Groups and Retail - Information Management Today

Chilean-based retail giant Cencosud hit by Egregor Ransomware

Security Affairs

NOVEMBER 15, 2020

Chilean-based retail giant Cencosud has suffered a ransomware attack that impacted operations at its stores, Egregor ransomware appears to be involved. A ransomware attack, allegedly launched by the Egregor ransomware gang, hit the Chilean-based retail giant Cencosud, the incident impacted operations at its stores. Pierluigi Paganini.

Retail

Retail Ransomware Encryption IT

Crooks stole €15 Million from European retail company Pepco

Security Affairs

MARCH 1, 2024

million from the European variety retail and discount company Pepco through a phishing attack. The Hungarian business of the European discount retailer Pepco Group has been the victim of a phishing attack, crooks stole about 15 million euros ($16.3 Crooks stole €15.5 ” reads the press release published by the company.

Retail

Retail Phishing Access IT

Magecart cybercrime group stole customers’ credit cards from Newegg electronics retailer

Security Affairs

SEPTEMBER 19, 2018

Magecart hackers have stolen customers’ credit card data from the computer hardware and consumer electronics retailer Newegg. The Magecart cybercrime group is back, this time the hackers have stolen customers’ credit card data from the computer hardware and consumer electronics retailer Newegg. Pierluigi Paganini.

Retail

Retail Computer and Electronics Data breaches Security

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Cactus RANSOMWARE gang hit the Swedish retail and grocery provider Coop

Security Affairs

JANUARY 1, 2024

The Cactus ransomware group claims to have hacked Coop, one of the largest retail and grocery providers in Sweden. Coop is one of the largest retail and grocery providers in Sweden, with approximately 800 stores across the country. The Cactus ransomware group added Coop to the list of victims on its Tor leak site.

Retail

Retail Ransomware Encryption Access

Rent a hacker: Group-IB uncovers corporate espionage group RedCurl

Security Affairs

AUGUST 13, 2020

Threat Intel firm Group-IB has released an analytical report on the previously unknown APT group RedCurl, which focuses on corporate espionage. A presumably Russian-speaking group conducts thoroughly planned attacks on private companies across numerous industries using a unique toolset. From Russia to Canada.

Cloud

Cloud Phishing Analytics Access

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Security Affairs

DECEMBER 11, 2020

Vietnam-linked APT group APT32 , also known as OceanLotus and APT-C-00, carried out cyber espionage campaigns against Chinese entities to gather intelligence on the COVID-19 crisis. Now the Facebook security team has revealed the real identity of APT32 , linking the group to an IT company in Vietnam named CyberOne Group. .

Agriculture

Agriculture IT Retail Manufacturing

Croatia’s largest petrol station chain INA group hit by ransomware attack

Security Affairs

FEBRUARY 20, 2020

S ome operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain were disrupted by a cyber attack. A ransomware attack has disrupted operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain. Fuel sales at our retail locations continue unhindered.

Ransomware

Ransomware Encryption Retail Sales

LockBit group falsely claimed the hack of the Federal Reserve

Security Affairs

JUNE 27, 2024

The LockBit ransomware group seems to have lied when they announced the hack of the US Federal Reserve. The LockBit ransomware group hasn’t hacked the Federal Reserve as it has recently claimed, the real victim is the Evolve Bank. The group hasn’t published any sample of the stolen data. The real victim is the Evolve Bank.

Retail

Retail Ransomware Cybersecurity Compliance

American retailer Guess discloses data breach after ransomware attack

Security Affairs

JULY 13, 2021

American clothing brand and retailer Guess discloses a data breach after the February ransomware attack and is notifying the affected customers. On July 9, 2021, the fashion retailer started sending notification letters to the individuals whose information may have been involved. Follow me on Twitter: @securityaffairs and Facebook.

Retail

Retail Data breaches Ransomware Access

FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads

Security Affairs

SEPTEMBER 4, 2021

As a California-based provider of POS technology for the retail and hospitality sector, a successful infection would allow the group to obtain payment card data and later sell the information on online marketplaces.” . “The specified targeting of the Clearmind domain fits well with FIN7’s preferred modus operandi.

