Security Affairs

MAY 13, 2025

M&S is a major British multinational retailer headquartered in London. The DragonForce group claimed the attack on M&S and Co-op, and told the BBC that they have attempted to hack Harrods. No action is required, but customers should be cautious of potential phishing attempts, as M&S will never request personal account info.

Data breaches 62

Data breaches Cyber Attacks Passwords Social Engineering 62

Security Affairs

OCTOBER 27, 2024

CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812 Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment Internet Archive was breached twice in a month Unknown threat actors exploit Roundcube Webmail flaw (..)

Data breaches 124

Data breaches Healthcare Cybercrime Hacking 124

Zero Day

JUNE 22, 2025

We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. Information may also be leaked  accidentally  by employees.

Passwords 101

Passwords Data breaches Password Management Accountability 101

Security Affairs

MAY 18, 2025

officials Shields up US retailers. US Government officials targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. Scattered Spider threat actors can target them U.S.

Data breaches 64

Data breaches Cybercrime Ransomware Cyber Attacks 64

SecureWorld News

JULY 10, 2025

Targeting the weakest links: third parties and open-source Supply chain attackers have learned that it's often easier to hack a trusted supplier than to attack a major enterprise head-on. This IT service partner hasn't enabled multi-factor authentication, or an employee at a supplier who falls for a phishing email.

Manufacturing 70

Manufacturing Software Energy and Utilities Risk 70

Krebs on Security

JULY 10, 2025

Authorities in the United Kingdom this week arrested four people aged 17 to 20 in connection with recent data theft and extortion attacks against the retailers Marks & Spencer and Harrods , and the British food retailer Co-op Group. KrebsOnSecurity has learned the identities of two of the suspects.

Cybercrime 245

Cybercrime Social Engineering Retail Mobile 245

Krebs on Security

JANUARY 30, 2025

In October 2024, the security firm Silent Push published a lengthy analysis of how Amazon AWS and Microsoft Azure were providing services to Funnull, a two-year-old Chinese content delivery network that hosts a wide variety of fake trading apps, pig butchering scams , gambling websites, and retail phishing pages.

Accountability 285

Accountability Scams Passwords Data collection 285

Security Affairs

JULY 14, 2025

Customers of French luxury retailer Louis Vuitton are being notified of a data breach affecting multiple countries, including the UK, South Korea, and Turkey. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, LVMH)

Data breaches 77

Data breaches Retail Ransomware Phishing 77

Zero Day

JUNE 20, 2025

We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. Information may also be leaked  accidentally  by employees.

Passwords 106

Passwords Data breaches Password Management Identity Theft 106

Security Affairs

APRIL 27, 2025

million patients Crooks exploit the death of Pope Francis WhatsApp introduces Advanced Chat Privacy to protect sensitive communications Android spyware hidden in mapping software targets Russian soldiers Crypto mining campaign targets Docker environments with new evasion technique The popular xrpl.js

Data breaches 66

Data breaches Spyware Malware Phishing 66

Security Affairs

MAY 11, 2025

billion in data privacy settlement Negotiations with the Akira ransomware group: an ill-advised approach Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, newsletter )

Spyware 64

Spyware DDOS Malware Ransomware 64

Krebs on Security

JULY 23, 2018

Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity. The basic model featured here retails for $20. a mobile device).

Phishing 254

Phishing Authentication Mobile Passwords 254

CyberSecurity Insiders

JULY 30, 2021

Cyber Security firm DarkTrace that uses the technology of Artificial Intelligence to track down cyber threats is nowadays busy protecting the computer network of British Fashion retailer Ted Baker. The post DarkTrace Cyber Protects Fashion retailer Ted Baker appeared first on Cybersecurity Insiders.

Retail 144

Retail Artificial Intelligence Cyber Attacks Cyber threats 144

Graham Cluley

MAY 9, 2024

The FBI has issued a warning to US retailers about a financially-motivated malicious hacking ring that has been targeting employees with phishing attacks in an attempt to create fraudulent gift cards. Read more in my article on the Tripwire State of Security blog.

