2018, Government and Retail - Information Management Today

Croatia government agencies targeted with news SilentTrinity malware

Security Affairs

JULY 7, 2019

Croatia government agencies have been targeted by unknown hackers with a new piece of malware tracked as SilentTrinity. A mysterious group of hackers carried out a series of cyber attacks against Croatian government agencies, infecting employees with a new piece of malware tracked as SilentTrinity. Pierluigi Paganini.

Government

Government Computer and Electronics Archiving Phishing

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

Most of the attacks have been reported in July, the organizations hit by the ransomware gang operate in professional services, construction, manufacturing, retail, and food industries. Experts warn of active exploitation of the CVE-2018-13379 , a security bug heavily exploited by LockBit to breach networks. in Australia since 2020.

Ransomware

Ransomware Security Retail Manufacturing

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

According to the experts, the threat actors are merely trying to monetize their efforts selling information that have no intelligence value for the Iranian Government. In late July 2020, Crowdstrike spotted a threat actor associated with PIONEER KITTEN that was attempting to sell access to compromised networks on an underground forum.

Access

Access Financial Services Retail Insurance

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Fortinet warns of a spike in attacks against TBK DVR devices

Security Affairs

MAY 2, 2023

Threat actors are attempting to exploit a five-year-old authentication bypass issue, tracked as CVE-2018-9995 (CVSS score of 9.8), in TBK DVR devices. The CVE-2018-9995 flaw is due to an error when handling a maliciously crafted HTTP cookie. ” reads the advisory published by Fortinet. in MVPower CCTV DVR models.

Authentication

Authentication Retail Education Marketing

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

Security Affairs

OCTOBER 3, 2018

Government experts analyzed 10 samples of malware involved in FASTCash attacks, state-sponsored hackers used them to compromise payment “switch application servers” within the targeted banks to facilitate fraudulent transactions. ” states the report. Further details, including IoCs, are reported in the alert.

Retail

Retail Libraries Government Phishing

Australia banned Huawei from 5G network due to security concerns

Security Affairs

AUGUST 25, 2018

The Australian government considers risky the involvement of Huawei for the rolling out of next-generation 5G communication networks. — Huawei Australia (@HuaweiOZ) August 22, 2018. The Chinese firm denies having shared Australian customer data with the Chinese intelligence, but it is not enough for the Australian Government.

Security

Security Military Manufacturing Retail

Digital Transformation In Retail: The Retail Apocalypse

erwin

FEBRUARY 21, 2019

Much like the hospitality industry , digital transformation in retail has been a huge driver of change. One important fact is getting lost among all of the talk of “the retail apocalypse” and myriad stories about increasingly empty shopping malls: there’s a lot of money to be made in retail.

Digital transformation

Digital transformation Retail e-Delivery Customer Experience

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

The government also indicted and sanctioned a top Russian cybercriminal known as Taleon , whose cryptocurrency exchange Cryptex has evolved into one of Russia’s most active money laundering networks. Joker’s sold cards stolen in a steady drip of breaches at U.S. This batch of some five million cards put up for sale Sept.

Ransomware

Ransomware Retail Government Sales

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

NOVEMBER 29, 2019

Compared to its predecessors, the sixth “Hi-Tech Crime Trends” report is the first to contain chapters devoted to the main industries attacked and covers the period from H2 2018 to H1 2019, as compared to the period from H2 2017 to H1 2018. As for 2019, it has become the year of covert military operations in cyberspace.

IT

IT Military Cybersecurity Phishing

Elon Musk BITCOIN Twitter scam, a simple and profitable fraud for crooks

Security Affairs

NOVEMBER 12, 2018

UK retailer Matalan, US publisher Pantheon Books, and official government Twitter accounts such as the Ministry of Transportation of Colombia and the National Disaster Management Authority of India.) iht Coign BSc (Hons) (@abztrdr) November 5, 2018. in a simple as effective scam scheme. tweet: [link].

Retail

Retail Government Security

Breach at Cloud Solution Provider PCM Inc.

Krebs on Security

JUNE 27, 2019

based PCM [ NASDAQ:PCMI ] is a provider of technology products, services and solutions to businesses as well as state and federal governments. billion in revenue in 2018. El Segundo, Calif. PCM has nearly 4,000 employees, more than 2,000 customers, and generated approximately $2.2 earlier this year.

