SecureWorld News

JUNE 10, 2025

UNFI supplies a vast ecosystem of retailers, including Whole Foods Market, which relies heavily on its distribution network. This breach not only raises concerns about UNFI's internal resilience but also underscores broader risks to food supply chains and retail operations. UNFI also provided a systems update regarding the issue.

Cyber Attacks

SecureWorld News

FEBRUARY 14, 2025

Last year saw a 110% rise in cybercrime in the lead up to Valentine's Day. And 2025 will be no different, as increasingly sophisticated online hackers seek to take advantage of Valentine's themed email traffic, social media advertisements, or marketing campaigns, and exploit heightened emotions and a desire to connect.

Scams

SecureWorld News

JULY 28, 2025

The threat actors are bypassing traditional endpoint protections by directly attacking the hypervisor layer, utilizing social engineering and identity compromise to hijack administrative access and deploy ransomware from within. While several members were recently arrested in the U.K. ,

Social Engineering

Malwarebytes

FEBRUARY 4, 2025

The same is true for all text-based social engineering tricks, as AI chat tools can write alluring direct messages for romance scams and craft urgent-sounding texts that can fool people into clicking on links that carry malware. That could change in 2025. The truth is that AI is here to stay.

Artificial Intelligence

Malwarebytes

APRIL 24, 2025

Then you’re like millions of other users now at risk from a new form of cybercrime – malware that can read your credit or debit card and hand its data over to an attacker. It’s how tap-to-pay machines found in retailers and ATMs work their magic. Got an Android phone? Got a tap-to-pay card?

Malware

Security Affairs

JULY 10, 2025

The cyberattacks on British retailers caused massive disruptions and huge financial losses to the businesses. In early May, the attackers behind the Co-op cyberattack, who go online with the name DragonForce , told the BBC that they had stolen data from the British retail and provided proof of the data breach. continues the report.

Computers and Electronics

Security Affairs

JUNE 29, 2025

House banned WhatsApp on government devices due to security concerns Russia-linked APT28 use Signal chats to target Ukraine official with malware China-linked APT Salt Typhoon targets Canadian Telecom companies U.S.

Data breaches

Webroot

APRIL 22, 2025

Here are some of the most likely targets for access to consumer data: Healthcare organizations : Healthcare companies are a prime target for cybercrime due to the large amounts of sensitive data they store, which includes personal information and medical records. This makes it accessible to a worldwide network of criminals.

Data breaches

Security Affairs

JUNE 23, 2025

In early May, the attackers behind the Co-op cyberattack, who go online with the name DragonForce , told the BBC that they had stolen data from the British retail and provided proof of the data breach. DragonForce runs a cybercrime affiliate service, letting affiliates use its tools to launch attacks and extort victims.

Retail

SecureList

MARCH 25, 2025

The attackers employed social engineering techniques to trick victims into sharing their financial data or making a payment on a fake page. This should not come as a surprise given Amazon is one of the world’s largest online retailers. We analyzed phishing detections separately for users of our home and business products.

Phishing

Security Affairs

MAY 13, 2025

M&S is a major British multinational retailer headquartered in London. BleepingComputer reported that DragonForce ransomware affiliates usedScattered Spider social engineering tacticsto target Marks and Spencer. The company did not share technical details about the attack.

Data breaches

Security Affairs

OCTOBER 27, 2024

CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812 Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment Internet Archive was breached twice in a month Unknown threat actors exploit Roundcube Webmail flaw (..)

Data breaches

Zero Day

JUNE 22, 2025

We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions.   Think you've been involved in a data breach?

Passwords

Digital Shadows

NOVEMBER 26, 2024

The proliferation of cybercrime guides on forums and a 7% rise in insider threat content, driven by significant financial incentives, highlight the growing complexity of cybersecurity challenges. It’s realistically possible that the rise in phishing attacks during the current reporting period stems from the time of year.

Cyber Attacks

Krebs on Security

JULY 10, 2025

Authorities in the United Kingdom this week arrested four people aged 17 to 20 in connection with recent data theft and extortion attacks against the retailers Marks & Spencer and Harrods , and the British food retailer Co-op Group. KrebsOnSecurity has learned the identities of two of the suspects. In November 2024, U.S.

Cybercrime

Zero Day

JUNE 20, 2025

We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions.   Think you've been involved in a data breach?

Passwords

Krebs on Security

APRIL 30, 2020

Most online retailers years ago stopped shipping to regions of the world most frequently associated with credit card fraud, including Eastern Europe, North Africa, and Russia. If that were the case, we’d also expect to see dumps prices fall significantly across the cybercrime economy. ” CONSCIENCE VS. COMMERCE.

Cybercrime

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime

Hot for Security

APRIL 19, 2021

Notorious FIN7 gang stole payment card details from retailers around the world Cybercrime gang posed as penetration testing firm to recruit hackers. A key member of the FIN7 cybercrime gang – which is said to have caused over one billion dollars worth of damage around the world – has been sentenced to 10 years in jail.

Penetration Testing

Krebs on Security

DECEMBER 29, 2022

Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. 24, Russia invades Ukraine, and fault lines quickly begin to appear in the cybercrime underground. I will also continue to post on LinkedIn about new stories in 2023.

