2019, Retail and Security - Information Management Today

Chilean-based retail giant Cencosud hit by Egregor Ransomware

Security Affairs

NOVEMBER 15, 2020

Chilean-based retail giant Cencosud has suffered a ransomware attack that impacted operations at its stores, Egregor ransomware appears to be involved. A ransomware attack, allegedly launched by the Egregor ransomware gang, hit the Chilean-based retail giant Cencosud, the incident impacted operations at its stores. Pierluigi Paganini.

Retail

Retail Ransomware Encryption IT

Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs

Security Affairs

DECEMBER 17, 2019

LightInTheBox is a Chinese online retailer trading on the New York Stock Exchange, most of its customers are in North America and Europe. “Led by cybersecurity analysts Noam Rotem and Ran Locar, vpnMentor’s research team discovered a leak in a database belonging to the online retailer LightInTheBox.” concludes the post.

Retail

Retail e-Discovery Data breaches Archiving

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 The Australian Cyber Security Centre (ACSC) warns of an escalation in LockBit 2.0 Experts warn of active exploitation of the CVE-2018-13379 , a security bug heavily exploited by LockBit to breach networks. ransomware. in Australia since 2020.

Ransomware

Ransomware Security Retail Manufacturing

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Over 23 million stolen payment card data traded on the Dark Web in H1 2019

Security Affairs

JULY 28, 2019

According to a report published by cyber security firm Sixgill data for over 23 million payment card were on offer in underground forums in the first half of 2019. . The following graph shows that three trading posts accounted for 64 percent of the cards on offer during the first half of 2019. . AMEX accounted for 12 percent. .

Marketing

Marketing Sales Encryption Retail

Retail in 2019 needs security precautions

Thales Cloud Protection & Licensing

DECEMBER 28, 2018

As the retail industry follows suit with today’s digital transformation, customer expectations are at an all-time high. Retailers are looking to address these demands with interconnected experiences to give customers more personalized and immediate experiences both in-stores and online. The numbers don’t lie.

Retail

Retail Customer Experience Security Data breaches

North Korean Lazarus APT stole credit card data from US and EU stores

Security Affairs

JULY 6, 2020

North Korea-linked Lazarus APT has been stealing payment card data from customers of large retailers in the U.S. Sansec researchers reported that North Korea-linked Lazarus APT group has been stealing payment card information from customers of large retailers in the U.S. and Europe for at least a year. and Europe for at least a year.

Retail

Retail Phishing Marketing IT

Report: Threat of Emotet and Ryuk

Security Affairs

JANUARY 31, 2020

Experts at cyber security firm Cypher conducted a study on Portuguese domains during 2019 and concluded that Emotet and Ryuk were the most active threats. This is the conclusion of a study by Cipher Portugal, which studied Portuguese domains during 2019. This enhancement appeared in the middle of September 2019.

Ransomware

Ransomware Retail Phishing Encryption

Hackers hit Luxottica, production stopped at two Italian plants

Security Affairs

SEPTEMBER 22, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. billion in revenue for 2019. Luxottica Group S.p.A. Pierluigi Paganini.

Retail

Retail Manufacturing Ransomware Security

US-based children’s clothing maker Hanna Andersson discloses a data breach

Security Affairs

JANUARY 21, 2020

The US-based children’s clothing maker and online retailer Hanna Andersson discloses a data breach, attackers planted an e-skimmer on its e-commerce platform. Security firms have monitored the activities of a dozen groups at least since 2010. . The malware was completely removed on November 11, 2019.

Data breaches

Data breaches Retail Cloud Insurance

Bodybuilding.com forces password reset after a security breach

Security Affairs

APRIL 23, 2019

Bad news for fitness and bodybuilding passionates, the popular online retailer Bodybuilding.com announced that hackers have broken into its systems. The popular online retailer website Bodybuilding.com announced last week that hackers have broken into its systems. ” reads the announcement published on the website.