Cloud

Cloud Retail Access Government

Here’s Why Credit Card Fraud is Still a Thing

Krebs on Security

JULY 29, 2020

banks took years to replace their customer card stocks with chip-enabled cards, and countless retailers dragged their feet in updating their payment terminals to accept chip-based cards. In 2015, the major credit card associations instituted new rules that made it riskier and potentially more expensive for U.S.

Sales

Sales Retail Military Paper

Hundreds of C-level executives credentials available for $100 to $1500 per account

Security Affairs

NOVEMBER 28, 2020

. “A source in the cyber-security community who agreed to contact the seller to obtain samples has confirmed the validity of the data and obtained valid credentials for two accounts, the CEO of a US medium-sized software company and the CFO of an EU-based retail store chain.” ” reported ZDNet.

Sales

Sales Access Retail Data collection

Retailers increase cyber security spending, but attacks continue to rise

IT Governance

APRIL 3, 2019

The UK’s biggest retailers are spending more than ever on cyber security but are continuing to see an alarming rise in cyber attacks and data breaches due to the ever-evolving threat landscape, a report has found. Are retailers investing wisely? What are the biggest threats? Where can you start?

Retail

Retail Security Data breaches Government

It’s time to think twice about retail loyalty programs

Thales Cloud Protection & Licensing

DECEMBER 11, 2018

As I was starting to write this blog, yet another retail program data breach occurred, for Marriott’s Starwood loyalty program. What I’d originally planned to write about was a topic that directly applies – why retailers of all stripes are not investing in data security. But none of these reasons rose to the top in retail.

Retail

Retail Data breaches Encryption Mining

List of data breaches and cyber attacks in September 2018 – 925,633,824 records leaked

IT Governance

SEPTEMBER 27, 2018

privacy officials look into data breach involving bankrupt computer retailer. Government transparency site revealed Social Security numbers, other personal info. Cyber-attack at fashion website SheIn.com hits 6.4m UNITED NATIONS ACCIDENTALLY EXPOSED PASSWORDS AND SENSITIVE INFORMATION TO THE WHOLE INTERNET.

Data breaches

Data breaches Passwords Ransomware Phishing

How data breaches are affecting the retail industry

IT Governance

AUGUST 21, 2018

Only time will tell – and we may not have to wait long – but in the meantime, what is the impact of data breaches in the retail industry, and what needs to be done to mitigate them? According to the 2018 Cost of a Data Breach Study by Ponemon Institute , the average cost of a data breach is $3.86 million users was compromised.

Retail

Retail Data breaches GDPR Compliance

SEC Office of Compliance Inspections and Examinations Publishes 2018 Exam Priorities

Data Matters

FEBRUARY 13, 2018

On February 7, 2018, the Office of Compliance Inspections and Examinations (OCIE) of the U.S. 1 As has been widely reported, the Exam Priorities’ general focus areas include: retail investors. 1 As has been widely reported, the Exam Priorities’ general focus areas include: retail investors. cybersecurity. cybersecurity.

Compliance

Compliance Retail Cybersecurity Risk

Q&A: Reddit breach shows use of ‘SMS 2FA’ won’t stop privileged access pillaging

The Last Watchdog

SEPTEMBER 24, 2018

This summer alone, in the wake of the Reddit hack, British mobile phone retailer Carphone Warehouse , ticketing giant Ticketmaster, telecom company T-Mobile and British Airways disclosed huge data compromises of similar scale and methodology. And just last week, online retailer Newegg was hit by the same gang that nicked British Airways.

Access

Access Authentication Retail Cloud

Cybersecurity Identified as an SEC OCIE Examination Priority for 2018

Data Matters

FEBRUARY 19, 2018

On February 7, 2018, the SEC’s Office of Compliance Inspections and Examinations (OCIE) released its 2018 National Exam Program Examination Priorities (2018 Exam Priorities) and, once again, identified cybersecurity as one of its main areas of focus.

