Hot for Security

APRIL 19, 2021

Notorious FIN7 gang stole payment card details from retailers around the world Cybercrime gang posed as penetration testing firm to recruit hackers. A key member of the FIN7 cybercrime gang – which is said to have caused over one billion dollars worth of damage around the world – has been sentenced to 10 years in jail.

Penetration Testing 144

Penetration Testing Retail Social Engineering Cybersecurity 144

Security Affairs

APRIL 25, 2024

Skanlog, a critical distributor for Systembolaget, the Swedish government-owned retail chain suffered a ransomware attack. It operates stores across Sweden and is responsible for the retail sale of wine, spirits, and strong beer. “It Systembolaget has a monopoly on the sale of alcoholic beverages containing more than 3.5%

Ransomware 96

Ransomware Retail Cyber Attacks Backups 96

Security Affairs

APRIL 21, 2024

PoC publicly available Linux variant of Cerber ransomware targets Atlassian servers Ivanti fixed two critical flaws in its Avalanche MDM Researchers released exploit code for actively exploited Palo Alto PAN-OS bug Cisco warns of large-scale brute-force attacks against VPN and SSH services PuTTY SSH Client flaw allows of private keys recovery A renewed (..)

Data breaches 96

Data breaches Phishing Ransomware Malware 96

Krebs on Security

JULY 25, 2023

Malware-based anonymity networks are a major source of unwanted and malicious web traffic directed at online retailers, Internet service providers (ISPs), social networks, email providers and financial institutions. SocksEscort began in 2009 as “ super-socks[.]com SocksEscort began in 2009 as “ super-socks[.]com com, super-socks[.]com,

Malware 197

Malware VPN Internet Internet 197

Security Affairs

OCTOBER 20, 2019

TA505 cybercrime group that operated the Dridex Trojan and Locky ransomware, has been using a new RAT dubbed SDBbot in recent attacks. Security experts at Proofpoint observed the notorious TA505 cybercrime group that has been using a new RAT dubbed SDBbot in recent attacks. Pierluigi Paganini.

Cybercrime 43

Cybercrime Advertising Retail Banking 43

Security Affairs

SEPTEMBER 4, 2021

FIN7 cybercrime gang used weaponized Windows 11 Alpha-themed Word documents to drop malicious payloads, including a JavaScript backdoor. Anomali Threat Research experts have monitored recent spear-phishing attacks conducted by financially motivated threat actor FIN7. ” reads the analysis published by Anomali.

Cybercrime 115

Cybercrime Retail Phishing Hacking 115

Security Affairs

NOVEMBER 23, 2023

American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack. AutoZone is an American retailer and distributor of automotive parts and accessories. The company is one of the largest aftermarket automotive parts and accessories retailers in the United States.

Data breaches 108

Data breaches Hacking Retail Identity Theft 108

Security Affairs

NOVEMBER 12, 2019

The analysis of a malicious email revealed a possible raising interest of the TA505 cybercrime gang in system integrator companies. The infrastructure used in the attacks suggests the involvement of the cybercrime group TA505. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. Introduction.

Cybercrime 42

Cybercrime Computers and Electronics Penetration Testing Malware 42

Security Affairs

MARCH 24, 2024

During the month of Ramadan, Resecurity observed a significant increase in fraudulent activities and scams, coinciding with a surge in retail and online transactions. Middle Eastern enterprises, facing this heightened risk, are urged to bolster consumer protection and reinforce their brand security.

Scams 105

Scams Consumer Protection Retail Government 105

Security Affairs

JANUARY 19, 2024

This group primarily focused its attacks on the construction, manufacturing/industrial, and retail industries.

Ransomware 119

Ransomware Manufacturing Retail Insurance 119

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 105

Social Engineering Spyware Data breaches Surveillance 105

Security Affairs

SEPTEMBER 6, 2022

Researchers discovered a previously undocumented software control panel, named TeslaGun, used by a cybercrime gang known as TA505. Researchers from cybersecurity firm PRODAFT have discovered a previously undocumented software control panel, tracked as TeslaGun, used by a cybercrime group known as TA505.

