Industry, Retail and Security - Information Management Today

Volvo retailer leaks sensitive files

Security Affairs

APRIL 15, 2023

The Brazilian retail arm of car manufacturing giant Volvo leaked sensitive files, putting its clientele in the vast South American country in peril. Volvo’s retailer in Brazil, Dimas Volvo, leaked sensitive files through its website. website, belonging to an independent Volvo retailer in the Santa Catarina region of Brazil.

Retail

Retail Manufacturing Communications Passwords

Retail giant Target open sources Merry Maker e-skimmer detection tool

Security Affairs

FEBRUARY 4, 2022

Retail giant Target is going to open-source an internal tool, dubbed Merry Maker , designed to detect e-skimming attacks. Retail giant Target announced the release in open-source of an internal tool, dubbed Merry Maker , designed to detect e-skimming attacks. ” concludes Target. Pierluigi Paganini.

Retail

Retail Cybersecurity Security IT

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

Security Affairs

AUGUST 21, 2019

A cybersecurity issue can cause unexpected costs in several different areas, which is the cost of Dealing with an attack in 4 Industries? The totals also vary by industry. As people have growing opportunities to shop online, the chances for hackers to carry out lucrative cyberattacks in the retail sector also go up. Health Care.

Cybersecurity

Cybersecurity Retail Manufacturing Data breaches

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Software firm Blue Yonder providing services to US and UK stores, including Starbucks, hit by ransomware attack

Security Affairs

NOVEMBER 26, 2024

Since learning of the security breach, the company immediately started incident response procedure with the help of external cybersecurity firms, including CrowdStrike. ” The incident response team is working to recover impacted systems and investigate the security breach.

Ransomware

Ransomware Retail Manufacturing Cloud

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

Security Affairs

FEBRUARY 19, 2024

The Cactus ransomware gang claims the theft of 1.5TB of data from the Energy management and industrial automation firm Schneider Electric. The Cactus ransomware group claims responsibility for pilfering 1.5TB of data from the Energy management and industrial automation giant Schneider Electric.

Ransomware

Ransomware Digital transformation Encryption Retail

Passwordless Authentication without Secrets!

Thales Cloud Protection & Licensing

OCTOBER 11, 2024

divya Fri, 10/11/2024 - 08:54 As user expectations for secure and seamless access continue to grow, the 2024 Thales Consumer Digital Trust Index (DTI) research revealed that 65% of users feel frustrated with frequent password resets. These fast-paced environments need a more flexible approach to balance security, speed, and user privacy.

Authentication

Authentication Retail Manufacturing Passwords

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 The Australian Cyber Security Centre (ACSC) warns of an escalation in LockBit 2.0 ransomware attacks against Australian organizations in multiple industry sectors starting July 2021. This activity has occurred across multiple industry sectors.

Ransomware

Ransomware Security Retail Manufacturing

Retailers Take Note: Use Infogov to Reduce Fraud, Boost Security, Ensure Accuracy

Weissman's World

FEBRUARY 1, 2023

If you’re a regular reader, then you know that my pieces are typically more universal than they are industry-specific – though I have been known to opine in such particular places as local government and oil and gas.

Retail

Retail Security Government Records Management

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Security Affairs

DECEMBER 11, 2020

The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists. The APT32 also targeted peripheral network security and technology infrastructure corporations, and security firms that may have connections with foreign investors.

Agriculture

Agriculture IT Retail Manufacturing

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 21, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Automotive Industry Chinese Organized Crime’s Latest U.S. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Data breaches Security Ransomware MDM

Information Security and Compliance Through the Prism of Healthcare and Retail

AIIM

FEBRUARY 21, 2018

Organizations must focus strategically on how to manage digital content and understand that: 1) end-users are consuming technology differently; 2) consumer devices are being increasingly used as “on-ramps” to digital workflows; and 3) how you secure the scan and capture process becomes increasingly important. Want to find out more?

Retail

Retail Compliance Information Security Security

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 7, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Artificial Intelligence

Artificial Intelligence Security Data breaches Ransomware

Ransomware attacks break records in 2023: the number of victims rose by 128%

Security Affairs

JANUARY 19, 2024

This group primarily focused its attacks on the construction, manufacturing/industrial, and retail industries. Previously dominated by the construction industry, the IT sector now claims the top spot in 2023. The data shows a shift in ransomware targets over the past three years.