Retail

Retail Sales Phishing IT

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

Microsoft has uncovered Zerologon attacks that were allegedly conducted by the infamous TA505 Russia-linked cybercrime group. Microsoft spotted a series of Zerologon attacks allegedly launched by the Russian cybercrime group tracked as TA505 , CHIMBORAZO and Evil Corp. Pierluigi Paganini. SecurityAffairs – hacking, Zerologon).

Authentication

Authentication Retail Passwords Security

Software firm Blue Yonder providing services to US and UK stores, including Starbucks, hit by ransomware attack

Security Affairs

NOVEMBER 26, 2024

At this time, no known ransomware group claimed responsibility for the attack. Blue Yonder Group , Inc. formerly JDA Software Group) is an American supply chain management company operating as an independent subsidiary of Panasonic. It’s unclear if the attackers have stolen information from the company.

Ransomware

Ransomware Retail Manufacturing Cloud

FIN8 group used a previously undetected Sardonic backdoor in a recent attack

Security Affairs

AUGUST 25, 2021

The group has been active since 2016, it leverages known malware such as PUNCHTRACK and BADHATCH to infect PoS systems and steal payment card data. The activity of the group was spotted in March, after more than a year of apparent inactivity. The group also employed their BADHATCH backdoor. service. . Pierluigi Paganini.

Retail

Retail Insurance Cybersecurity Phishing

New Zealand Fitness Retailer Hit By DragonForce Ransomware

Data Breach Today

JULY 5, 2024

Ransomware Group Apparently Uses Leaked LockBit Builder Code to Mount Attacks A ransomware group that uses locker malware based on the leaked LockBit 3.0 ransomware builder compromised New Zealand's leading fitness equipment retailer. The DragonForce ransomware group on Tuesday said on its leak site that it stole 5.31

Retail

Retail Ransomware IT

China-based Fangxiao group behind a long-running phishing campaign

Security Affairs

NOVEMBER 17, 2022

A China-based financially motivated group, tracked as Fangxiao, is behind a large-scale phishing campaign dating back as far as 2019. Researchers from Cyjax reported that a China-based financially motivated group, dubbed Fangxiao, orchestrated a large-scale phishing campaign since 2017. Pierluigi Paganini.

Phishing

Phishing Retail Security IT

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Access

Access Financial Services Retail Insurance

Hive Ransomware Group Leaks Data From European Retailer

Data Breach Today

DECEMBER 8, 2022

Black Friday Attack Affected Intersport Outlets in Northern France The Hive ransomware-as-a-service group says it posted customer data obtained during a November attack against French sports retailer Intersport.

Retail

Retail Ransomware Government IT

Clop Crime Group Adds 62 Ernst & Young Clients to Leak Sites

Data Breach Today

JULY 11, 2023

Victims Include Airline, Banks, Hospitals, Retailers in Canada The growing list of MOVEit cyberattack victims has grown. Sixty-two 62 clients of Big Four accounting firm Ernst & Young now appear on the Clop ransomware group's data leak sites.

Retail

Retail Ransomware

Lotsy group targets Italian and Spanish-speaking users

Security Affairs

AUGUST 2, 2019

Group-IB discovered massive fraudulent campaigns carried out by Lotsy group involving the use of dozens of well-known brands aimed at Italian and Spanish-speaking customers. Group-IB’s Brand Protection team has detected a total of 114 related fake web-resources involved in the scheme. How does this scheme work?

Retail

Retail Marketing Cybersecurity Phishing

PYSA ransomware gang is the most active group in November

Security Affairs

DECEMBER 22, 2021

PYSA and Lockbit were the most active ransomware gangs in the threat landscape in November 2021, researchers from NCC Group report. Security researchers from NCC Group reported an increase in ransomware attacks in November 2021 over the past month, and PYSA (aka Mespinoza) and Lockbit were the most active ransomware gangs.