Cybercrime 93

Cybercrime Banking Malware Retail 93

Security Affairs

OCTOBER 14, 2021

The incident was disclosed after threat actors have advertised the sale of more than 60 GB of data on an underground cybercrime forum. The threat actors shared a link to stolen files and databases, stolen information includes customer data, financial information, login details for Acer retailers and distributors from India.

Computers and Electronics 77

Computers and Electronics Retail Media Cybercrime 77

Security Affairs

OCTOBER 20, 2021

The incident was disclosed after threat actors have advertised the sale of more than 60 GB of data on an underground cybercrime forum. The threat actors now claim to have breached the servers of Acer Taiwan on October 15th and have stolen internal data, including employee and product information.

Data breaches 94

Data breaches Retail Cybercrime Hacking 94

Security Affairs

JANUARY 30, 2024

In early January, the Cactus ransomware group claimed to have hacked Coop, one of the largest retail and grocery providers in Sweden. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Schneider Electric)

Ransomware 124

Ransomware Hacking Data breaches Digital transformation 124

Security Affairs

JUNE 10, 2021

Group-IB, a global threat hunting and adversarial cyber intelligence company specializing in the investigation and prevention of high-tech cybercrime, has published a comprehensive analysis of fraud cases on a global scale. . Over the past year, an average of over 100 phishing websites were created per insurer.

Scams 94

Scams Banking Retail Insurance 94

Security Affairs

JUNE 11, 2021

The US Department of Justice seized the servers and domains of the popular cybercrime marketplace SlilPP. In the past, law enforcement shut down other cybercrime marketplace focused on the sale of login credentials, such as xDedic and DEER.IO. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Cybercrime 110

Cybercrime Accountability Retail Cyber threats 110

Security Affairs

JANUARY 9, 2019

Early 2014, the high-end retailer confirmed a data breach, the incident happened a few weeks after the clamorous data breach at US giant retailer Target. Security Affairs – settlement, cybercrime ). million settlement with Neiman Marcus appeared first on Security Affairs. billion in the Q4 2013.

Data breaches 57

Data breaches Retail Advertising Cybercrime 57

Security Affairs

MARCH 30, 2023

The most recent version of AlienFox, Version 4, shows a totally different structure, it has added WordPress, Joomla, Drupal, Prestashop, Magento, and Opencart targeting, an Amazon.com retail site account checker. “The AlienFox toolset demonstrates another stage in the evolution of cybercrime in the cloud.” Tool1, Tool2).

Retail 92

Retail Cybercrime Cryptocurrency Malware 92

Security Affairs

JANUARY 7, 2024

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4

Artificial Intelligence 91

Artificial Intelligence Data breaches Scams Insurance 91

Security Affairs

MAY 1, 2023

While investigating the malware distribution, the researchers noticed the use of an infrastructure known to belong to cybercrime group TA505. Russian TA505 hacking group , aka Evil Corp , has been active since 2014 focusing on Retail and banking sectors. Upon executing the MSI file, a PowerShell command is launched.

Malware 89

Malware Cybercrime Banking Software 89

Security Affairs

NOVEMBER 25, 2022

“The users were able to impersonate an infinite number of entities (such as banks, retail companies and government institutions) for financial gain and substantial losses to victims.” ” “As cybercrime knows no borders, effective judicial cooperation across jurisdictions is key in bringing its perpetrators to court.

Retail 93

Retail Cybercrime Banking Passwords 93

Security Affairs

APRIL 12, 2024

The TA547 group sent emails to the victims impersonating the German retail company Metro, purportedly related to invoices. In past campaigns, the group used a PowerShell script likely generated by large language model (LLM) such as ChatGPT , Gemini, CoPilot, etc.

Malware 101

Malware Social Engineering Retail Engineering 101

Security Affairs

NOVEMBER 4, 2020

“A forensic investigation of the incident has concluded, and no exfiltration of any sensitive business data or retail customer, supplier, consumer, or employee data was identified. Mattel contained the attack and, although some business functions were temporarily impacted, Mattel restored its operations.”

Ransomware 109

Ransomware Retail Advertising Malware 109

Security Affairs

APRIL 16, 2023

hacking tools and electronics A new round of the weekly SecurityAffairs newsletter arrived!

