietnam named CyberOne Group. .

Agriculture

Agriculture IT Retail Manufacturing

Ransomware attacks break records in 2023: the number of victims rose by 128%

Security Affairs

JANUARY 19, 2024

Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. The most active group in 2023: LockBit According to the data presented by the Cybernews research team, 66 active ransomware groups were identified and operating within the digital landscape in 2023.

Ransomware

Ransomware Manufacturing Retail Insurance

Digital Transformation In Retail: The Retail Apocalypse

erwin

FEBRUARY 21, 2019

Much like the hospitality industry , digital transformation in retail has been a huge driver of change. One important fact is getting lost among all of the talk of “the retail apocalypse” and myriad stories about increasingly empty shopping malls: there’s a lot of money to be made in retail.

Digital transformation

Digital transformation Retail e-Delivery Customer Experience

News alert: Harter Secrest & Emery announces designation as NetDiligence-authorized Breach Coac

The Last Watchdog

FEBRUARY 15, 2024

Through its Breach Coach ® designation, NetDiligence recognizes Harter Secrest & Emery as an industry leader and enhances the firm’s reputation as a trusted resource for clients navigating the complex landscape of data incident response. Greene Led by partner F.

Data breaches

Data breaches Financial Services Big data Retail

China-based Fangxiao group behind a long-running phishing campaign

Security Affairs

NOVEMBER 17, 2022

A China-based financially motivated group, tracked as Fangxiao, is behind a large-scale phishing campaign dating back as far as 2019. Researchers from Cyjax reported that a China-based financially motivated group, dubbed Fangxiao, orchestrated a large-scale phishing campaign since 2017. Pierluigi Paganini.

Phishing

Phishing Retail Security IT

FIN8 group used a previously undetected Sardonic backdoor in a recent attack

Security Affairs

AUGUST 25, 2021

The group has been active since 2016, it leverages known malware such as PUNCHTRACK and BADHATCH to infect PoS systems and steal payment card data. The activity of the group was spotted in March, after more than a year of apparent inactivity. The group also employed their BADHATCH backdoor. Pierluigi Paganini.

Retail

Retail Insurance Cybersecurity Phishing

Rent a hacker: Group-IB uncovers corporate espionage group RedCurl

Security Affairs

AUGUST 13, 2020

Threat Intel firm Group-IB has released an analytical report on the previously unknown APT group RedCurl, which focuses on corporate espionage. A presumably Russian-speaking group conducts thoroughly planned attacks on private companies across numerous industries using a unique toolset. From Russia to Canada.

Cloud

Cloud Phishing Analytics Access

FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads

Security Affairs

SEPTEMBER 4, 2021

As a California-based provider of POS technology for the retail and hospitality sector, a successful infection would allow the group to obtain payment card data and later sell the information on online marketplaces.” . “The specified targeting of the Clearmind domain fits well with FIN7’s preferred modus operandi.

Retail

Retail Sales Phishing IT

The Future of Payments Security

Thales Cloud Protection & Licensing

JANUARY 26, 2021

The Future of Payments Security. The Verizon DBIR 2020 report indicates that financially motivated attacks against retailers have moved away from Point of Sale (POS) devices and controllers, towards web applications. This largely follows the trend in the industry of moving transactions primarily to a more web-focused infrastructure.

Security

Security Retail Authentication Big data

PYSA ransomware gang is the most active group in November

Security Affairs

DECEMBER 22, 2021

PYSA and Lockbit were the most active ransomware gangs in the threat landscape in November 2021, researchers from NCC Group report. Security researchers from NCC Group reported an increase in ransomware attacks in November 2021 over the past month, and PYSA (aka Mespinoza) and Lockbit were the most active ransomware gangs.

Ransomware

Ransomware Encryption Government Retail

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 The Australian Cyber Security Centre (ACSC) warns of an escalation in LockBit 2.0 ransomware attacks against Australian organizations in multiple industry sectors starting July 2021. This activity has occurred across multiple industry sectors.

Ransomware

Ransomware Retail Security Manufacturing

4 Industries That Have to Fight the Hardest Against Cyberattacks

Security Affairs

DECEMBER 4, 2018

Society’s dependence on internet-based technologies means security professionals must defend against cyberattacks as well as more traditional threats, such as robbers or disgruntled employees. However, cybercriminals target some industries at disproportionally high rates. happened at retail establishments. Health Care.