Passwords

Passwords Security Retail Personal data

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

The Iranian hacker group has been attacking corporate VPNs over the past months, they have been hacking VPN servers to plant backdoors in companies around the world targeting Pulse Secure , Fortinet , Palo Alto Networks , and Citrix VPNs. ” reads the report published by Crowdstrike. Pierluigi Paganini.

Access

Access Financial Services Retail Insurance

Toymaker giant Mattel disclosed a ransomware attack

Security Affairs

NOVEMBER 4, 2020

billion in revenue for 2019. The company filed a 10-Q form with the Securities and Exchange Commission (SEC), Mattel disclosed that it suffered a ransomware attack on July 28th, 2020. The post Toymaker giant Mattel disclosed a ransomware attack appeared first on Security Affairs. ” reads the 10-Q form. Pierluigi Paganini.

Ransomware

Ransomware Retail Encryption IT

Wawa card breach: 30 million card records for sale in the dark web

Security Affairs

JANUARY 29, 2020

In December 2019, Wawa convenience store chain disclosed a payment card breach, its security team discovered a PoS malware on its payment processing systems. Wawa operates more than 860 convenience retail stores, this breach is potentially one of the biggest card incidents in 2019. ” concludes Gemini.

Sales

Sales Data breaches Retail Security

Croatia’s largest petrol station chain INA group hit by ransomware attack

Security Affairs

FEBRUARY 20, 2020

” reads a security breach notice published by the company on its website. “Market supply is secure. Fuel sales at our retail locations continue unhindered. All payments are secure, whether it is a cash payment, an INA card or a bank card. INA is taking steps to remedy the system’s hassle.”

Ransomware

Ransomware Encryption Retail Sales

Nefilim ransomware gang published Luxottica data on its leak site

Security Affairs

OCTOBER 20, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. billion in revenue for 2019. Luxottica Group S.p.A. Pierluigi Paganini.

Ransomware

Ransomware IT Retail Manufacturing

Security Affairs newsletter Round 245

Security Affairs

DECEMBER 22, 2019

The best news of the week with Security Affairs. A study reveals the list of worst passwords of 2019. Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs. Negative opinion of Italy security committee Copasir on Huawei, ZTE 5G solutions. A new round of the weekly newsletter arrived!

Security

Security Ransomware Passwords Data breaches

Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

Krebs on Security

NOVEMBER 26, 2019

The other three restaurants are all part of the same parent company and disclosed breaches in August 2019. Focus Brands (which owns Moe’s, McAlister’s, and Schlotzsky’s) was breached between April and July 2019, and publicly disclosed this on August 23. Krystal announced a card breach last month. percent worldwide.

Sales

Sales Marketing Retail Security

Russian TA505 threat actor target financial entities worldwide

Security Affairs

APRIL 18, 2019

Security experts at CyberInt uncovered a new campaign of a Russian financially motivated threat actor tracked as TA505. “CyberInt researchers have been tracking various activities following the spear-phishing campaign targeting large US-based retailers detected in December 2018.”

Retail

Retail Phishing Ransomware Access

Threat Report Portugal Q1 2020

Security Affairs

APRIL 20, 2020

This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipating emerging threats, and manage security awareness in a better way. For more details about this threat, please access the Threat Report: Emotet Triple Chain Analysis 2019 – Portugal. Malware by Numbers.

Phishing

Phishing Retail Security awareness Data collection

Cosmolog Kozmetik Data Breach: Hundreds of Thousands of Customers impacted

Security Affairs

JUNE 17, 2021

The securWizCase experts found a major breach that affected the popular online retailer Cosmolog Kozmetik. WizCase’s security team, led by Ata Hakç?l, l, has found a major breach in popular online retailer Cosmolog Kozmetik’s database. Hundreds of thousands of users were compromised in the breach. What’s Happening?

Data breaches

Data breaches Retail Privacy Risk

Lumber Liquidators hit by malware attack that took down its network

Security Affairs

AUGUST 29, 2019

Lumber Liquidators, a leading specialty retailer of hard-surface flooring in North America, announced that a malware attack took down its network. North American hard-surface flooring retailer Lumber Liquidators revealed that it was victim of a security incident, a malware-based attack took down part of its network for nearly a week. .