Ransomware

Ransomware Manufacturing Retail Insurance

Sweden’s liquor supply severely impacted by ransomware attack on logistics company

Security Affairs

APRIL 25, 2024

Skanlog, a critical distributor for Systembolaget, the Swedish government-owned retail chain suffered a ransomware attack. It operates stores across Sweden and is responsible for the retail sale of wine, spirits, and strong beer. “It Systembolaget has a monopoly on the sale of alcoholic beverages containing more than 3.5%

Ransomware

Ransomware Retail Sales Government

Hackers hit Luxottica, production stopped at two Italian plants

Security Affairs

SEPTEMBER 22, 2020

is an Italian eyewear conglomerate and the world’s largest company in the eyewear industry. As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com.

Retail

Retail Manufacturing Ransomware Security

SHARED INTEL: ‘Credential stuffers’ leverage enduring flaws to prey on video game industry

The Last Watchdog

JULY 7, 2021

The video game industry saw massive growth in 2020; nothing like a global pandemic to drive people to spend more time than ever gaming. The video game industry withstood nearly 11 billion credential stuffing attacks in 2020, a 224 percent spike over 2019. LW: SQL injection persists, accounting for 59% of gaming industry attacks.

Passwords

Passwords Authentication Marketing Access

Security Affairs newsletter Round 245

Security Affairs

DECEMBER 22, 2019

The best news of the week with Security Affairs. Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs. Gangnam Industrial Style APT campaign targets industrial firms worldwide. Gangnam Industrial Style APT campaign targets industrial firms worldwide. Pierluigi Paganini.

Security

Security Ransomware Passwords Data breaches

New Data Covers How the Retail Market is at Greater Risk of Industry-Specific Cyberthreats

KnowBe4

NOVEMBER 22, 2023

A new analysis of the retail market’s threat landscape discusses the challenges faced by this industry and what threat tactics are being used to take advantage of retail’s cyber weaknesses.

Retail

Retail Marketing Risk Security awareness

Are Retailers Shopping for a Cybersecurity Breach?

Thales Cloud Protection & Licensing

NOVEMBER 22, 2022

Are Retailers Shopping for a Cybersecurity Breach? Retailers started the century as the prime targets for cyber attackers looking for credit card data. Today, unfortunately, retailers are again coming back to the spotlight. Similar to many organizations, 36% of retail respondents cited human error as the leading threat.

Retail

Retail Cybersecurity Ransomware Authentication

Influencing Change as Security Leader: Communication Is Key

Data Breach Today

MAY 7, 2024

Nordstrom CISO Nicole Darden Ford Shares Her Journey From B2B to B2C Industry From working in B2B industries to now shifting to a B2C industry, Nicole Darden Ford, CISO, Nordstrom, is confident of bringing a fresh perspective to tackling the retail sector's complex cybersecurity and fraud challenges.

B2C

B2C B2B Communications Retail

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Security Affairs

OCTOBER 6, 2021

The majority of intercepted credentials by Agent Tesla related to financial services, online-retailers, e-government systems and personal and business e-mail accounts. . Last year, Agent Tesla was spotted in highly targeted campaigns against the oil and gas industry. Follow me on Twitter: @securityaffairs and Facebook.

Financial Services

Financial Services Retail Education Information Security

Retail in 2019 needs security precautions

Thales Cloud Protection & Licensing

DECEMBER 28, 2018

As the retail industry follows suit with today’s digital transformation, customer expectations are at an all-time high. Retailers are looking to address these demands with interconnected experiences to give customers more personalized and immediate experiences both in-stores and online. The numbers don’t lie.

Retail

Retail Customer Experience Security Data breaches

Toymaker giant Mattel disclosed a ransomware attack

Security Affairs

NOVEMBER 4, 2020

Toy industry giant Mattel announced that it has suffered a ransomware attack that took place on July 28th, 2020, and impacted some of its business operations. The company filed a 10-Q form with the Securities and Exchange Commission (SEC), Mattel disclosed that it suffered a ransomware attack on July 28th, 2020. Pierluigi Paganini.

Ransomware

Ransomware Retail Encryption IT

Retailers: Credential Harvesting Attacks Are the “Big Thing” This Year for the Holiday Season

KnowBe4

NOVEMBER 21, 2022

New data polled from analysts and members of the retail industry about their security focus is this holiday season reveals the kinds of attacks every organization should be preparing for.

Retail

Retail Security Phishing

Report: Threat of Emotet and Ryuk

Security Affairs

JANUARY 31, 2020

Experts at cyber security firm Cypher conducted a study on Portuguese domains during 2019 and concluded that Emotet and Ryuk were the most active threats. The post Report: Threat of Emotet and Ryuk appeared first on Security Affairs. This is the conclusion of a study by Cipher Portugal, which studied Portuguese domains during 2019.