Ransomware

Ransomware Encryption Government Retail

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Security Affairs

JANUARY 13, 2019

” The TA505 group was first spotted by Proofpoint back 2017, it has been active at least since 2015 and targets organizations in financial and retail industries. In November experts observed several campaigns carried out by the TA505 group, in three of them the threat actors delivered the ServHelper malware.

IT

IT Financial Services Ransomware Retail

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

NOVEMBER 29, 2019

Group-IB, has analyzed key recent changes to the global cyberthreat landscape in the “Hi-Tech Crime Trends 2019/2020” report. Group-IB , a Singapore-based cybersecurity company that specializes in preventing cyberattacks, has analyzed key recent changes to the global cyberthreat landscape.

IT

IT Military Cybersecurity Phishing

TA544 group behind a spike in Ursnif malware campaigns targeting Italy

Security Affairs

OCTOBER 3, 2021

Proofpoint researchers have discovered a new Ursnif baking Trojan campaign carried out by a group tracked as TA544 that is targeting organizations in Italy. The TA544 group leverages phishing and social engineering techniques to lure victims into enabling macro included in weaponized documents. Banca Sella UniCredit Group.

Retail

Retail Phishing Cybersecurity Risk

Hackers Keep Winning by Gambling on SQL Injection Exploits

Data Breach Today

DECEMBER 14, 2023

Gambling and Retail Firms Top Targets of 'GambleForce' Group, Researchers Warn A recently spotted hacking group with a penchant for using open source tools has been using a less-than-novel tactic: exploiting SQL injection flaws.

Retail

Retailer WH Smith discloses data breach after a cyberattack

Security Affairs

MARCH 2, 2023

Retailer WH Smith disclosed a data breach following a cyber attack, threat actors had access to access company data. Retailer WH Smith revealed that threat actors have breached its infrastructure and had access to the data of about 12,500 current and former employees.

Retail

Retail Data breaches Access Ransomware

From St. Louis to France, Ransomware Victim List Expands

Data Breach Today

NOVEMBER 23, 2020

Among the Causes: Hit Against Managed.com Website Hosting Giant Ransomware continues to pummel many types of organizations, recently including South Korea's E-Land retail group, French newspaper Paris-Normandie and a Georgia county school system.

Ransomware

Ransomware Retail

FIN8 Hacking Group is back with an improved version of the ShellTea Backdoor

Security Affairs

JUNE 12, 2019

After two years of silence, FIN8 group is back and carried out a new campaign against the hotel-entertainment industry employing the ShellTea/PunchBuggy backdoor. At the time, FireEye and root9B published detailed reports about a series of attacks targeting the retail sector. ” reads the analysis published by Morphisec.

Phishing

Phishing Retail Communications Security

LockBit Publishes Data Stolen in London Drugs Attack

Data Breach Today

MAY 24, 2024

Canadian Retail Pharmacy Chain Says It's Reviewing Exposed Data on Gang's Leak Site LockBit has begun to leak on its dark web site files of data the Russian-speaking cybercriminal gang claims to have stolen in an April attack on London Drugs.

Retail

Retail IT

Clop Ransomware gang claims to have stolen 2 million credit cards from E-Land

Security Affairs

DECEMBER 3, 2020

E-Land Retail suffered a ransomware attack, Clop ransomware operators claim to have stolen 2 million credit cards from the company. E-Land Retail is a South Korean conglomerate headquartered in Changjeon-dong Mapo-gu Seoul, South Korea. It has operations worldwide through its subsidiary E-Land World.

Ransomware

Ransomware Retail Encryption Sales

Retailers Take Note: Use Infogov to Reduce Fraud, Boost Security, Ensure Accuracy

Weissman's World

FEBRUARY 1, 2023

Today, however, I’d like to speak to retailers, where the opportunities to Do Information Right™ seem markedly… Read More » Retailers Take Note: Use Infogov to Reduce Fraud, Boost Security, Ensure Accuracy The post Retailers Take Note: Use Infogov to Reduce Fraud, Boost Security, Ensure Accuracy appeared first on Holly Group.