IT

IT Retail Security Information Security

Wawa Breach May Have Compromised More Than 30 Million Payment Cards

Krebs on Security

JANUARY 28, 2020

In late December 2019, fuel and convenience store chain Wawa Inc. The fraud bazaar Joker’s Stash on Monday began selling some 30 million stolen payment card accounts that experts say have been tied back to a breach at Wawa in 2019. Gemini monitors multiple carding sites like Joker’s Stash.

Sales

Sales Retail Security Encryption

Maastricht University finally paid a 30 bitcoin ransom to crooks

Security Affairs

FEBRUARY 9, 2020

In December 2019, Maastricht University (UM) announced that ransomware infected almost all of its Windows systems on December 23. Extra security measures have been taken to protect (scientific) data. ” N ow all critical systems at the University are online and offline backups were secured by the company.

Ransomware

Ransomware Encryption Passwords Retail

Payment card breach potentially impacts all locations of Wawa convenience store

Security Affairs

DECEMBER 20, 2019

Wawa convenience store chain disclosed a payment card breach, its security team discovered a PoS malware on its payment processing systems. Wawa operates more than 860 convenience retail stores, this breach is potentially one of the biggest card incidents in 2019. We continue to take steps to enhance the security of our systems.”

Data breaches

Data breaches Retail Information Security Security

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Security Affairs

MARCH 27, 2020

According to industry researchers, TA505 is known to have carried out attacks on banks, medical institutions retailers and other businesses in the past. MainModule can be explained by the gang’s attempts to avoid detection as a result of being in the spotlight of security researchers for some time now.” ProxyBot and Silence.

Healthcare

Healthcare Manufacturing Cybersecurity Retail

Threat Report Portugal: Q4 2020

Security Affairs

JANUARY 26, 2021

This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipating emerging threats, and manage security awareness in a better way. Next, was Retail and Technology, as the most sectors affected in this season. Phishing and Malware Q4 2020. Threats by Sector.

Phishing

Phishing Retail Security awareness Data collection

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Security Affairs

OCTOBER 24, 2020

The company owns and operates eleven properties and an outdoor lifestyle equipment/apparel retail division with stores in cities throughout Michigan. In June, security experts from Symantec reported that at least 31 organizations in the United States have been targeted with the recently discovered WastedLocker ransomware.

Ransomware

Ransomware Retail Manufacturing Encryption

Breach at Dickey’s BBQ Smokes 3M Cards

Krebs on Security

OCTOBER 15, 2020

Today, the company shared a statement saying it was aware of a possible payment card security incident at some of its eateries: “We received a report indicating that a payment card security incident may have occurred. Q6Cyber CEO Eli Dominitz said the breach appears to extend from May 2019 through September 2020.

Sales

Sales Data breaches Retail Ransomware

Threat Report Portugal: Q2 2020

Security Affairs

AUGUST 14, 2020

This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipating emerging threats, and manage security awareness in a better way. Next, was Retail and Financing, as the most sectors affected in this season. Phishing and Malware Q2 2020. Threats by Sector.

Phishing

Phishing Data collection Retail Security awareness

FBI warns US organizations of ProLock ransomware decryptor not working

Security Affairs

MAY 18, 2020

issued a flash alert to warn organizations of the new threat actor targeting healthcare, government, financial, and retail industries in the US. The PwndLocker ransomware first appeared in the threat landscape by security researchers in late 2019, operators’ demands have ranged from $175,000 to more than $660,000 worth of Bitcoin.

Ransomware

Ransomware Retail Access Security

FIN11 gang started deploying ransomware to monetize its operations

Security Affairs

OCTOBER 18, 2020

“The group’s shifting monetization methods—from point-of-sale (POS) malware in 2018, to ransomware in 2019, and hybrid extortion in 2020—is part of a larger trend in which criminal actors have increasingly focused on post-compromise ransomware deployment and data theft extortion.” ” reads the analysis published by FireEye.

