Analysis, Retail and Security - Information Management Today

Magecart cybercrime group stole customers’ credit cards from Newegg electronics retailer

Security Affairs

SEPTEMBER 19, 2018

Magecart hackers have stolen customers’ credit card data from the computer hardware and consumer electronics retailer Newegg. The Magecart cybercrime group is back, this time the hackers have stolen customers’ credit card data from the computer hardware and consumer electronics retailer Newegg. Pierluigi Paganini.

Retail

Retail Computer and Electronics Data breaches Security

Analysis: Why Regulators Got Tough With H&M

Data Breach Today

OCTOBER 9, 2020

The latest edition of the ISMG Security Report analyzes why clothing retailer H&M was hit with a hefty fine for violating the EU's General Data Protection Rule. Also featured: The coming of age of digital identities; deputy CSO at Mastercard on top priorities for 2021.

Retail

Retail Security

Analysis: Fat Face's Awkward Breach Notification

Data Breach Today

APRIL 2, 2021

The latest edition of the ISMG Security Report features an analysis of retailer Fat Face’s awkward "strictly private and confidential" data breach notification. Also featured: Discussions on the ethics of buying leaked data and the rise of central bank digital currencies.

Retail

Retail Data breaches Security

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 3, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Being Used to Phish So Many of Us?

Security

Security Ransomware Data breaches IoT

Evolve Bank data breach impacted over 7.6 million individuals

Security Affairs

JULY 9, 2024

The analysis of the data leaked by the LockBit group on its Tor leak site on June 26 confirmed the documents belong to the Evolve Bank & Trust. Evolve Bank & Trust published a notice on its website to confirm the security breach and announced it has launched an investigation into the incident. million individuals.

Data breaches

Data breaches Retail Cybersecurity Ransomware

Evolve Bank data breach impacted fintech firms Wise and Affirm

Security Affairs

JULY 2, 2024

The analysis of the data leaked by the LockBit group on its Tor leak site on June 26 confirmed the documents belong to the Evolve Bank & Trust. Evolve Bank & Trust published a notice on its website to confirm the security breach and announced it has launched an investigation into the incident.

Data breaches

Data breaches Retail Cybersecurity IT

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Security Affairs

NOVEMBER 20, 2020

This ransomware strain emerged in September 2020, but the threat actors behind already managed to lock quite big companies, such as game developers Crytek, booksellers Barnes & Noble, and most recently a retail giant Cencosud from Chile. of victims) and Retail (14.5%). ProLock = Egregor. Inside Egregor. Pierluigi Paganini.

Ransomware

Ransomware Retail Encryption Manufacturing

FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads

Security Affairs

SEPTEMBER 4, 2021

As a California-based provider of POS technology for the retail and hospitality sector, a successful infection would allow the group to obtain payment card data and later sell the information on online marketplaces.” ” reads the analysis published by Anomali. Follow me on Twitter: @securityaffairs and Facebook.

Retail

Retail Sales Phishing IT

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

Security Affairs

NOVEMBER 23, 2023

American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack. AutoZone is an American retailer and distributor of automotive parts and accessories. The company is one of the largest aftermarket automotive parts and accessories retailers in the United States.

Data breaches

Data breaches Retail Education Ransomware

Report: Threat of Emotet and Ryuk

Security Affairs

JANUARY 31, 2020

Experts at cyber security firm Cypher conducted a study on Portuguese domains during 2019 and concluded that Emotet and Ryuk were the most active threats. domains were used in malware campaigns, through the analysis of the first to the third quarter of 2019,” he concludes. pt) and the kind of the malware used to perform these attacks.

Ransomware

Ransomware Retail Phishing Encryption

Sugar Ransomware, a new RaaS in the threat landscape

Security Affairs

FEBRUARY 2, 2022

Cyber security team at retail giant Walmart dissected a new ransomware family dubbed Sugar, which implements a ransomware-as-a-service model. The cyber threat team at retail giant Walmart has analyzed a new ransomware family dubbed Sugar, which is offered through a ransomware-as-a-service (RaaS) model. Pierluigi Paganini.

Ransomware

Ransomware Retail Libraries Encryption

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

MAY 12, 2024

The alert provides Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) obtained from law enforcement investigations and reports from third-party security firms. Most of the victims are in the manufacturing, engineering and construction, and retail sectors. The average ransom payment was $1.2

Ransomware

Ransomware Blockchain Retail Insurance

LockBit group falsely claimed the hack of the Federal Reserve

Security Affairs

JUNE 27, 2024

The analysis of the data leaked by the group on its Tor leak site on June 26 confirmed the documents belong to the Evolve Bank & Trust. Evolve Bank & Trust this week published a notice on its website to confirm the security breach and announced it has launched an investigation into the incident. ” continues the report.