Cybersecurity

Cybersecurity Risk Compliance Marketing

Protect yourself and your customers from formjacking

IT Governance

MARCH 5, 2019

Online retailers and other organisations using ecommerce functionality must prepare for the threat of formjacking, Symantec has warned , after detecting 3.7 million instances of the attack method in 2018. This involves exploiting a vulnerability in a system that’s used to provide services to a third party. Who is behind the attacks?

Retail

Retail Government IT Security

MY TAKE: How ‘credential stuffing’ and ‘account takeovers’ are leveraging Big Data, automation

The Last Watchdog

OCTOBER 16, 2019

Related: Cyber risks spinning out of IoT Credential stuffing and account takeovers – which take full advantage of Big Data, high-velocity software, and automation – inundated the internet in massive surges in 2018 and the first half of 2019, according to multiple reports.

Big data

Big data Passwords Digital transformation Data breaches

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

The Last Watchdog

NOVEMBER 26, 2018

I was recently privileged to be part of a group of journalists covering the 2018 North American International Cyber Summit at Detroit’s Cobo Convention Center. (Michigan’s other nickname, by the way, is the Mitten State, referring to the shape of the larger of its two main peninsulas.). Cobo Center.

Cybersecurity

Cybersecurity Military Education Government

Respecting Privacy and Data Protection: World Consumer Rights Day

Thales Cloud Protection & Licensing

MARCH 14, 2023

It’s estimated that more than 20% of retail sales will come from eCommerce in 2023 (rising to nearly 25% in 2026), illustrating the magnitude of digital transactions. It’s not only consumers and retailers taking notice of this trend, of course. Privacy and data protection are not the only things consumers expect from a retailer.

Privacy

Privacy Retail Customer Experience B2C

In a Few Days, Credit Freezes Will Be Fee-Free

Krebs on Security

SEPTEMBER 10, 2018

21, 2018 it will be free to freeze and unfreeze your credit file and those of your children or dependents throughout the United States. Currently, many states allow the big three bureaus — Equifax , Experian and TransUnion — to charge a fee for placing or lifting a security freeze.

Access

Access Security Military Retail

An Exponential Moment and the Untapped Power of Incumbents

AIIM

MARCH 22, 2018

I was reflecting a bit on some of the themes raised by Ginni Rometty, CEO of IBM, during her opening keynote at Think 2018 and their alignment with some of the concepts we at AIIM have been raising over the past year under the banner of Intelligent Information Management. We’re going to be talking about a lot of these issues at AIIM 2018.

Retail

Retail Records Management Paper Government

MY TAKE: New ‘cyberthreat index’ shows SMBs cognizant of big risks, ill-prepared to deal with them

The Last Watchdog

MAY 2, 2019

Certain verticals, namely the government and transportation sectors, gave themselves a positive preparedness rating; meanwhile the hospitality, legal and retail sectors were much less positive about their cybersecurity preparedness.

Risk

Risk Cybersecurity Passwords Ransomware

Digital Transformation Examples: How Data Is Transforming the Hospitality Industry

erwin

FEBRUARY 14, 2019

There’s one industry we’re all familiar with that welcomes billions of global customers every year; that’s in the midst of a strong economic run; is dealing with high-profile disruptors; and suffered a very public data breach to one of its storied brands in 2018 that raised eyebrows around the world. It is a strategy.

Digital transformation

Digital transformation Customer Experience Data breaches Retail

SEC Announces Examination Priorities for 2019

Data Matters

JANUARY 16, 2019

On December 20, 2018, the Office of Compliance Inspections and Examinations (OCIE) of the U.S. In fiscal year (FY) 2018, the OCIE National Exam Program examined approximately 17 percent of SEC-registered advisers (RIAs), up from 15 percent during FY 2017 and 11 percent during FY 2016. Continued Focus on Retail Investors.

Retail

Retail Risk Compliance Marketing

List of data breaches and cyber attacks in December 2019 – 627 million records breached

IT Governance

JANUARY 3, 2020

Hackers break into government system used by the country’s schools (unknown). Singapore-based retailer Love, Bonito apologises to customers after malware infection (unknown). Chinese government-linked hacking group has been bypassing 2FA in a wave of attacks (unknown). Galt, CA, government suffers ransomware attack (unknown).