Ransomware

Ransomware IT Healthcare Phishing

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

NOVEMBER 29, 2019

Group-IB, has analyzed key recent changes to the global cyberthreat landscape in the “Hi-Tech Crime Trends 2019/2020” report. According to Group-IB’s experts, the most frustrating trend of 2019 was the use of cyberweapons in military operations. As for 2019, it has become the year of covert military operations in cyberspace.

IT

IT Military Cybersecurity Phishing

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Security Affairs

FEBRUARY 3, 2020

L inear eMerge E3 smart building access systems designed by N ortek Security & Control (NSC) are affected by a severe vulnerability (CVE-2019-7256) that has yet to be fixed and attackers are actively scanning the internet for vulnerable devices. CVE-2019-7256 is actively being exploited by DDoS botnet operators.

Access

Access Passwords Risk Retail

China-based Fangxiao group behind a long-running phishing campaign

Security Affairs

NOVEMBER 17, 2022

A China-based financially motivated group, tracked as Fangxiao, is behind a large-scale phishing campaign dating back as far as 2019. The sophisticated phishing campaign exploits the reputation of international brands and targets businesses in multiple industries, including retail, banking, travel, and energy. .”

Phishing

Phishing Retail Security IT

Retailers Face Many Challenges, Data Security Doesn’t Have to be One of the Them

Thales Cloud Protection & Licensing

SEPTEMBER 24, 2019

Retailers and shoppers are leveraging and enjoying many benefits data sharing brings: loyalty programs, personalized experiences, easier product location and ordering, online shopping, mobile access and the list goes on. Unfortunately, this results in retailers as a top target for cyberattacks. Business is booming and data is flowing.

Retail

Retail Digital transformation Security Encryption

Researcher leaked a dataset of over 7,000,000 transactions scraped from the Venmo public API

Security Affairs

JUNE 18, 2019

In August 2016, security expert Martin Vigo devised a method to abuse an optional SMS-based feature that allowed users to authorize payments by replying to an SMS message with a provided 6-digit code. The post Researcher leaked a dataset of over 7,000,000 transactions scraped from the Venmo public API appeared first on Security Affairs.

Retail

Retail Privacy Access Security

Here’s Why Credit Card Fraud is Still a Thing

Krebs on Security

JULY 29, 2020

In October 2019, someone hacked BriansClub , a popular stolen card bazaar that uses this author’s likeness and name in its marketing. McCoy and fellow NYU researchers found BriansClub earned close to $104 million in gross revenue from 2015 to early 2019, and listed over 19 million unique card numbers for sale.

Sales

Sales Retail Military Paper

Oracle critical patch advisory addresses 284 flaws, 33 critical

Security Affairs

JANUARY 18, 2019

Oracle released the first critical patch advisory for 2019 that addresses a total of 284 vulnerabilities, 33 of them are rated “critical”. The flaw also affected the Financial Services Analytical Applications Infrastructure, the Fusion Middleware MapViewer, and four three Oracle Retail components. Pierluigi Paganini.

Financial Services

Financial Services Libraries Mining Retail

Hundreds of C-level executives credentials available for $100 to $1500 per account

Security Affairs

NOVEMBER 28, 2020

“A source in the cyber-security community who agreed to contact the seller to obtain samples has confirmed the validity of the data and obtained valid credentials for two accounts, the CEO of a US medium-sized software company and the CFO of an EU-based retail store chain.” ” reported ZDNet. Pierluigi Paganini.

Sales

Sales Access Retail Data collection

DoppelPaymer, a fork of BitPaymer Ransomware, appeared in the threat landscape

Security Affairs

JULY 15, 2019

Cybercrime gang tracked as TA505 has been active since 2014 and focusing on Retail and Banking industries. This new variant was behind a series of ransomware campaigns beginning in June 2019, including attacks against the City of Edcouch, Texas and the Chilean Ministry of Agriculture.” ” continues the analysis.