Retail

Retail Ransomware Cybersecurity Compliance

Nefilim ransomware gang published Luxottica data on its leak site

Security Affairs

OCTOBER 20, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. Luxottica Group S.p.A. Its best known brands are Ray-Ban, Persol, and Oakley. Pierluigi Paganini.

Ransomware

Ransomware IT Retail Manufacturing

Global Scamdemic: Scams Become Number One Online Crime

Security Affairs

JUNE 10, 2021

Threat hunting and adversarial cyber intelligence company Group-IB published a comprehensive analysis of fraud cases on a global scale. In 2020, a multi-stage scam called Rabbit Hole targeted companies’ brands, primarily retail and online services. On average, users visited 40,000 fraudulent websites every day.

Phishing

Phishing Retail Insurance Risk

Russian TA505 threat actor target financial entities worldwide

Security Affairs

APRIL 18, 2019

Security experts at CyberInt uncovered a new campaign of a Russian financially motivated threat actor tracked as TA505. “CyberInt researchers have been tracking various activities following the spear-phishing campaign targeting large US-based retailers detected in December 2018.”

Retail

Retail Phishing Ransomware Access

FIN11 gang started deploying ransomware to monetize its operations

Security Affairs

OCTOBER 18, 2020

” reads the analysis published by FireEye. Mandiant researchers highlighted an important with operations conducted by the TA505 cybercrime gang (aka Evil Corp ), which has been active since 2014 focusing on retail and banking sectors. ” reads the analysis. Pierluigi Paganini. SecurityAffairs – hacking, FIN11).

Ransomware

Ransomware IT Healthcare Phishing

VF Corp December data breach impacts 35 million customers

Security Affairs

JANUARY 19, 2024

VF immediately began taking measures to remediate the attack and launched an investigation into the security breach. “Based on VF’s preliminary analysis from its ongoing investigation, VF currently estimates that the threat actor stole personal data of approximately 35.5 million individual consumers.”

Data breaches

Data breaches Passwords Retail Insurance

FIN7 hackers target enterprises with weaponized USB drives via USPS

Security Affairs

MARCH 29, 2020

The packages have been sent to several businesses, including retails , restaurants, hotels. “To start the analysis, we inspected the drive for inscriptions such as serial numbers. ” reads the analysis published by Trustwave. ” continues the analysis. ” concludes Trustwave. Pierluigi Paganini.

Phishing

Phishing Retail Sales Cybersecurity

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Security Affairs

MARCH 27, 2020

According to industry researchers, TA505 is known to have carried out attacks on banks, medical institutions retailers and other businesses in the past. During the analysis of these samples Group-IB Threat Hunting Intelligence team has identified at least two affected companies from Belgium and Germany. 126 and 37.120.145 [. ]

Healthcare

Healthcare Manufacturing Cybersecurity Retail

Crooks leverage Zoom’s popularity in Coronavirus outbreak to serve malware

Security Affairs

MARCH 30, 2020

” reads the analysis published by CheckPoint. One way to do this is NOT to click on promotional links in emails, and instead, Google your desired retailer and click the link from the Google results page. Out of these registered domains, 4% have been found to contain suspicious characteristics.” Pierluigi Paganini.

Communications

Communications Retail Authentication Government

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Security Affairs

OCTOBER 6, 2021

The majority of intercepted credentials by Agent Tesla related to financial services, online-retailers, e-government systems and personal and business e-mail accounts. . The post Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs appeared first on Security Affairs. Pierluigi Paganini.

Financial Services

Financial Services Retail Education Information Security

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

MAY 5, 2021

” states the analysis published by FireEye. The groups targeted organizations in the business services, financial, health, retail/consumer, aero-military, engineering and manufacturing, government, education, transportation, and utilities industries. orgs with 3 malware appeared first on Security Affairs.

Manufacturing

Manufacturing Phishing Military Retail

MY TAKE: Can ‘Network Traffic Analysis’ cure the security ills of digital transformation?

The Last Watchdog

AUGUST 29, 2018

If digital transformation, or DX , is to reach its full potential, there must be a security breakthrough that goes beyond legacy defenses to address the myriad new ways threat actors can insinuate themselves into complex digital systems. A cottage industry of tech security vendors is fully behind NTA. Complicated example.

Digital transformation

Digital transformation Security Analytics Access

COVID-19 ‘Breach Bubble’ Waiting to Pop?

Krebs on Security

JUNE 30, 2020

Global lockdowns from COVID-19 have resulted in far fewer fraudsters willing or able to visit retail stores to use their counterfeit cards, and the decreased demand has severely depressed prices in the underground for purloined card data. An ad for a site selling stolen payment card data, circa March 2020.