Retail

Retail Cybersecurity Data breaches Risk

Cactus ransomware gang claims the Schneider Electric hack

Security Affairs

JANUARY 30, 2024

Energy management and industrial automation firm Schneider Electric suffered a data breach after a Cactus ransomware attack. Schneider Electric is a multinational company that specializes in energy management, industrial automation, and digital transformation.

Ransomware

Ransomware Data breaches Digital transformation Encryption

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

IT Governance

FEBRUARY 14, 2024

Compromised data includes policyholders’ and their families’ civil status, dates of birth and social security numbers, as well as the name of their health insurer and information relating to their contracts. It has since been confirmed by Anukul Peedkaew, the permanent secretary of social development and human security.

Data Privacy

Data Privacy Manufacturing Privacy Security

News Alert: W3C advances technology to streamline payment authentication

The Last Watchdog

JUNE 15, 2023

The World Wide Web Consortium today announced a standardization milestone for a new browser capability that helps to streamline user authentication and enhance payment security during Web checkout. Publication of Secure Payment Confirmation as a Candidate Recommendation indicates that the feature set is stable and has received wide review.

Authentication

Authentication Communications Financial Services Retail

FIN8 Hacking Group is back with an improved version of the ShellTea Backdoor

Security Affairs

JUNE 12, 2019

After two years of silence, FIN8 group is back and carried out a new campaign against the hotel-entertainment industry employing the ShellTea/PunchBuggy backdoor. The last time security experts documented the FIN8’s activities was in 2016 and 2017. ” reads the analysis published by Morphisec.

Phishing

Phishing Retail Communications Security

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

The Last Watchdog

JULY 13, 2023

Is business becoming dulled to the cyber security threat As cyber fears decrease, the technological risk landscape has fragmented, with executives nearly as concerned about the perceived threat posed by disruptive new technologies, such as AI, as the risk of cybercrime.

Risk

Risk Insurance Energy and Utilities Marketing

The Rise of the Bad Bots

Thales Cloud Protection & Licensing

APRIL 22, 2024

The report analyzes the bad bot threat landscape across industries, sophistication levels, origin, and more. Bad Bots Affect All Sectors The gaming industry suffers most from bad bot traffic, with 57.2% It is crucial to recognize that various industries are threatened by bad bots in distinct ways.

Digital transformation

Digital transformation Retail Access Encryption

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

IT Governance

FEBRUARY 21, 2024

Fowler sent a responsible disclosure notice when he discovered the database and it was secured the following day. Source New Telecoms USA Yes 6,158 Nabholz Construction Company Employee Welfare Health Plan Source 1 ; source 2 New Healthcare USA Yes 5,326 Dawson James Securities, Inc. North Hill Home Health Care, Inc.,

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Security Affairs

JANUARY 13, 2019

Security researchers at Proofpoint researchers discovered two strains of malware tracked as ServHelper and FlawedGrace distributed through phishing campaigns by the TA505 crime gang. In November experts observed several campaigns carried out by the TA505 group, in three of them the threat actors delivered the ServHelper malware.

IT

IT Financial Services Retail Ransomware

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide. .

Energy and Utilities

Energy and Utilities Military Government Phishing

Security Affairs newsletter Round 245

Security Affairs

DECEMBER 22, 2019

The best news of the week with Security Affairs. A WhatsApp bug could have allowed crashing of all group members. Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs. Gangnam Industrial Style APT campaign targets industrial firms worldwide. Pierluigi Paganini.

Security

Security Ransomware Passwords Data breaches

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Security Affairs

JANUARY 24, 2024

Impacted customers include Sweden’s largest cinema chain Filmstaden (the attack disrupted its online ticket system) and the discount retail chain Rusta. ” BleepingComputer first reported that the security breach was the result of an Akira ransomware attack. Tietoevry notified law enforcement and impacted customers.

Ransomware

Ransomware Government Retail Cloud

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Security Affairs

NOVEMBER 20, 2020

Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has discovered that QakBot (aka Qbot) operators have abandoned ProLock for Egregor ransomware. The biggest ransom demand detected by Group-IB team has been at $4 million worth of BTC. of victims) and Retail (14.5%). ProLock = Egregor.

