Security Affairs

FEBRUARY 2, 2022

Cyber security team at retail giant Walmart dissected a new ransomware family dubbed Sugar, which implements a ransomware-as-a-service model. The cyber threat team at retail giant Walmart has analyzed a new ransomware family dubbed Sugar, which is offered through a ransomware-as-a-service (RaaS) model.

Ransomware 97

Ransomware Retail Malware Cyber threats 97

Security Affairs

NOVEMBER 8, 2021

Electronics retail giant MediaMarkt was hit by a ransomware attack that disrupted store operations in the Netherlands and Germany. Bleeping Computer, citing screenshots posted on Twitter, reported that 3,100 servers were infected with the ransomware. The Hive ransomware adds the.hive extension to the filename of encrypted files.

Computers and Electronics 113

Computers and Electronics Ransomware Retail Spyware 113

Security Affairs

OCTOBER 18, 2020

The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. The financially-motivated hacker group FIN11 has switched tactics starting using ransomware as the main monetization method. ” reads the analysis published by FireEye.

Ransomware 131

Ransomware Malware Telecommunications Advertising 131

Security Affairs

NOVEMBER 4, 2020

Toymaker giant Mattel disclosed a ransomware attack, the incident took place in July and impacted some of its business operations. Toy industry giant Mattel announced that it has suffered a ransomware attack that took place on July 28th, 2020, and impacted some of its business operations. ” reads the 10-Q form.

Ransomware 110

Ransomware Retail Advertising Malware 110

Security Affairs

DECEMBER 1, 2023

The Black Basta ransomware gang infected over 300 victims accumulating ransom payments exceeding $100 million since early 2022. The Black Basta ransomware group has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. ” reads the Elliptic’s report.

Ransomware 85

Ransomware Retail Malware Insurance 85

Security Affairs

AUGUST 20, 2021

Lojas Renner, the largest Brazilian department stores clothing company, suffered a ransomware attack that impacted its IT infrastructure. Lojas Renner, the largest Brazilian department stores clothing company, announced to have suffered a ransomware attack that impacted its IT infrastructure. SecurityAffairs – hacking, ransomware).

Ransomware 107

Ransomware Retail Cryptocurrency Data breaches 107

Security Affairs

APRIL 21, 2024

carmaker with phishing attacks Law enforcement operation dismantled phishing-as-a-service platform LabHost Previously unknown Kapeka backdoor linked to Russian Sandworm APT Cisco warns of a command injection escalation flaw in its IMC. Automotive Industry Chinese Organized Crime’s Latest U.S.

Data breaches 97

Data breaches Phishing Ransomware Malware 97

Security Affairs

OCTOBER 20, 2020

The Nefilim ransomware operators have posted a long list of files that appear to belong to Italian eyewear and eyecare giant Luxottica. Security experts believe that threat actor exploited the above flaw to infect the systems at the company with ransomware. Luxottica Group S.p.A. ” explained Odysseus. Pierluigi Paganini.

Ransomware 138

Ransomware Cyber Attacks Advertising Retail 138

Security Affairs

JUNE 16, 2023

British multinational oil and gas company Shell has confirmed that it has suffered a ransomware attack conducted by the Clop group. The Clop ransomware gang claims to have hacked hundreds of companies by exploiting the above issue. Our IT teams are investigating to understand and manage any risks, and take appropriate action, she said.

Ransomware 89

Ransomware Data breaches Penetration Testing Government 89

Security Affairs

OCTOBER 24, 2020

The systems at the US-based ski and golf resort operator were infected with the WastedLocker ransomware, the incident impacted reservation systems. The company owns and operates eleven properties and an outdoor lifestyle equipment/apparel retail division with stores in cities throughout Michigan. Pierluigi Paganini.

Ransomware 85

Ransomware Telecommunications Banking Advertising 85

Security Affairs

NOVEMBER 23, 2023

American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack. AutoZone is an American retailer and distributor of automotive parts and accessories. The company is one of the largest aftermarket automotive parts and accessories retailers in the United States.