Sales

Sales Retail Marketing Security

TA505 is expanding its operations

Security Affairs

MAY 29, 2019

The threat group is also known for its recent attack campaign against Bank and Retail business sectors, but the latest evidence indicates a potential expansion of its criminal operation to other industries too. Technical Analysis. During the analysis, we also noticed the “veter 1605 _MAPS_10 cr0.exe” Part of extracted macro.

IT

IT Retail Archiving File names

Grayfly APT uses recently discovered Sidewalk backdoor

Security Affairs

SEPTEMBER 10, 2021

Security researchers from Broadcom’s Symantec linked a previously undocumented backdoor to the Chinese Grayfly operation. In late August, ESET researchers uncovered the SideWalk backdoor that was employed by the Chine cyberespionage group in an attack aimed at a computer retail company based in the U.S. Pierluigi Paganini.

Retail

Retail Risk Security IT

New Agent Raccoon malware targets the Middle East, Africa and the US

Security Affairs

DECEMBER 3, 2023

The malware was used in attacks against multiple industries, including education, real estate, retail, non-profit organizations, telecom companies, and governments. The analysis of the C2 infrastructure revealed that it dates back to 2020.

Retail

Retail Education Communications Government

Threat Report Portugal Q1 2020

Security Affairs

APRIL 20, 2020

This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipating emerging threats, and manage security awareness in a better way. For more details about this threat, please access the Threat Report: Emotet Triple Chain Analysis 2019 – Portugal. Threats by Sector.

Phishing

Phishing Retail Security awareness Data collection

FBI warns US organizations of ProLock ransomware decryptor not working

Security Affairs

MAY 18, 2020

issued a flash alert to warn organizations of the new threat actor targeting healthcare, government, financial, and retail industries in the US. The PwndLocker ransomware first appeared in the threat landscape by security researchers in late 2019, operators’ demands have ranged from $175,000 to more than $660,000 worth of Bitcoin.

Ransomware

Ransomware Retail Access Security

2021 data breach exposed data of 70 Million Luxottica customers

Security Affairs

MAY 20, 2023

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. The investigation into the security breach is still ongoing. “We Luxottica Group S.p.A.

Data breaches

Data breaches Retail Ransomware Sales

Cisco discovered several flaws in Sierra Wireless AirLink ES450 devices

Security Affairs

APRIL 27, 2019

. “Several exploitable vulnerabilities exist in the Sierra Wireless AirLink ES450, an LTE gateway designed for distributed enterprise, such as retail point-of-sale or industrial control systems.” ” reads the analysis published by Cisco Talos. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .

Passwords

Passwords IoT Sales Authentication

New Data Covers How the Retail Market is at Greater Risk of Industry-Specific Cyberthreats

KnowBe4

NOVEMBER 22, 2023

A new analysis of the retail market’s threat landscape discusses the challenges faced by this industry and what threat tactics are being used to take advantage of retail’s cyber weaknesses.

Retail

Retail Marketing Risk Security awareness

Russia-Linked TA505 targets financial institutions in a new malspam campaign

Security Affairs

OCTOBER 16, 2021

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. Security experts from cyber-security firm Prevailion reported that TA505 has compromised more than 1,000 organizations. ” reads the analysis published by the experts. Username is equal to admin or administrator. .”

Retail

Retail Ransomware Security IT

Threat Report Portugal: Q2 2021

Security Affairs

JULY 22, 2021

This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipating emerging threats, and manage security awareness in a better way. For more information about the QakBot trojan check below the full analysis. Phishing and Malware Q2 2021. Malware by Numbers.

Phishing

Phishing Data collection Retail Security awareness

Russian national sentenced to 40 months for selling stolen data on the dark web

Security Affairs

AUGUST 16, 2024

The marketplace had been active since 2012, it was allowing sellers to offer stolen login credentials, including usernames and passwords for bank accounts, online payment accounts, mobile phone accounts, retailer accounts, and other online accounts. Kavzharadze accepted Bitcoin as payment for the credentials.

Sales

Sales Retail Personal data Passwords

FIN8 Hacking Group is back with an improved version of the ShellTea Backdoor

Security Affairs

JUNE 12, 2019

The last time security experts documented the FIN8’s activities was in 2016 and 2017. At the time, FireEye and root9B published detailed reports about a series of attacks targeting the retail sector. ” reads the analysis published by Morphisec. ” continues the analysis. Pierluigi Paganini.

Phishing

Phishing Retail Communications Security

A new Magecart campaign hides the malicious code in 404 error page

Security Affairs

OCTOBER 12, 2023

Researchers from the Akamai Security Intelligence Group uncovered a Magecart web skimming campaign that is manipulating the website’s default 404 error page to hide malicious code. The attacks are targeting a large number of Magento and WooCommerce websites, including large organizations in the food and retail industries.