Data breaches

Data breaches Ransomware Phishing Government

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

JANUARY 30, 2019

According to a recent Ponemon Institute study , some 59% of companies experienced a third-party data breach in 2018, yet only 16% believe they are effectively mitigating third-party risk. Third-party cyber risks are likely to persist at the current scale for a while longer.

Risk

Risk Financial Services Insurance Data breaches

JavaScript keylogger sees Vision Direct’s customer data stolen

IT Governance

NOVEMBER 19, 2018

Between 12.11am GMT 3rd November 2018 and 12.52pm GMT 8th November, the personal and financial details of some of our customers ordering or updating their information on visionDirect.co.uk Bad Packets Report (@bad_packets) November 18, 2018. was compromised,” said a statement on its website.

Analytics

Analytics Data breaches Archiving Passwords

Card Factory allowed customer photos to be exposed publicly

IT Governance

OCTOBER 19, 2018

According to Mashable, Card Factory became aware of the error on 8 October 2018 but didn’t immediately rectify it. The issue demonstrates how easy it is for retailers to experience cyber security incidents, and how important it is that they are prepared to respond. It’s fairly common and totally unacceptable.”.

Retail

Retail Data breaches Personal data GDPR

GDPR fines are coming and here’s why

IT Governance

APRIL 23, 2019

Experts have been warning organisations about this since long before the Regulation took effect on 25 May 2018, but their advice has started to fall on deaf ears. For instance, an investigation into the pregnancy and parenthood advice club Bounty UK was launched on 30 April 2018 and concluded last week with the ICO issuing a £400,000 fine.

GDPR

GDPR Personal data Compliance Retail

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Security Affairs

MAY 22, 2020

The group behind this activity is the same we identified in the past malicious operations described in Roma225 (12/2018), Hagga (08/2019), Mana (09/2019), YAKKA (01/2020). They also stated the hypothesis of possible overlaps with the Gorgon APT group, but no clear evidence confirmed that.

Manufacturing

Manufacturing e-Delivery IT Security

The Business of Data Newsletter – Issue 7 (7 December 2018)

Information Matters

DECEMBER 7, 2018

UK consumers threaten data breach backlash – Computer Weekly, 5 December 2018. Retailers are most at risk globally, with 62% of respondents willing to walk away after a data breach, followed by banks (59%) and social media sites (58%), according to a survey of 10,500 consumers by digital security firm Gemalto.”

IoT

IoT Blockchain Personal data Analytics

Lessons from the Eurostar hack

IT Governance

NOVEMBER 16, 2018

Last month, cross-Channel rail service Eurostar discovered that it had suffered a hacking attempt between 15 and 19 October 2018. The post Lessons from the Eurostar hack appeared first on IT Governance Blog. Would your organisation be able to identify and contain a breach effectively? Find out now.

Data breaches

Data breaches Passwords GDPR Access

The time for government blockchain proofs of concept is now

CGI

MAY 15, 2018

The time for government blockchain proofs of concept is now. Tue, 05/15/2018 - 06:29. Many government agencies also have been wading deeper into the blockchain waters. As of January 2018, ISO/AWI 22739 related to blockchain and distributed ledger technologies (DLTs) is in the preparation phase. For example, the U.S.

Blockchain

Blockchain Government Digital transformation Consumer Services

Have I Been Pwned is Now Partnering With 1Password

Troy Hunt

MARCH 29, 2018

— Dan Blank (@danblank000) March 20, 2018. — Brian Ford (@BrianPFord) March 9, 2018. — Edward Deaver (@EdwardCDeaver) March 10, 2018. I've never received either product for free (I've paid retail prices for both for years), and I've never been paid to endorse either of them. Thanks for all your work!

Passwords

Passwords Data breaches IT Security

Catches of the month: Phishing scams for December 2019

IT Governance

DECEMBER 10, 2019

It identified a 100% increase in financial losses between May 2018 and June 2019. But surprisingly, the most common type of scam this year didn’t involve online retailers like Amazon but physical shops offering in-store bargains. The post Catches of the month: Phishing scams for December 2019 appeared first on IT Governance UK Blog.