Ransomware

Ransomware Retail Phishing Encryption

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

MAY 12, 2024

The alert provides Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) obtained from law enforcement investigations and reports from third-party security firms. Most of the victims are in the manufacturing, engineering and construction, and retail sectors. ” reads the CSA. in Germany, and 5.9%

Ransomware

Ransomware Blockchain Retail Insurance

Cactus ransomware gang claims the Schneider Electric hack

Security Affairs

JANUARY 30, 2024

Energy management and industrial automation firm Schneider Electric suffered a data breach after a Cactus ransomware attack. Schneider Electric is a multinational company that specializes in energy management, industrial automation, and digital transformation.

Ransomware

Ransomware Data breaches Digital transformation Encryption

Cisco discovered several flaws in Sierra Wireless AirLink ES450 devices

Security Affairs

APRIL 27, 2019

Some of the flaws could be exploited to execute arbitrary code, modify passwords, and change system settings, Sierra Wireless AirLink gateways and routers are widely used in enterprise environments to connect industrial equipment, smart devices, sensors, point-of-sale (PoS) systems, and Industrial Control systems (ICSs).

Passwords

Passwords IoT Sales Authentication

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

MAY 5, 2021

.” At the time of the report, although Mandiant has no evidence about the purposes of the attacks, the broad targeting across multiple industries and the choosing of targets of a global scale, suggests that the attackers could be financially motivated. orgs with 3 malware appeared first on Security Affairs. Pierluigi Paganini.

Manufacturing

Manufacturing Phishing Military Retail

Russian TA505 threat actor target financial entities worldwide

Security Affairs

APRIL 18, 2019

Security experts at CyberInt uncovered a new campaign of a Russian financially motivated threat actor tracked as TA505. “CyberInt researchers have been tracking various activities following the spear-phishing campaign targeting large US-based retailers detected in December 2018.” Pierluigi Paganini.

Retail

Retail Phishing Ransomware Access

Steelcase office furniture giant hit by Ryuk ransomware attack

Security Affairs

OCTOBER 28, 2020

Steelcase is a US-based furniture company that produces office furniture, architectural and technology products for office environments and the education, health care and retail industries. Bleeping Computer, citing a source in the cybersecurity industry, confirmed that Steelcase suffered a Ryuk ransomware attack.

Ransomware

Ransomware Computer and Electronics Manufacturing Mining

FIN8 group used a previously undetected Sardonic backdoor in a recent attack

Security Affairs

AUGUST 25, 2021

The group focuses on organizations in the insurance, retail, technology, and chemical industries in the U.S., Tune the e-mail security solution to automatically discard malicious or suspicious attachments. Integrate threat intelligence into existing SIEM or security controls for relevant Indicators of Compromise.

Retail

Retail Insurance Cybersecurity Phishing

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Security Affairs

NOVEMBER 20, 2020

This ransomware strain emerged in September 2020, but the threat actors behind already managed to lock quite big companies, such as game developers Crytek, booksellers Barnes & Noble, and most recently a retail giant Cencosud from Chile. of victims) and Retail (14.5%). ProLock = Egregor. Inside Egregor. Pierluigi Paganini.

Ransomware

Ransomware Retail Encryption Manufacturing

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Security Affairs

OCTOBER 24, 2020

The company owns and operates eleven properties and an outdoor lifestyle equipment/apparel retail division with stores in cities throughout Michigan. An industry leader in multiple U.S. Most of the victims belong to the manufacturing industry, followed by IT and media and telecommunications sectors. Pierluigi Paganini.

Ransomware

Ransomware Retail Manufacturing Encryption

Nefilim ransomware gang published Luxottica data on its leak site

Security Affairs

OCTOBER 20, 2020

is an Italian eyewear conglomerate and the world’s largest company in the eyewear industry. As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com.

Ransomware

Ransomware IT Retail Manufacturing

FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads

Security Affairs

SEPTEMBER 4, 2021

As a California-based provider of POS technology for the retail and hospitality sector, a successful infection would allow the group to obtain payment card data and later sell the information on online marketplaces.” “The specified targeting of the Clearmind domain fits well with FIN7’s preferred modus operandi.

Retail

Retail Sales Phishing IT

FIN8 Hacking Group is back with an improved version of the ShellTea Backdoor

Security Affairs

JUNE 12, 2019

After two years of silence, FIN8 group is back and carried out a new campaign against the hotel-entertainment industry employing the ShellTea/PunchBuggy backdoor. The last time security experts documented the FIN8’s activities was in 2016 and 2017. ” reads the analysis published by Morphisec. ” continues the analysis.

Phishing

Phishing Retail Communications Security

Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

Krebs on Security

NOVEMBER 26, 2019

Two financial industry sources who track payment card fraud and asked to remain anonymous for this story said the four million cards were taken in breaches recently disclosed by restaurant chains Krystal , Moe’s , McAlister’s Deli and Schlotzsky’s. percent worldwide.

