2009, Information Security and Phishing

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

Security Affairs

JULY 6, 2021

According to Group-IB’s Threat Intelligence team, the suspect, dubbed Dr HeX by Group-IB based on one of the nicknames that he used, has been active since at least 2009 and is responsible for a number of cybercrimes, including phishing, defacing, malware development, fraud, and carding that resulted in thousands of unsuspecting victims.

Cybercrime

Cybercrime Phishing Banking Telecommunications

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

North Korea-linked threat actors posed as Samsung recruiters in a spear-phishing campaign aimed at employees at South Korean security firms. According to the Google Threat Horizons report, the state-sponsored hackers sent fake job offers to employees at the security companies. . ” reads the Google Threat Horizons report.

Malware

Malware Phishing Antivirus Hacking

Personal info of 90k hikers leaked by French tourism company La Malle Postale

Security Affairs

MAY 13, 2023

The leaked information included names, phone numbers, emails, private communication via SMS messages, passwords, and employees’ credentials. Founded in 2009, the company provides luggage and passenger transportation services on many popular hiking routes, including the famous Santiago de Compostela pilgrimage trail.

Passwords

Passwords Identity Theft Scams Social Engineering

Experts found 20 Million tax records for Russian citizens exposed online

Security Affairs

OCTOBER 1, 2019

Security experts from Comparitech along with security researcher Bob Diachenko discovered 20 million tax records belonging to Russian citizens exposed online in clear text and without protection. “Potential victims should also be on the lookout for targeted phishing and other scams. ” continues the experts.

Identity Theft

Identity Theft Scams Advertising Risk

Telehealth: A New Frontier in Medicine—and Security

SecureList

FEBRUARY 1, 2022

Number of data leaks from medical organizations, 2009–2020. Let’s see if there are any informational security issues with these wearables. From June to December of 2021, we found more than 150,000 phishing attacks that used the medical theme. The HIPAA Journal , which is focused on leaks in the U.S.

Phishing

Phishing Healthcare IoT Authentication

An ongoing Qbot campaign targeted customers of tens of US banks

Security Affairs

JUNE 18, 2020

Security researchers at F5 Labs have spotted ongoing attacks using Qbot malware payloads to steal credentials from customers of dozens of US financial institutions. Qbot , aka Qakbot , is a data stealer worm with backdoor capabilities that was first detected by Symantec back in 2009. The campaign targets 36 different U.S.

Banking

Banking Malware Advertising Financial Services

North Korea-linked Lazarus APT targets the COVID-19 research

Security Affairs

DECEMBER 25, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The wAgent backdoor allows the attackers to executed various shell commands to gather information from the infected device.

Cryptocurrency

Cryptocurrency Malware Hacking Phishing

North Korea-linked Lazarus APT hides malicious code within BMP image to avoid detection

Security Affairs

APRIL 20, 2021

BMP) image files in a recent spear-phishing campaign targeting entities in South Korea. . Experts from Malwarebytes have uncovered a spear-phishing attack conducted by a North Korea-linked Lazarus APT group that obfuscated a malicious code within a bitmap (.BMP) North Korea-linked Lazarus APT group is abusing bitmap (.BMP)

Phishing

Phishing Hacking Cryptocurrency Encryption

North Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks

Security Affairs

JANUARY 27, 2022

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Malware

Malware Hacking Phishing Ransomware

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

Security Affairs

JUNE 7, 2021

Watch out for incoming spam emails, unsolicited texts, and phishing messages. An example of leaked passwords included in the RockYou2021 compilation: With a collection that exceeds its 12-year-old namesake by more than 262 times, this leak is comparable to the Compilation of Many Breaches (COMB) , the largest data breach compilation ever.

Passwords

Passwords Data breaches Accountability Password Management

Lazarus malware delivered to South Korean users via supply chain attacks

Security Affairs

NOVEMBER 16, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. In August, F-Secure Labs experts observed a spear-phishing campaign targeting an organization in the cryptocurrency industry.

Malware

Malware Software Cryptocurrency Financial Services

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Security Affairs

FEBRUARY 25, 2021

The attack chain starts with COVID19-themed spear-phishing messages that contain either a malicious Word attachment or a link to one hosted on company servers. . The experts discovered the custom backdoor while investigating an incident, it was used by attackers for lateral movements and data exfiltration.