Retail

Retail IT Security Information Security

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Security Affairs

JANUARY 13, 2019

Security researchers at Proofpoint researchers discovered two strains of malware tracked as ServHelper and FlawedGrace distributed through phishing campaigns by the TA505 crime gang. ” reads the analysis published by Proofpoint. ” reads the analysis published by Proofpoint. Pierluigi Paganini.

IT

IT Financial Services Ransomware Retail

Magecart hackers compromise another 80 eCommerce sites

Security Affairs

AUGUST 28, 2019

Security experts at Aite Group and Arxan Technologies have discovered that hackers under the Magecart umbrella have compromised 80 more eCommerce sites. One out of four of the hacked eCommerce sites were large brands in motorsports and luxury retail. ” reads the analysis published by the experts. .”

Retail

Retail Sales Security Marketing

The stealthy email stealer in the TA505 hacker group’s arsenal

Security Affairs

MAY 16, 2019

In fact, many independent researchers pointed to a particular email attack wave probably related to the known TA505 hacking group , active since 2014 and focusing on Retail and Banking companies. Technical Analysis. The piece of malware under analysis were downloaded from “bullettruth[.com/out[.exe”, Pierluigi Paganini.

Retail

Retail Passwords Communications Phishing

Maastricht University finally paid a 30 bitcoin ransom to crooks

Security Affairs

FEBRUARY 9, 2020

Extra security measures have been taken to protect (scientific) data. ” N ow all critical systems at the University are online and offline backups were secured by the company. According to security experts at Fox-IT, the ransomware attack is compatible with other attacks carried out by the TA505 cybercrime gang.

Ransomware

Ransomware Encryption Passwords Retail

Exclusive: Welcome “Frappo” – Resecurity identified a new Phishing-as-a-Service

Security Affairs

MAY 10, 2022

“Frappo” acts as a Phishing-as-a-Service and enables cybercriminals the ability to host and generate high-quality phishing pages which impersonate major online banking, e-commerce, popular retailers, and online-services to steal customer data. Detailed analysis of the Phishing-As-A-Service Frappo is available here: [link].

Phishing

Phishing Retail Financial Services Data breaches

Russians Shut Down Huge Card Fraud Ring

Krebs on Security

MARCH 26, 2020

Cybersecurity experts say the raid included the charging of a major carding kingpin thought to be tied to dozens of carding shops and to some of the bigger data breaches targeting western retailers over the past decade. Intel 471 says Selivanon also was charged along with Stroganov in this past week’s law enforcement action.

Retail

Retail Insurance Cybersecurity Data breaches

Magecart cybercrime group stole customers’ credit cards from Newegg electronics retailer

Analysis: Why Regulators Got Tough With H&M

Webinars

Trending Sources

Analysis: Fat Face's Awkward Breach Notification

Webinars

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

Evolve Bank data breach impacted over 7.6 million individuals

Evolve Bank data breach impacted fintech firms Wise and Affirm

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

Report: Threat of Emotet and Ryuk

Sugar Ransomware, a new RaaS in the threat landscape

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

LockBit group falsely claimed the hack of the Federal Reserve

Nefilim ransomware gang published Luxottica data on its leak site

Global Scamdemic: Scams Become Number One Online Crime

Russian TA505 threat actor target financial entities worldwide

FIN11 gang started deploying ransomware to monetize its operations

VF Corp December data breach impacts 35 million customers

FIN7 hackers target enterprises with weaponized USB drives via USPS

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Crooks leverage Zoom’s popularity in Coronavirus outbreak to serve malware

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

MY TAKE: Can ‘Network Traffic Analysis’ cure the security ills of digital transformation?

COVID-19 ‘Breach Bubble’ Waiting to Pop?

TA505 is expanding its operations

Grayfly APT uses recently discovered Sidewalk backdoor

New Agent Raccoon malware targets the Middle East, Africa and the US

Threat Report Portugal Q1 2020

FBI warns US organizations of ProLock ransomware decryptor not working

2021 data breach exposed data of 70 Million Luxottica customers

Cisco discovered several flaws in Sierra Wireless AirLink ES450 devices

New Data Covers How the Retail Market is at Greater Risk of Industry-Specific Cyberthreats

Russia-Linked TA505 targets financial institutions in a new malspam campaign

Threat Report Portugal: Q2 2021

Russian national sentenced to 40 months for selling stolen data on the dark web

FIN8 Hacking Group is back with an improved version of the ShellTea Backdoor

A new Magecart campaign hides the malicious code in 404 error page

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Magecart hackers compromise another 80 eCommerce sites

The stealthy email stealer in the TA505 hacker group’s arsenal

Maastricht University finally paid a 30 bitcoin ransom to crooks

Exclusive: Welcome “Frappo” – Resecurity identified a new Phishing-as-a-Service

Russians Shut Down Huge Card Fraud Ring

Stay Connected