Retail

Retail Security Government Records Management

TA505 group updates tactics and expands the list of targets

Security Affairs

AUGUST 28, 2019

Recent campaigns show t hreat actors behind the Dridex and Locky malware families , the TA505 group, have updated tactics and expanded its target list. Trend Micro revealed that the TA505 group that is behind the Dridex and Locky malware families continue to make small changes to its operations. XLS or VBA.DOC macros.”

e-Delivery

e-Delivery Insurance Retail Government

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday

Thales Cloud Protection & Licensing

NOVEMBER 26, 2024

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday josh.pearson@t… Tue, 11/26/2024 - 08:01 As Black Friday and Cyber Monday loom, the stakes for retailers extend far beyond enticing deals and record sales. With retail sales during 2024 set to grow to between $5.23 trillion and $5.28 trillion and $5.28

Retail

Retail Risk Data breaches Sales

MarineMax data breach impacted over 123,000 individuals

Security Affairs

JULY 17, 2024

The world’s largest recreational boat and yacht retailer MarineMax, disclosed a data breach following a cyber attack. The world’s largest recreational boat and yacht retailer MarineMax disclosed a data breach that impacted over 123,000 individuals.

Data breaches

Data breaches Retail Ransomware Insurance

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Security Affairs

NOVEMBER 20, 2020

Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has discovered that QakBot (aka Qbot) operators have abandoned ProLock for Egregor ransomware. The biggest ransom demand detected by Group-IB team has been at $4 million worth of BTC. of victims) and Retail (14.5%). ProLock = Egregor.

Ransomware

Ransomware Retail Encryption Manufacturing

Ransomware attacks break records in 2023: the number of victims rose by 128%

Security Affairs

JANUARY 19, 2024

Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. The most active group in 2023: LockBit According to the data presented by the Cybernews research team, 66 active ransomware groups were identified and operating within the digital landscape in 2023.

Ransomware

Ransomware Manufacturing Retail Insurance

Evolve Bank data breach impacted over 7.6 million individuals

Security Affairs

JULY 9, 2024

Despite the announcement, data leaked data from the group belongs to the Arkansas-based financial organization Evolve Bank & Trust. The analysis of the data leaked by the LockBit group on its Tor leak site on June 26 confirmed the documents belong to the Evolve Bank & Trust. reads the notice of Cybersecurity Incident.

Data breaches

Data breaches Retail Cybersecurity Ransomware

New Data Leaks Add to Australia's Data Security Reckoning

Data Breach Today

OCTOBER 18, 2022

MyDeal Data Appears Online, Vinomofo Discloses Breach, Optus Fallout Continues Personal data from MyDeal, a marketplace owned by Australia's Woolworths Group grocery chain, has appeared for sale on a data leak forum.

Retail

Retail Security Personal data Sales

Neiman Marcus discloses data breach, payment card data exposed

Security Affairs

OCTOBER 1, 2021

Luxury retail company Neiman Marcus Group has announced this week that it has suffered a data breach that impacted customer information. The attack against Neiman Marcus Group took place in May 2020, as a result of the attack, threat actors had access to customers’ information, including payment card data.

Data breaches

Data breaches Retail Passwords Access

LockBit 3.0 Claims Attack on Australian Auto Dealer Eagers

Data Breach Today

JANUARY 2, 2024

Eagers Says It Doesn't Know Full Extent of Hack But Has Started Contacting Victims Brisbane-based retail group Eagers Automotive is investigating a cyberattack that disrupted parts of its regional operations and compromised the personal information of some of its customers.

Retail

Retail IT

Evolve Bank data breach impacted fintech firms Wise and Affirm

Security Affairs

JULY 2, 2024

Despite the announcement, data leaked data from the group belongs to the Arkansas-based financial organization Evolve Bank & Trust. The analysis of the data leaked by the LockBit group on its Tor leak site on June 26 confirmed the documents belong to the Evolve Bank & Trust. reads the notice of Cybersecurity Incident.

