APT Groups Planting Backdoors: Report

Data Breach Today

Researchers Say Groups With Apparent Ties to Iran Exploiting VPN Vulnerabilities Since August, security researchers have warned that attackers are targeting unpatched VPN servers with known vulnerabilities.

New Hacking Group Targets Gambling Firms: Report

Data Breach Today

APT Group Steals Source Code and Data, Not Money, Researchers Say A newly identified hacking group has been targeting gambling companies in Asia, the Middle East and Europe, using backdoors to steal source code and other data, according to new research from security firm Trend Micro

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

A Year Later, Cybercrime Groups Still Rampant on Facebook

Krebs on Security

Almost exactly one year ago, KrebsOnSecurity reported that a mere two hours of searching revealed more than 100 Facebook groups with some 300,000 members openly advertising services to support all types of cybercrime, including spam, credit card fraud and identity theft.

TA505 Group Hides Malware in Legitimate Certificates

Data Breach Today

APT Group Targets Banks With Backdoor Malware to Penetrate Networks TA505, a sophisticated advanced persistent threat group, is now using legitimately signed certificates to disguise malware that can penetrate banking networks, security researchers warn in a new report

Pacha Group declares war to rival crypto mining hacking groups

Security Affairs

Two hacking groups associated with large-scale crypto mining campaigns, Pacha Group and Rocke Group , wage war to compromise as much as possible cloud-based infrastructure. SecurityAffairs – Pacha Group, cryptocurrency miners).

Croatia’s largest petrol station chain INA group hit by ransomware attack

Security Affairs

S ome operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain were disrupted by a cyber attack. A ransomware attack has disrupted operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain.

Signal Tests Upgraded Cryptography for Groups Function

Threatpost

The secure messaging service is looking to address usability issues. Cryptography Privacy cryptography groups private groups secure messaging Signal usability

Magecart Group Continues Targeting E-Commerce Sites

Data Breach Today

Arxan Analyzes Vulnerabilities in Over 80 Sites Hit by 'Formjacking' Attacks In a series of recent attacks attributed to the umbrella criminal group known as Magecart, malicious JavaScript code was injected into over 80 e-commerce websites to steal credit card and other customer data, according to a new report from the security firm Arxan, which highlights the sites' vulnerabilities.

Alleged Member of Neo-Nazi Swatting Group Charged

Krebs on Security

An FBI affidavit unsealed this week identifies one member of the group as John William Kirby Kelley. “The group’s neo-Nazi ideology is apparent in the racial tones throughout the conversation logs,” the affidavit reads.

TA505 APT Group Returns With New Techniques: Report

Data Breach Today

Group Using HTML Redirectors to Deliver Malware After a hiatus, TA505 - a sophisticated APT group that has targeted financial companies and retailers in several countries, including the U.S. -

Retail 141

The Pyramid Hotel Group data leak exposes 85GB of security logs of major hotel chains

Security Affairs

vpnMentor researches have recently discovered that hotel brands managed by The Pyramid Hotel Group have suffered a data leak. Data leaked by the company could be used by attackers to gather information about hotels’ network and security measures implemented to protect them.

Unpatched VPN Servers Hit by Apparent Iranian APT Groups

Data Breach Today

Backdoored: Fortinet, Palo Alto and Pulse Secure VPN Servers; Citrix Gateways Unpatched Fortinet, Palo Alto and Pulse Secure VPN servers, as well as Citrix gateways, continue to be targeted by hackers, who are exploiting critical flaws to install backdoors inside corporate networks.

Chinese APT Group Began Targeting SSL VPN Flaws in July

Data Breach Today

Pulse Secure and Fortinet Released Critical Fixes Months Ago, But Patching Lags A hacking group known as APT5 - believed to be affiliated with the Chinese government - has been targeting serious flaws in Pulse Secure and Fortinet SSL VPNs for more than six weeks, security experts warn.

M6 Group, largest France private multimedia group, hit by ransomware attack

Security Affairs

The M6 Group, the largest France private multimedia group, was the victim of ransomware over the weekend. Le Groupe M6 a été la cible samedi matin d’une attaque informatique malveillante. — Groupe M6 (@M6Groupe) October 13, 2019.

WhatsApp Fixes Yet Another Group Chat Security Gap

WIRED Threat Level

The flaw would have given attackers an avenue for crashing the app—every time a user opened an infected group thread. Security Security / Cyberattacks and Hacks

Toyota Australia, Healthcare Group Hit By Cyberattacks

Data Breach Today

Country Has Faced a Series of Security Incidents in Recent Weeks Australia has faced a few tough weeks on the cybersecurity front. A healthcare group acknowledged it was the victim of a ransomware attack. Toyota Australia's computer systems were still down Friday after an attempted cyberattack. And last week, suspected nation-state attackers hit Parliament's email systems

Chinese APT Group Targets Mobile Networks: FireEye Mandiant

Data Breach Today

New Malware 'Messagetap' Intercepts Communications for Espionage, Researchers Say The Chinese advanced threat group APT41 is using a new espionage tool to intercept SMS messages from specific phone numbers by infecting mobile telecommunication networks, according to the security firm FireEye Mandiant.

MoleRATs APT group targets Palestinian territories

Security Affairs

Security experts uncovered a new cyberespionage campaign conducted by one of the Gaza Cybergang groups (aka MoleRATs) targeting the Middle East. The post MoleRATs APT group targets Palestinian territories appeared first on Security Affairs.

IT 78

Lotsy group targets Italian and Spanish-speaking users

Security Affairs

Group-IB discovered massive fraudulent campaigns carried out by Lotsy group involving the use of dozens of well-known brands aimed at Italian and Spanish-speaking customers. Group-IB’s Brand Protection team has detected a total of 114 related fake web-resources involved in the scheme.