Data breaches 109

Data breaches Hacking Retail Identity Theft 109

Security Affairs

JUNE 7, 2023

Clop ransomware group claims to have hacked hundreds of companies globally by exploiting MOVEit Transfer vulnerability. The Clop ransomware group may have compromised hundreds of companies worldwide by exploiting a vulnerability in MOVEit Transfer software. ” reads the message published by the gang.

Hacking 76

Hacking Ransomware Retail Cyber Attacks 76

Security Affairs

JUNE 9, 2023

Researchers discovered that the Clop ransomware gang was looking for a zero-day exploit in the MOVEit Transfer since 2021. Kroll security experts discovered that the Clop ransomware gang was looking for a zero-day exploit in the MOVEit Transfer since 2021. reads the message published by the gang.

Ransomware 78

Ransomware Hacking Retail Internet 78

Security Affairs

SEPTEMBER 3, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Hacks QakBot, Quietly Removes Botnet Infections Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs Why is.US

Social Engineering 105

Social Engineering Spyware Data breaches Surveillance 105

Security Affairs

JANUARY 7, 2024

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4

Artificial Intelligence 91

Artificial Intelligence Data breaches Scams Insurance 91

Security Affairs

OCTOBER 20, 2019

TA505 cybercrime group that operated the Dridex Trojan and Locky ransomware, has been using a new RAT dubbed SDBbot in recent attacks. Security experts at Proofpoint observed the notorious TA505 cybercrime group that has been using a new RAT dubbed SDBbot in recent attacks. Pierluigi Paganini.

Cybercrime 43

Cybercrime Advertising Retail Banking 43

Security Affairs

JULY 15, 2019

Some of the crooks behind the Dridex Trojan have split from the gang and released a forked version of the BitPaymer ransomware dubbed DoppelPaymer. Cybercrime gang tracked as TA505 has been active since 2014 and focusing on Retail and Banking industries. ” reads the analysis published by CrowdStrike.

Ransomware 73

Ransomware Encryption Advertising Malware 73

Security Affairs

OCTOBER 23, 2022

Multiple supply chains potentially impacted Bulgaria hit by a cyber attack originating from Russia Interpol arrested 75 members of the cybercrime ring Black Axe 45,654 VMware ESXi servers reached End of Life on Oct. The post Security Affairs newsletter Round 390 appeared first on Security Affairs. Pierluigi Paganini.

Data breaches 65

Data breaches Retail Ransomware Cybercrime 65

Security Affairs

NOVEMBER 12, 2019

The analysis of a malicious email revealed a possible raising interest of the TA505 cybercrime gang in system integrator companies. The used infrastructure, by analyzing the dropping urls, looks like an old infrastructure used for propagating Ransomware. I am a computer security scientist with an intensive hacking background.

Cybercrime 42

Cybercrime Computers and Electronics Penetration Testing Malware 42

Security Affairs

OCTOBER 14, 2021

The incident was disclosed after threat actors have advertised the sale of more than 60 GB of data on an underground cybercrime forum. The threat actors shared a link to stolen files and databases, stolen information includes customer data, financial information, login details for Acer retailers and distributors from India.

Computers and Electronics 76

Computers and Electronics Retail Media Cybercrime 76

Security Affairs

OCTOBER 20, 2021

The incident was disclosed after threat actors have advertised the sale of more than 60 GB of data on an underground cybercrime forum. The threat actors now claim to have breached the servers of Acer Taiwan on October 15th and have stolen internal data, including employee and product information.

Data breaches 96

Data breaches Retail Cybercrime Hacking 96

Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. UK fashion retailer FatFace angered customers in its handling of a customer data theft hack. More and More Ransomware Attacks. How not to disclosure a Hack.

Energy and Utilities 122

Energy and Utilities Ransomware Banking Hacking 122

Security Affairs

SEPTEMBER 6, 2022

Researchers discovered a previously undocumented software control panel, named TeslaGun, used by a cybercrime gang known as TA505. Researchers from cybersecurity firm PRODAFT have discovered a previously undocumented software control panel, tracked as TeslaGun, used by a cybercrime group known as TA505.

Cybercrime 91

Cybercrime Banking Malware Retail 91

Security Affairs

MAY 20, 2023

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. The investigation into the security breach is still ongoing. “We Luxottica Group S.p.A.