Ransomware

Ransomware Retail Encryption Manufacturing

News Alert: Jscrambler launches free tool for new PCI DSS anti-skimming requirements

The Last Watchdog

JUNE 27, 2023

of the Payment Card Industry Data Security Standards (PCI DSS v4.0). This free assessment tool provides organizations of all sizes with clarity and simple compliance coupled with proactive security measures to prevent web skimming and Magecart attacks. and 11.6.1 of PCI DSS v4.0.

Compliance

Compliance Retail Security Communications

Hackers hit Luxottica, production stopped at two Italian plants

Security Affairs

SEPTEMBER 22, 2020

Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world’s largest company in the eyewear industry. Security experts believe that threat actor exploited the above flaw to infect the systems at the company with ransomware. At the time Luxottica has yet to release any official statement on the attack.

Retail

Retail Manufacturing Ransomware Security

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Security Affairs

OCTOBER 6, 2021

Both cybercriminal groups and actors involved in espionage operations use this RAT due to Agent Tesla’s stability, flexibility and functionality that allows for the collection of sensitive data and exfiltration from the victim. . Last year, Agent Tesla was spotted in highly targeted campaigns against the oil and gas industry.

Financial Services

Financial Services Retail Education Information Security

A new Magecart campaign hides the malicious code in 404 error page

Security Affairs

OCTOBER 12, 2023

Researchers from the Akamai Security Intelligence Group uncovered a Magecart web skimming campaign that is manipulating the website’s default 404 error page to hide malicious code. The attacks are targeting a large number of Magento and WooCommerce websites, including large organizations in the food and retail industries.

Retail

Retail IT Security Information Security

2021 data breach exposed data of 70 Million Luxottica customers

Security Affairs

MAY 20, 2023

Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world’s largest company in the eyewear industry. BleepingComputer first reported the news, and Luxottica confirmed that the data breach is the result of a new security incident suffered by a third-party contractor that was managing its customer data.

Data breaches

Data breaches Retail Sales Ransomware

TA505 group updates tactics and expands the list of targets

Security Affairs

AUGUST 28, 2019

Recent campaigns show t hreat actors behind the Dridex and Locky malware families , the TA505 group, have updated tactics and expanded its target list. Trend Micro revealed that the TA505 group that is behind the Dridex and Locky malware families continue to make small changes to its operations. XLS or VBA.DOC macros.”

e-Delivery

e-Delivery Insurance Retail Government

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Krebs on Security

JUNE 22, 2023

” The written notice goes on to say UPS believes the data exposure “affected packages for a small group of shippers and some of their customers from February 1, 2022 to April 24, 2023.” “It was more or less the same day. In a statement provided to KrebsOnSecurity, Sandy Springs, Ga. ”

Phishing

Phishing Retail IT Communications

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

Although there have still been a few surprises, with the death of Queen Elizabeth II and blazing heatwaves across the UK to name but two, it was a familiar year in the cyber security landscape. Google , Clearview AI , and Meta all receives hefty penalties in 2022, demonstrating the continued important of effective information security.

Security

Security Data breaches Ransomware Military

Grayfly APT uses recently discovered Sidewalk backdoor

Security Affairs

SEPTEMBER 10, 2021

Security researchers from Broadcom’s Symantec linked a previously undocumented backdoor to the Chinese Grayfly operation. In late August, ESET researchers uncovered the SideWalk backdoor that was employed by the Chine cyberespionage group in an attack aimed at a computer retail company based in the U.S.

Retail

Retail Risk Security IT

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

MAY 5, 2021

The group targeted the organization with phishing attacks aimed at spreading at least three new sophisticated malware strains. FireEye’s Mandiant unit observed two distinct waves of attacks carried out by the cybercrime group in December 2020. orgs with 3 malware appeared first on Security Affairs. Pierluigi Paganini.

Manufacturing

Manufacturing Phishing Military Retail

Nefilim ransomware gang published Luxottica data on its leak site

Security Affairs

OCTOBER 20, 2020

Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world’s largest company in the eyewear industry. BleepingComputer website, citing the security firm Bad Packets, speculates that the Italian was using a Citrix ADX controller device vulnerable to the critical CVE-2019-19781 vulnerability in Citrix devices.