Retail 139

Retail Phishing Hacking Data breaches 139

Security Affairs

MARCH 1, 2024

million from the European variety retail and discount company Pepco through a phishing attack. The Hungarian business of the European discount retailer Pepco Group has been the victim of a phishing attack, crooks stole about 15 million euros ($16.3 Crooks stole €15.5 million in cash, before any potential recovery.

Retail 136

Retail Banking Phishing Cyber Attacks 136

Krebs on Security

JULY 29, 2021

Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another. TARGETED PHISHING. Earlier this month, customers of the soccer jersey retailer classicfootballshirts.co.uk The targeted phishing message that went out to classicfootballshirts.co.uk customers this month.

Passwords 363

Passwords Phishing Password Management Scams 363

Bleeping Computer

MAY 8, 2024

The FBI warned retail companies in the United States that a financially motivated hacking group has been targeting employees in their gift card departments in phishing attacks since at least January 2024. [.]

Retail 110

Retail Phishing Hacking 110

Krebs on Security

APRIL 18, 2019

The crooks responsible for launching phishing campaigns that netted dozens of employees and more than 100 computer systems last month at Wipro , India’s third-largest IT outsourcing firm, also appear to have targeted a number of other competing providers, including Infosys and Cognizant , new evidence suggests. Image: urlscan.io.

Retail 264

Retail Phishing Antivirus Internet 264

Security Affairs

APRIL 15, 2023

The Brazilian retail arm of car manufacturing giant Volvo leaked sensitive files, putting its clientele in the vast South American country in peril. Volvo’s retailer in Brazil, Dimas Volvo, leaked sensitive files through its website. website, belonging to an independent Volvo retailer in the Santa Catarina region of Brazil.

Retail 98

Retail Manufacturing Passwords Accountability 98

Security Affairs

NOVEMBER 17, 2022

A China-based financially motivated group, tracked as Fangxiao, is behind a large-scale phishing campaign dating back as far as 2019. Researchers from Cyjax reported that a China-based financially motivated group, dubbed Fangxiao, orchestrated a large-scale phishing campaign since 2017. SecurityAffairs – hacking, phishing).

Phishing 133

Phishing Adware Retail Malware 133

Krebs on Security

APRIL 17, 2019

Six hours after my story ran saying Wipro was in the throes of responding to a breach, the company was quoted in an Indian daily newspaper acknowledging a phishing incident. I then asked when the company believed the phishing attacks began, and Ballapuram said he could not confirm the approximate start date of the attacks beyond “weeks.”

Data breaches 280

Data breaches Phishing Antivirus Retail 280

CyberSecurity Insiders

MAY 5, 2021

Researchers say that the campaign was launched by a hacking group named UNC2529 that might be connected to the state funded intelligence belonging to an Asian country. The first campaign started in December last year when the hackers sent phishing emails laced with malicious links to over 247 organizations hailing from US and APAC nations.

Phishing 120

Phishing Malware Education Retail 120

The Last Watchdog

FEBRUARY 3, 2021

It’s only February, and 2021 already is rapidly shaping up to be the year of supply-chain hacks. The SolarWinds hack came to light in mid-December and has since become a red hot topic in the global cybersecurity community. Video: What all companies need to know about the SolarWinds hack. Related: The quickening of cyber warfare.

Phishing 252

Phishing Hacking Accountability Social Engineering 252

SecureWorld News

NOVEMBER 29, 2021

At the same time you may have been browsing through assorted home items, an internal cyber attack plagued the retail company's security team. Malicious hackers used hijacked reply-chain emails to cause disruption through a phishing attack, according to a story broke by Bleeping Computer. This is what is known so far.

Phishing 98

Phishing Retail Cyber Attacks Ransomware 98

Adam Levin

NOVEMBER 17, 2020

It’s worth noting that there’s no reason a legitimate retailer would need that last one — the skeleton key to your identity — to process a purchase.). Shop at reputable and recognizable retailers. If you’re shopping at a retailer that is new to you, research the company’s standing on the Better Business Bureau website.

Scams 243

Scams Retail Banking Passwords 243

SC Magazine

JULY 13, 2021

A Guess retail store. Following news that noted fashion brand Guess suffered a data breach in which personal information may have been stolen, cybersecurity experts on Tuesday said that retailers should take this case as motivation to lock down their cyber defenses. N509FZ, CC BY-SA 4.0 link] , via Wikimedia Commons).