Data breaches 74

Data breaches Spyware Retail Surveillance 74

Security Affairs

NOVEMBER 19, 2022

Other campaigns observed by the experts invited recipients to claim gift cards from popular retailers like Home Depot. In this case, the spam messages include links to fake online survey pages that have nothing to do with the retailer’s gift card.

Scams 142

Scams Retail Password Management Phishing 142

Security Affairs

OCTOBER 23, 2022

Multiple supply chains potentially impacted Bulgaria hit by a cyber attack originating from Russia Interpol arrested 75 members of the cybercrime ring Black Axe 45,654 VMware ESXi servers reached End of Life on Oct.

Data breaches 67

Data breaches Retail Cybercrime Ransomware 67

Security Affairs

FEBRUARY 2, 2022

Cyber security team at retail giant Walmart dissected a new ransomware family dubbed Sugar, which implements a ransomware-as-a-service model. The cyber threat team at retail giant Walmart has analyzed a new ransomware family dubbed Sugar, which is offered through a ransomware-as-a-service (RaaS) model.

Ransomware 98

Ransomware Retail Malware Cyber threats 98

Security Affairs

AUGUST 20, 2021

. “ The teams remain mobilized, executing the protection and recovery plan, with all their control and security protocols, and working to re-establish all company operations.” The retailer also reported that its main databases were not impacted. . ” reads a statement from the company.

Ransomware 106

Ransomware Retail Cryptocurrency Data breaches 106

Security Affairs

FEBRUARY 10, 2022

Set strict security protocols enabling employees to effectively verify customer credentials before changing their numbers to a new device. Authenticate calls from third party authorized retailers requesting. Authenticate calls from third party authorized retailers requesting. Follow me on Twitter: @securityaffairs and Facebook.

Mobile 92

Mobile Cryptocurrency Authentication Accountability 92

SC Magazine

MAY 1, 2021

Prior to Mastercard, Abdullah was the chief information security officer at Xerox, where she established and led a corporate-wide information risk management program. She also served as the deputy chief information officer of the White House. She is also the host of the Mastering Cyber podcast.

Computers and Electronics 126

Computers and Electronics Technology Education Information Security 126

Security Affairs

JANUARY 19, 2024

The incident interrupted retail store inventory replenishment and delayed order fulfillment. VF Corp also added that it has found no evidence that customer passwords were stolen. Following the shutdown of certain systems, VF encountered disruptions in its operations.

Data breaches 112

Data breaches Retail Insurance Passwords 112

Security Affairs

MAY 20, 2023

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. The investigation into the security breach is still ongoing. “We Luxottica Group S.p.A.

Data breaches 91

Data breaches Retail Hacking Ransomware 91

Security Affairs

NOVEMBER 8, 2021

Electronics retail giant MediaMarkt was hit by a ransomware attack that disrupted store operations in the Netherlands and Germany. Media Markt is a German multinational chain of stores selling consumer electronics with over 1000 stores in Europe.

Computers and Electronics 112

Computers and Electronics Ransomware Retail Spyware 112

Security Affairs

OCTOBER 18, 2020

Mandiant researchers highlighted an important with operations conducted by the TA505 cybercrime gang (aka Evil Corp ), which has been active since 2014 focusing on retail and banking sectors. Experts also reported that the threat actor modified the macros in Office documents used as bait and also added geofencing techniques.

Ransomware 129

Ransomware Malware Telecommunications Advertising 129

Security Affairs

NOVEMBER 11, 2020

Kvashuk is a Ukrainian citizen living in Renton, Washngton, was responsible for helping test Microsoft’s online retail sales platform. The man was involved in the testing of Microsoft’s online retail sales platform and abused testing access to steal “currency stored value” (CSV) such as digital gift cards.

Identity Theft 102

Identity Theft Retail Engineering Software 102

Security Affairs

DECEMBER 5, 2022

“In the Box” dark web marketplace is leveraged by cybercriminals to attack over 300 financial institutions (FIs), payment systems, social media and online-retailers in 43 countries. Resecurity has identified a new underground marketplace in the Dark Web oriented towards mobile malware developers and operators.

Mobile 101

Mobile Malware Banking Retail 101