Retail 101

Facebook Fixes WhatsApp Group Chat Security Issue

Dark Reading

Flaw allowed attackers to repeatedly crash group chat and force users to uninstall and reinstall app, Check Point says

Democratic Campaign Group Left 6 Million Emails Exposed

Data Breach Today

UpGuard Finds Misconfigured Amazon S3 Bucket Left Addresses Exposed Security firm UpGuard found that a misconfigured Amazon S3 bucket belonging to the Democratic Senatorial Campaign Committee left the email addresses of more than 6 million U.S. The bucket has since been secured

Toll Group shuts down some online systems after ransomware attack

Security Affairs

The Australian transportation and logistics giant Toll Group has suffered a ransomware attack that forced it to shut down part of its services. The company published a security breach notice on its website the same day, but it provided further details some days later.

'Fancy Bear' Hacking Group Adds New Capabilities, Targets

Data Breach Today

Russian Group Uses Revamped Backdoor to Target Embassies, Researchers Say The Russia-based cyberespionage group Fancy Bear, which has led high-profile cyberattacks against governments and embassies over the last several years, has launched a phishing campaign that includes a redesigned backdoor, according to research from security firm ESET.

DRBControl cyber-espionage group targets gambling, betting companies

Security Affairs

The DRBControl APT group has been targeting gambling and betting companies worldwide with malware that links to two China-linked APT groups. Trend Micro experts believe that this is the first time that the DRBControl group is tracked by the security experts.

WhatsApp Spyware Attack: Uncovering NSO Group Activity

Threatpost

John Scott-Railton with Citizen Lab, who helped WhatsApp investigate the NSO Group over the alleged WhatsApp hack, said the subsequent lawsuit is a "certified big deal.".

The Radisson Hotel Group has suffered a data breach

Security Affairs

The hotel chain Radisson Hotel Group suffered a security breach that exposed personal information of the members of its loyalty scheme. The incident has happened on September 11, but the IT staff at the Radisson Hotel Group identified it only on October first.

Robots at HIS Group are vulnerable to hack

Security Affairs

The Japanese hotel chain HIS Group admitted that its in-room robots were vulnerable and could allow hackers to remotely view video footage from the devices. The HIS Group hotel chain has 10 locations in Japan that used robots instead of human personnel to provide some services.

Experts believe the Magecart Group 5 could be linked to the Carbanak APT

Security Affairs

Security experts linked the Magecart group 5 to the infamous Dridex banking Trojan and the Carbanak cybercrime group. Hacker groups under the Magecart umbrella continue to target to steal payment card data with so-called software skimmers.

Xenotime Group Sets Sights on Electrical Power Plants

Data Breach Today

Trisis Malware Creator Moves Beyond Oil and Gas Industry Xenotime, the group suspected of launching the Trisis malware attack in Saudi Arabia during 2017, has over the past few months shifted its focus beyond the oil and gas industry to target electrical plants and utilities, security firm Dragos reports.

Experts found a link between a Magecart group and Cobalt Group

Security Affairs

Researchers from MalwareBytes and HYAS Threat Intelligence linked one of the hacking groups under the Magecart umbrella to the notorious Cobalt cybercrime Group. Security firms have monitored the activities of a dozen groups at least since 2010.

AccorHotels subsidiary Gekko Group exposes hotels and travelers data in massive data leak

Security Affairs

Security experts from vpnMentor discovered that Gekko Group, an AccorHotels subsidiary, exposes hotels and travelers in a massive data leak. vpnMentor discovered a database exposed online that contained over 1 terabyte of data from Gekko Group brands and their clients.

B2B 83

Microsoft sued North Korea-linked Thallium group

Security Affairs

Microsoft sued a North Korea-linked cyber espionage group tracked as Thallium for hacking into its customers’ accounts and networks via spear-phishing attacks. The Thallium APT group aimed at stealing sensitive accounts from Microsoft accounts.

Russian APT groups target European governments ahead of May Elections

Security Affairs

Russian APT groups are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections. According to experts from FireEye, Russia-linked APT28 (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) and Sandworm Team (also TeleBots ) cyberespionage groups are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections. SecurityAffairs – Russian APT group, cyberespionage).

A Chief Security Concern for Executive Teams

Krebs on Security

Virtually all companies like to say they take their customers’ privacy and security seriously, make it a top priority, blah blah. That’s because very few of the world’s biggest companies list any security executives in their highest ranks.

Russia-Linked Cyber Espionage Group APT29 Remains Active

Data Breach Today

Researchers Tie 'Operation Ghost' Activity to The Dukes, aka Cozy Bear and APT29 While the Russian-linked hacking group known as The Dukes, Cozy Bear and APT29 in recent years appeared to have gone somewhat quiet, researchers from ESET report that the hackers have been targeting various European embassies and ministries as part of what the security firm dubs "Operation Ghost."

Members of Chinese Espionage Group Develop a 'Side Business'

Data Breach Today

FireEye Reports Some Hackers Target Gaming Industry for Financial Gain Some members of a hacking group with ties to China's government that's primarily known for its complex cyberespionage campaigns have developed a side business targeting the global gaming industry for financial gain, the security firm FireEye says.

Israel surveillance firm NSO group can mine data from major social media

Security Affairs

The Israeli surveillance firm NSO Group informed its clients that it is able to scoop user data by mining from major social media. The Financial Times reported that the Israeli surveillance firm NSO Group informed its clients that it is able to mine user data from major social media.

Mining 103