Phishing

Phishing Retail IT Security

Weekly podcast: ICANN, DNS and DNSSEC; credential stuffing; passwords managers; and EDPS report

IT Governance

FEBRUARY 28, 2019

This week, we discuss ICANN’s warning about DNS attacks, the extent of credential stuffing attacks on the retail sector, password managers’ responses to recent research into security flaws, and the European Data Protection Supervisor’s annual report for 2018. Here are this week’s stories. data-protection.

Passwords

Passwords GDPR Retail Government

Consumers have their Say about Protection of Personal Data – Call for More Stringent Controls

Thales Cloud Protection & Licensing

OCTOBER 10, 2022

We live in a digital world in which we engage with significant social, government, retail, business and entertainment services now delivered without any direct human service management. The report provides novel and important insights for businesses, governments, academics and citizens. Governments need to take action.

Personal data

Personal data Data breaches Government Authentication

Best Managed Security Service Providers (MSSPs)

eSecurity Planet

JANUARY 27, 2022

billion by 2026, driven not only by remote working and growing cyber threats but also by a massive cybersecurity skills shortage , the demands of government regulations , and the simple cost benefits of outsourcing. Use Cases: Companies and governments in U.K., Use Cases: Mid-sized, enterprise, and government organizations.

Security

Security Cloud Compliance Analytics

Customers lose confidence – data breaches aren’t just about fines

IT Governance

DECEMBER 6, 2018

Data breaches are now a common occurrence – big-name brands affected in 2018 include FIFA , British Airways , Vision Direct , Eurostar and Marriott. A 2018 survey revealed that SMEs are unprepared for cyber attacks despite 25% of them believing it is a matter of ‘when, not if’.

Data breaches

Data breaches GDPR Risk Security

Croatia government agencies targeted with news SilentTrinity malware

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Webinars

Trending Sources

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Webinars

Fortinet warns of a spike in attacks against TBK DVR devices

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

Australia banned Huawei from 5G network due to security concerns

Digital Transformation In Retail: The Retail Apocalypse

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Group-IB presents its annual report on global threats to stability in cyberspace

Elon Musk BITCOIN Twitter scam, a simple and profitable fraud for crooks

Breach at Cloud Solution Provider PCM Inc.

Here’s Why Credit Card Fraud is Still a Thing

Hundreds of C-level executives credentials available for $100 to $1500 per account

Retailers increase cyber security spending, but attacks continue to rise

It’s time to think twice about retail loyalty programs

List of data breaches and cyber attacks in September 2018 – 925,633,824 records leaked

How data breaches are affecting the retail industry

SEC Office of Compliance Inspections and Examinations Publishes 2018 Exam Priorities

Q&A: Reddit breach shows use of ‘SMS 2FA’ won’t stop privileged access pillaging

Cybersecurity Identified as an SEC OCIE Examination Priority for 2018

Protect yourself and your customers from formjacking

MY TAKE: How ‘credential stuffing’ and ‘account takeovers’ are leveraging Big Data, automation

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

Respecting Privacy and Data Protection: World Consumer Rights Day

In a Few Days, Credit Freezes Will Be Fee-Free

An Exponential Moment and the Untapped Power of Incumbents

MY TAKE: New ‘cyberthreat index’ shows SMBs cognizant of big risks, ill-prepared to deal with them

Digital Transformation Examples: How Data Is Transforming the Hospitality Industry

SEC Announces Examination Priorities for 2019

List of data breaches and cyber attacks in December 2019 – 627 million records breached

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

JavaScript keylogger sees Vision Direct’s customer data stolen

Card Factory allowed customer photos to be exposed publicly

GDPR fines are coming and here’s why

Cyber-Criminal espionage Operation insists on Italian Manufacturing

The Business of Data Newsletter – Issue 7 (7 December 2018)

Lessons from the Eurostar hack

The time for government blockchain proofs of concept is now

Have I Been Pwned is Now Partnering With 1Password

Catches of the month: Phishing scams for December 2019

Weekly podcast: ICANN, DNS and DNSSEC; credential stuffing; passwords managers; and EDPS report

Consumers have their Say about Protection of Personal Data – Call for More Stringent Controls

Best Managed Security Service Providers (MSSPs)

Customers lose confidence – data breaches aren’t just about fines

Stay Connected