Malware

Malware Cryptocurrency Password Management Encryption

Billions of FBS Records Exposed in Online Trading Broker Data Leak

Security Affairs

MARCH 24, 2021

User information on online trading platforms should be well secured to prevent similar data leaks. Founded in 2009, FBS is an international online forex broker with more than 400,000 partners and 16 million traders spanning over 190 countries. Scams, Phishing and Malware. Who is FBS.

Passwords

Passwords Accountability Media Identity Theft

APT10 is back with two new loaders and new versions of known payloads

Security Affairs

MAY 27, 2019

The group has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide.

Advertising

Advertising Malware Government Hacking

EU has imposed sanctions on foreign actors for the first time ever

Security Affairs

JULY 31, 2020

The group has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide.

Cyber Attacks

Cyber Attacks Hacking Advertising Government

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Security Affairs

JUNE 27, 2019

The group has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide. ” continues the report.

Identity Theft

Identity Theft Hacking System Administration Advertising

Cyber Security Roundup for May 2021

Security Boulevard

MAY 3, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, April 2021. The UK Security Service MI5 said 10,000 staff from every UK government department and from important UK industries have been lured by fake LinkedIn profiles.

Ransomware

Ransomware Passwords Scams Government

IRISSCON 2022 roundup: a new hope

BH Consulting

NOVEMBER 15, 2022

Georgia Bafoutsou of ENISA, the EU’s information security agency, called on those attending to amplify messages about security awareness. Using humour to deliver a serious message, she said social engineering tests done badly can foster a “toxic” security culture. Making security easy: the UX challenge.

Social Engineering

Social Engineering Insurance CISO Ransomware

Platinum APT and leverages steganography to hide C2 communications

Security Affairs

JUNE 6, 2019

According to Microsoft, the Platinum has been active since at least 2009, it was responsible for spear phishing attacks on ISPs, government organizations, intelligence agencies, and defense institutes. The APT group was discovered by Microsoft in 2016, it targeted organizations in South and Southeast.

Encryption

Encryption Government Advertising Cyber Attacks

The Platinum APT group adds the Titanium backdoor to its arsenal

Security Affairs

NOVEMBER 9, 2019

According to Microsoft, the Platinum has been active since at least 2009, it was responsible for spear phishing attacks on ISPs, government organizations, intelligence agencies, and defense institutes. The APT group was discovered by Microsoft in 2016, it targeted organizations in South and Southeast.

Encryption

Encryption Passwords Malware Software

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Krebs wrote for The Washington Post between 1995 and 2009 before launching his current blog KrebsOnSecurity.com. Read more: Top IT Asset Management Tools for Security.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Kroger reaches $5M settlement with breach victims, as Supreme Court defines ‘actual harm’

SC Magazine

JULY 8, 2021

Specifically, companies should be incentivized to invest more in information security through such tactics as tax breaks, while government and regulators should focus on greater access to tools and education, and eliminating the financial motives of the threat actors. “However, the stick approach will not move the needle.

Data breaches

Data breaches Insurance Risk Ransomware

Cyber Security Informer

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Trending Sources

Personal info of 90k hikers leaked by French tourism company La Malle Postale

Experts found 20 Million tax records for Russian citizens exposed online

Telehealth: A New Frontier in Medicine—and Security

An ongoing Qbot campaign targeted customers of tens of US banks

North Korea-linked Lazarus APT targets the COVID-19 research

North Korea-linked Lazarus APT hides malicious code within BMP image to avoid detection

North Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

Lazarus malware delivered to South Korean users via supply chain attacks

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Billions of FBS Records Exposed in Online Trading Broker Data Leak

APT10 is back with two new loaders and new versions of known payloads

EU has imposed sanctions on foreign actors for the first time ever

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Cyber Security Roundup for May 2021

IRISSCON 2022 roundup: a new hope

Platinum APT and leverages steganography to hide C2 communications

The Platinum APT group adds the Titanium backdoor to its arsenal

Top Cybersecurity Accounts to Follow on Twitter

Kroger reaches $5M settlement with breach victims, as Supreme Court defines ‘actual harm’

Stay Connected