Ransomware

Ransomware IT Retail Manufacturing

FIN11 gang started deploying ransomware to monetize its operations

Security Affairs

OCTOBER 18, 2020

The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. The financially-motivated hacker group FIN11 has switched tactics starting using ransomware as the main monetization method. ” reads the analysis published by FireEye. ” reads the analysis.

Ransomware

Ransomware IT Healthcare Phishing

Artificial intelligence in cyber security

IT Governance

MARCH 22, 2018

Cyber security has become a major priority for every organisation. Such machine learning has been adopted in industries such as motoring, healthcare and retail. It will no doubt progress to many more, so what might this mean for cyber security? Ultimately, this would help improve network security defences.

Artificial Intelligence

Artificial Intelligence Security Encryption Risk

TA505 cybercrime group use SDBbot RAT in recent campaigns

Security Affairs

OCTOBER 20, 2019

TA505 cybercrime group that operated the Dridex Trojan and Locky ransomware, has been using a new RAT dubbed SDBbot in recent attacks. Security experts at Proofpoint observed the notorious TA505 cybercrime group that has been using a new RAT dubbed SDBbot in recent attacks. ” reads the analysis published by Proofpoint.

Retail

Retail Phishing Ransomware Access

Cisco discovered several flaws in Sierra Wireless AirLink ES450 devices

Security Affairs

APRIL 27, 2019

Experts at Cisco Talos group disclosed a dozen vulnerabilities uncovered in Sierra Wireless AirLink gateways and routers, including several serious flaws. Researchers at Cisco Talos group disclosed a dozen vulnerabilities affecting Sierra Wireless AirLink gateways and routers, including several serious flaws. Pierluigi Paganini.

Passwords

Passwords Sales IoT Authentication

Russians Shut Down Huge Card Fraud Ring

Krebs on Security

MARCH 26, 2020

Cybersecurity experts say the raid included the charging of a major carding kingpin thought to be tied to dozens of carding shops and to some of the bigger data breaches targeting western retailers over the past decade. Flint is among the biggest players in the crowded underground market for stolen credit card data, according to a U.S.

Retail

Retail Insurance Cybersecurity Data breaches

Russian TA505 threat actor target financial entities worldwide

Security Affairs

APRIL 18, 2019

Security experts at CyberInt uncovered a new campaign of a Russian financially motivated threat actor tracked as TA505. “CyberInt researchers have been tracking various activities following the spear-phishing campaign targeting large US-based retailers detected in December 2018.”

Retail

Retail Phishing Ransomware Access

Retailers Take Note: Use Infogov to Reduce Fraud, Boost Security, Ensure Accuracy

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

Webinars

Trending Sources

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

Webinars

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Ransomware attacks break records in 2023: the number of victims rose by 128%

Digital Transformation In Retail: The Retail Apocalypse

News alert: Harter Secrest & Emery announces designation as NetDiligence-authorized Breach Coac

China-based Fangxiao group behind a long-running phishing campaign

FIN8 group used a previously undetected Sardonic backdoor in a recent attack

Rent a hacker: Group-IB uncovers corporate espionage group RedCurl

FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads

The Future of Payments Security

PYSA ransomware gang is the most active group in November

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

4 Industries That Have to Fight the Hardest Against Cyberattacks

Cactus ransomware gang claims the Schneider Electric hack

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

News Alert: W3C advances technology to streamline payment authentication

FIN8 Hacking Group is back with an improved version of the ShellTea Backdoor

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

The Rise of the Bad Bots

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs newsletter Round 245

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

News Alert: Jscrambler launches free tool for new PCI DSS anti-skimming requirements

Hackers hit Luxottica, production stopped at two Italian plants

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

A new Magecart campaign hides the malicious code in 404 error page

2021 data breach exposed data of 70 Million Luxottica customers

TA505 group updates tactics and expands the list of targets

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

2022 Cyber Security Review of the Year

Grayfly APT uses recently discovered Sidewalk backdoor

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Nefilim ransomware gang published Luxottica data on its leak site

FIN11 gang started deploying ransomware to monetize its operations

Artificial intelligence in cyber security

TA505 cybercrime group use SDBbot RAT in recent campaigns

Cisco discovered several flaws in Sierra Wireless AirLink ES450 devices

Russians Shut Down Huge Card Fraud Ring

Russian TA505 threat actor target financial entities worldwide

Stay Connected