Data breaches

Data breaches Retail Cybersecurity IT

US-based children’s clothing maker Hanna Andersson discloses a data breach

Security Affairs

JANUARY 21, 2020

The US-based children’s clothing maker and online retailer Hanna Andersson discloses a data breach, attackers planted an e-skimmer on its e-commerce platform. Hacker groups under the Magecart umbrella continue to steal payment card data with so-called software skimmers.

Data breaches

Data breaches Retail Cloud Insurance

FIN8 Group Returns, Targeting POS Devices With New Tools

Data Breach Today

JULY 24, 2019

Hackers Create a Backdoor to Steal Card Data, Gigamon Researchers Report FIN8, a hacker group that targeted POS devices in the hospitality and retail sectors, is back on the scene with new malware, including the Badhatch backdoor that's designed to steal payment card data, according to researchers with Gigamon's threat detection unit.

Retail

Passwordless Authentication without Secrets!

Thales Cloud Protection & Licensing

OCTOBER 11, 2024

However, industries reliant on shared devices—such as healthcare, retail, and manufacturing—face unique challenges. Similarly, in retail and manufacturing, delays caused by authentication procedures reduce overall efficiency. These fast-paced environments need a more flexible approach to balance security, speed, and user privacy.

Authentication

Authentication Retail Manufacturing Passwords

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

MAY 12, 2024

In December 2023, Elliptic and Corvus Insurance published a joint research that revealed the group accumulated at least $107 million in Bitcoin ransom payments since early 2022. The researchers analyzed blockchain transactions, they discovered a clear link between Black Basta and the Conti Group. in Germany, and 5.9%

Ransomware

Ransomware Blockchain Retail Insurance

Chilean-based retail giant Cencosud hit by Egregor Ransomware

Crooks stole €15 Million from European retail company Pepco

Webinars

Trending Sources

Magecart cybercrime group stole customers’ credit cards from Newegg electronics retailer

Webinars

Cactus RANSOMWARE gang hit the Swedish retail and grocery provider Coop

Rent a hacker: Group-IB uncovers corporate espionage group RedCurl

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Croatia’s largest petrol station chain INA group hit by ransomware attack

LockBit group falsely claimed the hack of the Federal Reserve

American retailer Guess discloses data breach after ransomware attack

FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Software firm Blue Yonder providing services to US and UK stores, including Starbucks, hit by ransomware attack

FIN8 group used a previously undetected Sardonic backdoor in a recent attack

New Zealand Fitness Retailer Hit By DragonForce Ransomware

China-based Fangxiao group behind a long-running phishing campaign

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Hive Ransomware Group Leaks Data From European Retailer

Clop Crime Group Adds 62 Ernst & Young Clients to Leak Sites

Lotsy group targets Italian and Spanish-speaking users

PYSA ransomware gang is the most active group in November

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Group-IB presents its annual report on global threats to stability in cyberspace

TA544 group behind a spike in Ursnif malware campaigns targeting Italy

Hackers Keep Winning by Gambling on SQL Injection Exploits

Retailer WH Smith discloses data breach after a cyberattack

From St. Louis to France, Ransomware Victim List Expands

FIN8 Hacking Group is back with an improved version of the ShellTea Backdoor

LockBit Publishes Data Stolen in London Drugs Attack

Clop Ransomware gang claims to have stolen 2 million credit cards from E-Land

Retailers Take Note: Use Infogov to Reduce Fraud, Boost Security, Ensure Accuracy

TA505 group updates tactics and expands the list of targets

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday

MarineMax data breach impacted over 123,000 individuals

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Ransomware attacks break records in 2023: the number of victims rose by 128%

Evolve Bank data breach impacted over 7.6 million individuals

New Data Leaks Add to Australia's Data Security Reckoning

Neiman Marcus discloses data breach, payment card data exposed

LockBit 3.0 Claims Attack on Australian Auto Dealer Eagers

Evolve Bank data breach impacted fintech firms Wise and Affirm

US-based children’s clothing maker Hanna Andersson discloses a data breach

FIN8 Group Returns, Targeting POS Devices With New Tools

Passwordless Authentication without Secrets!

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Stay Connected