Cryptocurrency

Security Boulevard

JANUARY 24, 2022

Fom driverless cars, dictation tools, translator apps, predictive analytics and application tracking, as well as retail tools such as smart shelves and carts to apps that help people […]… Read More. The post See No Evil, Hear No Evil: The Use of Deepfakes in Social Engineering Attacks appeared first on The State of Security.

Social Engineering

The Last Watchdog

JULY 13, 2023

The economic impact of cybercrime on business across the globe continues to reach new levels, with the cost predicted to reach US$10.5 The data shows how perceptions around cyber and technology risks, from ransomware and other cyber-attacks to the threats posed by AI, are changing the global business risk landscape.

Cyber Risk

Thales Cloud Protection & Licensing

NOVEMBER 5, 2024

Holiday Shopping Readiness: How is Retail Data Security Holding Up? Retailers have been prepping for this season all year and are ready to provide a safe, secure, and seamless customer shopping experience. According to the National Retail Federation (NFR), retail sales during 2024 will grow between 2.5% trillion and $5.28

Retail

Hot for Security

JUNE 25, 2021

33-year-old Andrii Kolpakov worked for the FIN7 gang (also sometimes known as Carbanak, Navigator Group, or Anunak) which made its fortune targeting retailers, restaurants, and gambling firms in more than 40 countries around the world, stealing tens of millions of payment card details at thousands of business locations. million dollars.

Hacking

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering

Security Boulevard

NOVEMBER 5, 2024

Holiday Shopping Readiness: How is Retail Data Security Holding Up? Retailers have been prepping for this season all year and are ready to provide a safe, secure, and seamless customer shopping experience. According to the National Retail Federation (NFR), retail sales during 2024 will grow between 2.5% trillion and $5.28

Retail

Malwarebytes

OCTOBER 24, 2022

His compromise modus operandi was a combination of breaking into networks run by food retailers, and breaking into networks containing confidential patient records. This could put those people at an increased risk of social engineering or identity theft. That’s quite a peculiar mixture.

Cybercrime

Penetration Testing

MAY 6, 2025

A new report from Mandiant, a Google Cloud company, sheds light on the renewed activity of UNC3944, a The post Scattered Spider (UNC3944) Resurfaces with Ties to DragonForce and RansomHub in Retail Attacks appeared first on Daily CyberSecurity.

Retail

Security Affairs

APRIL 12, 2024

The TA547 group sent emails to the victims impersonating the German retail company Metro, purportedly related to invoices. Like LLM-generated social engineering lures, threat actors may incorporate these resources into an overall campaign.” ” concludes the report.

Malware

Security Affairs

NOVEMBER 29, 2020

A cyberattack crippled the IT infrastructure of the City of Saint John Hundreds of female sports stars and celebrities have their naked photos and videos leaked online Romanians arrested for running underground malware services Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs Computer Security and Data Privacy, the perfect alliance (..)

Data breaches

SecureWorld News

AUGUST 4, 2022

Most recently, a former T-Mobile retail store owner was convicted for stealing employee credentials to illegally access internal computer systems and unlock and unblock cellphones. Very often he would socially engineer employees at the IT help desk to get their credentials. How was he unlocking these phones?

Mobile

Security Affairs

NOVEMBER 25, 2022

“The users were able to impersonate an infinite number of entities (such as banks, retail companies and government institutions) for financial gain and substantial losses to victims.” ” “As cybercrime knows no borders, effective judicial cooperation across jurisdictions is key in bringing its perpetrators to court.

Cybercrime

Security Affairs

OCTOBER 20, 2020

Group-IB assisted Paxful, an international peer-to-peer cryptocurrency marketplace, in countering web-bot and social engineering attacks. The combination of advanced anti-fraud technologies and intelligence protects both banking and retail customers. million customers against possible attacks. About Group-IB.

Cryptocurrency

Security Affairs

OCTOBER 3, 2021

The TA544 group leverages phishing and social engineering techniques to lure victims into enabling macro included in weaponized documents. The analysis of the web injects used by the group suggests that the threat actors were also interested in steal credentials for websites associated with major retailers.

Malware

Security Affairs

FEBRUARY 6, 2022

LockBit ransomware gang claims to have stolen data from PayBito crypto exchange FBI issued a flash alert on Lockbit ransomware operation CISA orders federal agencies to fix actively exploited CVE-2022-21882 Windows flaw Over 500,000 people were impacted by a ransomware attack that hit Morley Ransomware attack hit Swissport International causing delays (..)

Cryptocurrency

SC Magazine

JUNE 24, 2021

A new blog post report has shone a light on the malicious practice known as voice phishing or vishing – a social engineering tactic that some cyber experts say has only grown in prominence since COVID-19 forced employees to work from home. (Ser Amantio di Nicolao, CC BY-SA 3.0 , via Wikimedia Commons).

Phishing

Security Affairs

AUGUST 13, 2020

Since then, it has conducted 26 targeted attacks on commercial organizations alone, including companies in the fields of construction , finance , consulting , retail , banking , insurance , law ,and travel. The APT group RedCurl, discovered by Group-IB Threat Intelligence experts, has been active since at least 2018.

Phishing