Sales

Sales Marketing Retail Security

Account Takeover Fraud Declines in Financial Services

Data Breach Today

JULY 30, 2024

Tighter Security Controls Help Stop Fraud, But Fake IDs and Web Scraping Are Rising Account takeover fraud in the financial services industry is declining in contrast with other industries such as retail and hospitality.

Financial Services

Financial Services Retail Authentication Cybersecurity

GUEST ESSAY: Here’s why penetration testing has become a ‘must-have’ security practice

The Last Watchdog

FEBRUARY 24, 2022

Now, let me give you a few reasons, why pen testing has emerged as a “must-have” security practice. For example, your website security may prove strong, applications not so much. A pen test can inform and help clarify security policies and strategies. These can be applications, IoT, Networks, API etc.

Security

Security Compliance Retail Risk

FBI warns US organizations of ProLock ransomware decryptor not working

Security Affairs

MAY 18, 2020

issued a flash alert to warn organizations of the new threat actor targeting healthcare, government, financial, and retail industries in the US. ” In March, threat actors behind PwndLocker changed the name of their malware to ProLock, immediately after security firm Emsisoft released a free decryptor tool.

Ransomware

Ransomware Retail Access Security

New Agent Raccoon malware targets the Middle East, Africa and the US

Security Affairs

DECEMBER 3, 2023

The malware was used in attacks against multiple industries, including education, real estate, retail, non-profit organizations, telecom companies, and governments. Unit42 researchers uncovered a new backdoor named Agent Raccoon, which is being used in attacks against organizations in the Middle East, Africa, and the U.S.

Retail

Retail Education Communications Government

21 Million stolen credentials from Fortune 500 companies available on the dark web

Security Affairs

OCTOBER 31, 2019

” The following table shows stolen credentials per industry: Most of the login credentials (95%) include plaintext passwords, 76% of them were compromised during the last 12 months. “With some persistence, they easily break-in being unnoticed by security systems and grab what they want. Pierluigi Paganini.

Passwords

Passwords Sales Retail Marketing

Hunton Publishes 2020 Retail Industry Year in Review

Hunton Privacy

FEBRUARY 2, 2021

This is an extraordinary and unprecedented time for the retail industry. Hunton Andrews Kurth’s 2020 Retail Industry Year in Review provides an in-depth analysis of the issues and challenges that retailers faced in the past year, and a look ahead at what they can expect in 2021.

Retail

Retail Privacy Cybersecurity Information Security

Volvo retailer leaks sensitive files

Retail giant Target open sources Merry Maker e-skimmer detection tool

Webinars

Trending Sources

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

Webinars

Software firm Blue Yonder providing services to US and UK stores, including Starbucks, hit by ransomware attack

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

Passwordless Authentication without Secrets!

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Retailers Take Note: Use Infogov to Reduce Fraud, Boost Security, Ensure Accuracy

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

Information Security and Compliance Through the Prism of Healthcare and Retail

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

Ransomware attacks break records in 2023: the number of victims rose by 128%

Sweden’s liquor supply severely impacted by ransomware attack on logistics company

Hackers hit Luxottica, production stopped at two Italian plants

SHARED INTEL: ‘Credential stuffers’ leverage enduring flaws to prey on video game industry

Security Affairs newsletter Round 245

New Data Covers How the Retail Market is at Greater Risk of Industry-Specific Cyberthreats

Are Retailers Shopping for a Cybersecurity Breach?

Influencing Change as Security Leader: Communication Is Key

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Retail in 2019 needs security precautions

Toymaker giant Mattel disclosed a ransomware attack

Retailers: Credential Harvesting Attacks Are the “Big Thing” This Year for the Holiday Season

Report: Threat of Emotet and Ryuk

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Cactus ransomware gang claims the Schneider Electric hack

Cisco discovered several flaws in Sierra Wireless AirLink ES450 devices

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Russian TA505 threat actor target financial entities worldwide

Steelcase office furniture giant hit by Ryuk ransomware attack

FIN8 group used a previously undetected Sardonic backdoor in a recent attack

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Nefilim ransomware gang published Luxottica data on its leak site

FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads

FIN8 Hacking Group is back with an improved version of the ShellTea Backdoor

Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

Account Takeover Fraud Declines in Financial Services

GUEST ESSAY: Here’s why penetration testing has become a ‘must-have’ security practice

FBI warns US organizations of ProLock ransomware decryptor not working

New Agent Raccoon malware targets the Middle East, Africa and the US

21 Million stolen credentials from Fortune 500 companies available on the dark web

Hunton Publishes 2020 Retail Industry Year in Review

Stay Connected