Ransomware

Ransomware Encryption Agriculture Retail

Retailers increase cyber security spending, but attacks continue to rise

IT Governance

APRIL 3, 2019

The UK’s biggest retailers are spending more than ever on cyber security but are continuing to see an alarming rise in cyber attacks and data breaches due to the ever-evolving threat landscape, a report has found. Are retailers investing wisely? What are the biggest threats? Where can you start?

Retail

Retail Security Data breaches Government

You Can Now Ask Google to Remove Your Phone Number, Email or Address from Search Results

Krebs on Security

APRIL 29, 2022

Its homepage includes a copy of my credit report, Social Security card, phone bill, and a fake but otherwise official looking government ID card. Briansclub updated its homepage with this information in 2019, after it got massively hacked and a copy of its customer database was shared with this author.

Search queries

Search queries Retail Government Marketing

T-Mobile Investigating Claims of Massive Data Breach

Krebs on Security

AUGUST 16, 2021

They claim one of those databases holds the name, date of birth, SSN, drivers license information, plaintext security PIN, address and phone number of 36 million T-Mobile customers in the United States — all going back to the mid-1990s. In at least one case , retail store employees were complicit in the account takeovers.

Data breaches

Data breaches Access Retail Personal data

Taking Stock of Your Data Security to Deliver a Happy Holiday Shopping Season

Thales Cloud Protection & Licensing

NOVEMBER 26, 2019

Originally published in Security Magazine on November 20, 2019. This is a problem facing nearly every industry, but retailers remain a top target for cybercrime. According to the 2019 Thales Data Threat Report-Retail Edition , 62 percent of U.S. Read the full article in Security Magazine.

Retail

Retail Security

Chilean-based retail giant Cencosud hit by Egregor Ransomware

Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs

Webinars

Trending Sources

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Webinars

Over 23 million stolen payment card data traded on the Dark Web in H1 2019

Retail in 2019 needs security precautions

North Korean Lazarus APT stole credit card data from US and EU stores

Report: Threat of Emotet and Ryuk

Hackers hit Luxottica, production stopped at two Italian plants

US-based children’s clothing maker Hanna Andersson discloses a data breach

Bodybuilding.com forces password reset after a security breach

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Toymaker giant Mattel disclosed a ransomware attack

Wawa card breach: 30 million card records for sale in the dark web

Croatia’s largest petrol station chain INA group hit by ransomware attack

Nefilim ransomware gang published Luxottica data on its leak site

Security Affairs newsletter Round 245

Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

Russian TA505 threat actor target financial entities worldwide

Threat Report Portugal Q1 2020

Cosmolog Kozmetik Data Breach: Hundreds of Thousands of Customers impacted

Lumber Liquidators hit by malware attack that took down its network

Wawa Breach May Have Compromised More Than 30 Million Payment Cards

Maastricht University finally paid a 30 bitcoin ransom to crooks

Payment card breach potentially impacts all locations of Wawa convenience store

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Threat Report Portugal: Q4 2020

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Breach at Dickey’s BBQ Smokes 3M Cards

Threat Report Portugal: Q2 2020

FBI warns US organizations of ProLock ransomware decryptor not working

FIN11 gang started deploying ransomware to monetize its operations

Group-IB presents its annual report on global threats to stability in cyberspace

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

China-based Fangxiao group behind a long-running phishing campaign

Retailers Face Many Challenges, Data Security Doesn’t Have to be One of the Them

Researcher leaked a dataset of over 7,000,000 transactions scraped from the Venmo public API

Here’s Why Credit Card Fraud is Still a Thing

Oracle critical patch advisory addresses 284 flaws, 33 critical

Hundreds of C-level executives credentials available for $100 to $1500 per account

DoppelPaymer, a fork of BitPaymer Ransomware, appeared in the threat landscape

Retailers increase cyber security spending, but attacks continue to rise

You Can Now Ask Google to Remove Your Phone Number, Email or Address from Search Results

T-Mobile Investigating Claims of Massive Data Breach

Taking Stock of Your Data Security to Deliver a Happy Holiday Shopping Season

Stay Connected