A Year Later, Cybercrime Groups Still Rampant on Facebook

Krebs on Security

Almost exactly one year ago, KrebsOnSecurity reported that a mere two hours of searching revealed more than 100 Facebook groups with some 300,000 members openly advertising services to support all types of cybercrime, including spam, credit card fraud and identity theft.

Groups 198

TA505 Group Hides Malware in Legitimate Certificates

Data Breach Today

APT Group Targets Banks With Backdoor Malware to Penetrate Networks TA505, a sophisticated advanced persistent threat group, is now using legitimately signed certificates to disguise malware that can penetrate banking networks, security researchers warn in a new report

Groups 232

Magecart Group Continues Targeting E-Commerce Sites

Data Breach Today

Groups 181

Chinese APT Group Began Targeting SSL VPN Flaws in July

Data Breach Today

Pulse Secure and Fortinet Released Critical Fixes Months Ago, But Patching Lags A hacking group known as APT5 - believed to be affiliated with the Chinese government - has been targeting serious flaws in Pulse Secure and Fortinet SSL VPNs for more than six weeks, security experts warn.

Groups 202

Secur Solutions Group data leak exposes 800,000 Singapore blood donors

Security Affairs

Secur Solutions Group data leak – Another clamorous data leak made the headlines, personal information of 808,201 blood donors in Singapore was exposed online. SecurityAffairs – Secur Solutions Group, data breach).

Pacha Group declares war to rival crypto mining hacking groups

Security Affairs

Two hacking groups associated with large-scale crypto mining campaigns, Pacha Group and Rocke Group , wage war to compromise as much as possible cloud-based infrastructure. SecurityAffairs – Pacha Group, cryptocurrency miners).

Toyota Australia, Healthcare Group Hit By Cyberattacks

Data Breach Today

Country Has Faced a Series of Security Incidents in Recent Weeks Australia has faced a few tough weeks on the cybersecurity front. A healthcare group acknowledged it was the victim of a ransomware attack. Toyota Australia's computer systems were still down Friday after an attempted cyberattack. And last week, suspected nation-state attackers hit Parliament's email systems

Groups 186

The Pyramid Hotel Group data leak exposes 85GB of security logs of major hotel chains

Security Affairs

vpnMentor researches have recently discovered that hotel brands managed by The Pyramid Hotel Group have suffered a data leak. Data leaked by the company could be used by attackers to gather information about hotels’ network and security measures implemented to protect them.

Lotsy group targets Italian and Spanish-speaking users

Security Affairs

Group-IB discovered massive fraudulent campaigns carried out by Lotsy group involving the use of dozens of well-known brands aimed at Italian and Spanish-speaking customers. Group-IB’s Brand Protection team has detected a total of 114 related fake web-resources involved in the scheme.

Members of Chinese Espionage Group Develop a 'Side Business'

Data Breach Today

Groups 146

Xenotime Group Sets Sights on Electrical Power Plants

Data Breach Today

Groups 163

The Radisson Hotel Group has suffered a data breach

Security Affairs

The hotel chain Radisson Hotel Group suffered a security breach that exposed personal information of the members of its loyalty scheme. The incident has happened on September 11, but the IT staff at the Radisson Hotel Group identified it only on October first.

Groups 103

Iran-linked group Cobalt Dickens hit over 60 universities worldwide

Security Affairs

Iran-linked Cobalt Dickens APT group carried out a spear-phishing campaign aimed at tens of universities worldwide. This operation is similar to the threat group’s August 2018 campaign , using compromised university resources to send library-themed phishing emails.”

Russian APT groups target European governments ahead of May Elections

Security Affairs

Russian APT groups are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections. According to experts from FireEye, Russia-linked APT28 (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) and Sandworm Team (also TeleBots ) cyberespionage groups are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections. SecurityAffairs – Russian APT group, cyberespionage).

Chinese hacker group APT5 targets Fortinet and Pulse Secure VPN servers via Cyware

IG Guru

Researchers have discovered that a Chinese state-sponsored hacker group known as APT5 is targeting Fortinet and Pulse Secure enterprise VPN servers. The post Chinese hacker group APT5 targets Fortinet and Pulse Secure VPN servers via Cyware appeared first on IG GURU.

OilRig APT group: the evolution of attack techniques over time

Security Affairs

Security researcher Marco Ramilli presents a comparative analysis of attacks techniques adopted by the Iran-Linked OilRig APT group. I would define this group of references as reports. group_a : from 2016 to August 2017 2. group_b : from August 2017 to January 2018 3.

Israel surveillance firm NSO group can mine data from major social media

Security Affairs

The Israeli surveillance firm NSO Group informed its clients that it is able to scoop user data by mining from major social media. The Financial Times reported that the Israeli surveillance firm NSO Group informed its clients that it is able to mine user data from major social media.

Lazarus Group Widens Tactics in Cryptocurrency Attacks

Threatpost

Cryptography Government Malware Web Security apt campaign Cryptocurrency Lazarus Group macos users North Korea South Korea widened tactics WindowsMacOS users, as well as Windows, are in the cross-hairs, especially those based in South Korea.

A Chief Security Concern for Executive Teams

Krebs on Security

Virtually all companies like to say they take their customers’ privacy and security seriously, make it a top priority, blah blah. That’s because very few of the world’s biggest companies list any security executives in their highest ranks.

China-linked APT41 group targets US-Based Research University

Security Affairs

Security experts at FireEye observed Chinese APT41 APT group targeting a web server at a U.S.-based Experts at FireEye observed Chinese APT41 APT group targeting a web server at a U.S.-based

Microsoft says Russian APT28 espionage group hit Democratic Institutions in Europe

Security Affairs

Microsoft says Russian APT28 group carried out multiple cyberattacks on democratic institutions in Europe between September and December 2018. The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Security Affairs

The China-linked APT group Thrip is continuing to target entities in Southeast Asia even after its activity was uncovered by Symantec. The Thrip group has been active since 2013, but this is the first time Symantec publicly shared details of its activities.