Ransomware 102

Ransomware Retail Hacking Digital transformation 102

Security Affairs

MAY 10, 2022

“Frappo” acts as a Phishing-as-a-Service and enables cybercriminals the ability to host and generate high-quality phishing pages which impersonate major online banking, e-commerce, popular retailers, and online-services to steal customer data. Detailed analysis of the Phishing-As-A-Service Frappo is available here: [link].

Phishing 102

Phishing Banking Retail Financial Services 102

Security Affairs

DECEMBER 17, 2019

LightInTheBox is a Chinese online retailer trading on the New York Stock Exchange, most of its customers are in North America and Europe. “Led by cybersecurity analysts Noam Rotem and Ran Locar, vpnMentor’s research team discovered a leak in a database belonging to the online retailer LightInTheBox.” Iran, hacking).

Retail 92

Retail InfoSec Data breaches Advertising 92

Security Affairs

MAY 12, 2024

Most of the victims are in the manufacturing, engineering and construction, and retail sectors. Recommendations provided in the report include installing updates promptly, using phishing-resistant multi-factor authentication (MFA), securing remote access software, making backups, and applying mitigations from the #StopRansomware Guide.

Ransomware 143

Ransomware Hacking Healthcare Cybercrime 143

Krebs on Security

AUGUST 12, 2018

” Organized cybercrime gangs that coordinate unlimited attacks typically do so by hacking or phishing their way into a bank or payment card processor. In both cases, the attackers managed to phish someone working at the Blacksburg, Virginia-based small bank.

Banking 240

Banking Accountability Phishing Authentication 240

Adam Levin

JULY 8, 2020

What would happen if you typed in “Amazon,” the corresponding domain popped up, and you clicked, but instead of finding the world’s largest online retailer, you landed on a 1980s WarGames-themed page with a laughing skull? ” Hacking campaigns exploiting poor domain name security can be more subtle.

Hacking 130

Hacking Cyber Insurance Retail Authentication 130

Adam Levin

MARCH 9, 2020

The retailer wasn’t alone. E-skimming is a hack. The code can be added by compromising a website’s server, via a phishing attack, exploiting a known software vulnerability, or luring a developer into using what seems like a legitimate plug-in or module for a website that includes the malicious code. It is cultural.

Retail 234

Retail Software Accountability Cyber threats 234

SecureWorld News

DECEMBER 15, 2022

Security researchers at Checkmarx and Illustria recently discovered a campaign in which a threat actor(s) managed to post over 144,000 phishing packages to popular open source platforms, including NPM, PyPi, and NuGet. The threat actors also used referral IDs to retail websites to benefit from referral rewards.

Phishing 94

Phishing Accountability Hacking Retail 94

Security Affairs

JANUARY 6, 2022

Credential stuffing attacks involve botnets trying stolen login credentials usually obtained through phishing attacks and data breaches. The study conducted by OAG lasted several months during which the experts monitored hacking communities and forums focused on credential stuffing. SecurityAffairs – hacking, credential stuffing).

Accountability 143

Accountability Retail Passwords Data breaches 143

Security Affairs

JUNE 12, 2019

At the time, FireEye and root9B published detailed reports about a series of attacks targeting the retail sector. “It is believed that the malware was deployed as a result of several phishing attempts.” ” Experts believe the attackers launched phishing attacks in the attempt of delivering PoS malware.

Hacking 107

Hacking Malware Advertising Antivirus 107

Security Affairs

AUGUST 14, 2020

The campaigns were classified as either phishing or malware. Phishing and Malware Q2 2020. The results depicted in Figure 1 show that phishing campaigns (84,5%) were more prevalent than malware (15,5%) during Q2 2020. From Figure 2, January presented a total of 15 phishing campaigns, 29 in February and 46 during March.

Threat Reports 145

Threat Reports Phishing Banking Data collection 145

Security Affairs

APRIL 20, 2020

Threat Report Portugal Q1 2020: Phishing and malware by numbers. The campaigns were classified as either phishing or malware. Phishing and Malware Q1 2020. The results depicted in Figure 1 show that phishing campaigns (57,7%) were more prevalent than malware (42,3%) during Q1 2020.

Threat Reports 137

Threat Reports Phishing Banking Malware 137