Data breaches 89

Data breaches Retail Hacking Ransomware 89

Security Affairs

MARCH 4, 2023

FiXS, a new ATM malware that is targeting Mexican banks BidenCash leaks 2.1M stolen credit/debit cards Pegasus spyware used to spy on a Polish mayor Hundreds of thousands of websites hacked as part of redirection campaign MQsTTang, a new backdoor used by Mustang Panda APT against European entities Trusted Platform Module (TPM) 2.0

Spyware 83

Spyware Data breaches Retail Ransomware 83

Security Affairs

JANUARY 19, 2024

In December 2023, VF Corp announced it was the victim of a ransomware attack and was forced to take some systems down to contain the threat. Now the company confirmed attackers stole corporate and personal information impacting 35.5 The incident interrupted retail store inventory replenishment and delayed order fulfillment.

Data breaches 113

Data breaches Retail Insurance Passwords 113

Security Affairs

JUNE 13, 2023

UK communications regulator Ofcom suffered a data breach after a Clop ransomware attack exploiting the MOVEit file transfer zero-day. UK’s communications regulator Ofcom disclosed a data breach after a Clop ransomware attack.

Hacking 68

Hacking Data breaches Ransomware Retail 68

Security Affairs

NOVEMBER 19, 2022

Other campaigns observed by the experts invited recipients to claim gift cards from popular retailers like Home Depot. In this case, the spam messages include links to fake online survey pages that have nothing to do with the retailer’s gift card. The experts also published a guide for a secure holiday shopping.

Scams 141

Scams Retail Password Management Phishing 141

Security Affairs

APRIL 16, 2023

hacking tools and electronics A new round of the weekly SecurityAffairs newsletter arrived!

Data breaches 72

Data breaches Spyware Retail Surveillance 72

Security Affairs

MAY 1, 2023

While investigating the malware distribution, the researchers noticed the use of an infrastructure known to belong to cybercrime group TA505. Russian TA505 hacking group , aka Evil Corp , has been active since 2014 focusing on Retail and banking sectors. ” reads the report published by Elastic Security Labs.

Malware 87

Malware Cybercrime Banking Software 87

Security Affairs

FEBRUARY 9, 2020

In December, Maastricht University was hit with ransomware attack, now the university admitted to have paid the ransom requested by crooks. In December 2019, Maastricht University (UM) announced that ransomware infected almost all of its Windows systems on December 23.

Ransomware 107

Ransomware Cyber Attacks Architecture Backups 107

Security Affairs

NOVEMBER 21, 2021

The Conti ransomware group has suffered a data breach that exposed its attack infrastructure and allowed researcher to access it. Researchers at security firm Prodaft were able to identify the real IP address of one of the servers used by the Conti ransomware group and access the console for more than a month.

Ransomware 82

Ransomware Retail Data breaches Hacking 82

Security Affairs

FEBRUARY 6, 2022

If you want to also receive for free the newsletter with the international press subscribe here.

Social Engineering 78

Social Engineering Cryptocurrency Small Business Ransomware 78

Security Affairs

JANUARY 5, 2020

Synoptek, A California-based IT service provider decided to pay the ransom to decrypt its files after being infected with the Sodinokibi ransomware. Synoptek, a California-based provider of IT management and cloud hosting services paid the ransom to decrypt its files following a Sodinokibi ransomware attack.

Ransomware 65

Ransomware Financial Services Retail Advertising 65

Security Affairs

NOVEMBER 14, 2021

The post Security Affairs newsletter Round 340 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Spyware 53

Spyware Data breaches Ransomware Retail 53

Security Affairs

DECEMBER 12, 2019

The group was very active bank frauds , ransomware and malware campaigns, and cryptojacking attacks. ” Security experts at Cybereason published an analysis that corroborates the SentinelOne’s attribution, but they didn’t observe the use of the Anchor framework by the Lazarus Group. .”

Cybercrime 62

Cybercrime Malware Hacking Advertising 62

Security Affairs

JANUARY 22, 2023

The Irish DPC fined WhatsApp €5.5M

Data breaches 90

Data breaches Retail Malware VPN 90