The US Treasury placed sanctions on North Korea linked APT Groups

Security Affairs

The US Treasury placed sanctions on three North Korea-linked hacking groups, the Lazarus Group, Bluenoroff, and Andarial. The US Treasury sanctions on three North Korea-linked hacking groups, the Lazarus Group , Bluenoroff , and Andarial.

China-Linked APT15 group is using a previously undocumented backdoor

Security Affairs

ESET researchers reported that China-linked cyberespionage group APT15 has been using a previously undocumented backdoor for more than two years. Experts discovered that since December 2016, the APT15 group has been using the previously undocumented backdoor dubbed Okrum.

BlackTech espionage group exploited ASUS update process to deliver Plead Backdoor

Security Affairs

The BlackTech cyber-espionage group exploited the ASUS update process for WebStorage application to deliver the Plead backdoor. The cyber espionage group tracked as BlackTech compromised the ASUS update process for WebStorage application to deliver the Plead backdoor.

Hunting the ICEFOG APT group after years of silence

Security Affairs

A security researcher found new evidence of activities conducted by the ICEFOG APT group, also tracked by the experts as Fucobha. The group of hackers went dark just after the Kaspersky shared findings of its investigation in September 2013.

Groups 101

Recently discovered Hexane group targets the oil and gas industry

Security Affairs

Security researchers at Dragos Inc have tracked the activity of a threat actor recently discovered and dubbed Hexane. Security experts at Dragos Inc. “Dragos identified a new activity group targeting industrial control systems (ICS) related entities: HEXANE.

Magecart Group Ups Ante: Now Goes After Admin Credentials

Threatpost

The group's skimmer has added some capabilities that steals credentials from admins. Uncategorized Vulnerabilities Web Security admin credentials data breach digital skimmer e-commerce group 11 magecart Magecart group Skimmer VisionDirect VisionDirect data breach

Machete cyber-espionage group targets Latin America military

Security Affairs

Security experts from ESET uncovered a cyber-espionage group tracked as Machete that stole sensitive files from the Venezuelan military. Security experts from ESET reported that a cyberespionage group tracked as Machete has stolen sensitive files from the Venezuelan military.

Ransomware, Trojan and Miner together against “PIK-Group”

Security Affairs

Security expert Marco Ramilli analyzed a new piece of malware apparently designed to target PIK-Group that implements ransomware , Trojan, and Miner capabilities. which according to google translate would be: “PIK Group of Companies order details”.

Apple Disables Group FaceTime Following Major Privacy Glitch

Threatpost

Mobile Security Privacy apple FaceTime FaceTime groups iphone iPhone bug security flawThe bug allows iPhone users to FaceTime other iOS users and eavesdrop on their conversations - even when the other end of the line doesn't pick up.

GreyEnergy cyberespionage group targets Poland and Ukraine

Security Affairs

Security researchers from ESET published a detailed analysis of a recently discovered cyber espionage group tracked as GreyEnergy. Experts from ESET speculate the BlackEnergy threat actor evolved into two separate APT groups, namely TeleBots and GreyEnergy.

Groups 103

Group-IB UncoversAPT- attacks on Banks: The Sound of Silence

Security Affairs

Researchers at security firm Group-IB have exposed the attacks carried out by the Silence cybercriminal group, providing details on its tactics and tools. Experts at security firm Group-IB have exposed the attacks committed by Silence cybercriminal group.

TA505 group updates tactics and expands the list of targets

Security Affairs

Recent campaigns show t hreat actors behind the Dridex and Locky malware families , the TA505 group, have updated tactics and expanded its target list. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors.

Buckeye APT group used Equation Group tools prior to ShadowBrokers leak

Security Affairs

China-linked APT group tracked as APT3 was using a tool attributed to the NSA-linked Equation Group more than one year prior to Shadow Brokers leak. The APT3 cyberespionage group had been active since at least 2009 and its last operation was uncovered in mid-2017.

Facebook Let Dozens of Cybercrime Groups Operate in Plain Sight

WIRED Threat Level

Researchers found 74 groups offering stolen credit cards and hacking tools with simple Facebook searches. Security Security / Security NewsWho needs the dark web?

Facebook banned Archimedes Group, misinformation made in Israel

Security Affairs

A new political misinformation campaign was uncovered and blocked by Facebook, this time it was not operated by Russia but Israel’s Archimedes Group. ” Facebook banned Archimedes Group and all of its subsidiaries from its social media platforms.

North Korea-linked group Lazarus targets Latin American banks

Security Affairs

According to security reearchers at Trend Micro, the North Korea-linked APT group Lazarus recently targeted banks in Latin America. The North Korea-linked APT group Lazarus recently targeted banks in Latin America, Trend Micro experts reported.

Groups 105

Public Google Groups Leaking Sensitive Data at Thousands of Orgs

Threatpost

Cloud Security Privacy Web Security exposed data google groups misconfiguration public settings sensitive informationThe exposed information includes accounts payable and invoice data, customer support emails, password-recovery mails, links to employee manuals, staffing schedules and other internal resources.

Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder

Security Affairs

The popular US whistleblower Edward Snowden has reported the abuse of surveillance made by many governments, he blamed the Israeli company NSO Group for developing and selling surveillance software to Saudi Arabia. Speaking during a conference in Tel Aviv on Wednesday, Snowden explained that the spy software developed by NSO Group enabled the murder of dissident journalist Jamal Khashoggi, at a conference in Tel Aviv on Wednesday. Security Affairs – NSO Group, Khashoggi).