Information Security, Malware and Retail

Chilean-based retail giant Cencosud hit by Egregor Ransomware

Security Affairs

NOVEMBER 15, 2020

Chilean-based retail giant Cencosud has suffered a ransomware attack that impacted operations at its stores, Egregor ransomware appears to be involved. A ransomware attack, allegedly launched by the Egregor ransomware gang, hit the Chilean-based retail giant Cencosud, the incident impacted operations at its stores. Pierluigi Paganini.

Retail

Retail Ransomware Media Malware

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Security Affairs

NOVEMBER 25, 2020

Retail giant Home Depot has agreed to a $17.5 The US largest home improvement retailer giant Home Depot agrees to $17.5 According to the US retailer the payment card information of approximately 40 million Home Depot consumers nationwide. Online customers were not impacted by the security breach. ” . .

Retail

Retail Data breaches Penetration Testing Password Management

TA547 targets German organizations with Rhadamanthys malware

Security Affairs

APRIL 12, 2024

Proofpoint researchers observed a threat actor, tracked as TA547, targeting German organizations with an email campaign delivering the Rhadamanthys malware. The security firm pointed out that this is the first TA547 group to use this malware family. The experts also discovered the attempts of using LLM in malware campaigns.

Malware

Malware Social Engineering Retail Engineering

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Montenegro is the Victim of a Cyberattack

Schneier on Security

SEPTEMBER 2, 2022

Government officials in the country of just over 600,000 people said certain government services remained temporarily disabled for security reasons and that the data of citizens and businesses were not endangered. Polovic said some retail tax collection was affected.

Retail

Retail Government Ransomware Information Security

Hacker stole credit cards from the website of Canada’s largest alcohol retailer LCBO

Security Affairs

JANUARY 15, 2023

The Canadian Liquor Control Board of Ontario (LCBO), the largest beverage alcohol retailer in the country, disclosed Magecart attack. Canadian Liquor Control Board of Ontario (LCBO), the largest beverage alcohol retailer in the country, disclosed a Magecart attack on January 10, 2023. Pierluigi Paganini.

Retail

Retail Mobile Passwords Hacking

New Agent Raccoon malware targets the Middle East, Africa and the US

Security Affairs

DECEMBER 3, 2023

Threat actors are using the Agent Raccoon malware in attacks against organizations in the Middle East, Africa and the U.S. The malware was used in attacks against multiple industries, including education, real estate, retail, non-profit organizations, telecom companies, and governments.

Malware

Malware DNS Retail Education

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware

Malware VPN Internet Internet

Retailer WH Smith discloses data breach after a cyberattack

Security Affairs

MARCH 2, 2023

Retailer WH Smith disclosed a data breach following a cyber attack, threat actors had access to access company data. Retailer WH Smith revealed that threat actors have breached its infrastructure and had access to the data of about 12,500 current and former employees.

Retail

Retail Data breaches Cyber Attacks Hacking

American retailer Guess discloses data breach after ransomware attack

Security Affairs

JULY 13, 2021

American clothing brand and retailer Guess discloses a data breach after the February ransomware attack and is notifying the affected customers. The company told BleepingComputer that threat actors had no access to customer payment card information and that the security breach did not have a material impact on operations or financial results.

Retail

Retail Data breaches Ransomware Identity Theft

Retail giant Target open sources Merry Maker e-skimmer detection tool

Security Affairs

FEBRUARY 4, 2022

Retail giant Target is going to open-source an internal tool, dubbed Merry Maker , designed to detect e-skimming attacks. Retail giant Target announced the release in open-source of an internal tool, dubbed Merry Maker , designed to detect e-skimming attacks. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Retail

Retail Cybersecurity Hacking Software

German laptop retailer fined €10.4m under GDPR for video-monitoring employees

Security Affairs

JANUARY 18, 2021

fine under GDPR against the online laptop and electronic goods retailer NBB for video-monitoring employees. million fine under the GDPR against an online laptop and electronic goods retailer NBB’s (notebooksbilliger.de) for video-monitoring employees for at least a couple of years. .” The post German laptop retailer fined €10.4m

Retail

Retail Surveillance Hacking Information Security

Exclusive: The largest mobile malware marketplace identified by Resecurity in the Dark Web

Security Affairs

DECEMBER 5, 2022

Resecurity has identified a new underground marketplace in the Dark Web oriented towards mobile malware developers and operators. “In the Box” dark web marketplace is leveraged by cybercriminals to attack over 300 financial institutions (FIs), payment systems, social media and online-retailers in 43 countries.

Mobile

Mobile Malware Banking Retail

New Lobshot hVNC malware spreads via Google ads

Security Affairs

MAY 1, 2023

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Researchers from Elastic Security Labs spotted a new remote access trojan dubbed LOBSHOT was being distributed through Google Ads. ” reads the report published by Elastic Security Labs.

Malware

Malware Cybercrime Banking Software

European firm DSIRF behind the attacks with Subzero surveillance malware

Security Affairs

JULY 28, 2022

Microsoft linked a private-sector offensive actor (PSOA) to attacks using multiple zero-day exploits for its Subzero malware. Microsoft states that multiple news reports have linked the company to the Subzero malware toolset used to hack a broad range of devices, phones, computers, and network and internet-connected devices.

Surveillance

Surveillance Malware Authentication DNS

Sysadmin of fake cybersecurity company sentenced to jail after billion-dollar crime spree

Hot for Security

APRIL 19, 2021

Notorious FIN7 gang stole payment card details from retailers around the world Cybercrime gang posed as penetration testing firm to recruit hackers. More details on how the malware operated can be read about in this technical paper by Bitdefender Labs. Gorman of the Western District of Washington. ”

Penetration Testing

Penetration Testing Retail Social Engineering Cybersecurity

Clop Ransomware gang claims to have stolen 2 million credit cards from E-Land

Security Affairs

DECEMBER 3, 2020

E-Land Retail suffered a ransomware attack, Clop ransomware operators claim to have stolen 2 million credit cards from the company. E-Land Retail is a South Korean conglomerate headquartered in Changjeon-dong Mapo-gu Seoul, South Korea. SecurityAffairs – hacking, malware). Credit cards CVV code is not included in Track 2 data.

Ransomware

Ransomware Retail Encryption Malware

TA544 group behind a spike in Ursnif malware campaigns targeting Italy

Security Affairs

OCTOBER 3, 2021

TA544 is a financially motivated threat actor that is active at least since 2017, it focuses on attacks on banking users, it leverages banking malware and other payloads to target organizations worldwide, mainly in Italy and Japan. ” reads the analysis published by Proofpoint. Banca Sella UniCredit Group. ” concludes the report.

Malware

Malware Banking Social Engineering Retail

Sugar Ransomware, a new RaaS in the threat landscape

Security Affairs

FEBRUARY 2, 2022

Cyber security team at retail giant Walmart dissected a new ransomware family dubbed Sugar, which implements a ransomware-as-a-service model. The cyber threat team at retail giant Walmart has analyzed a new ransomware family dubbed Sugar, which is offered through a ransomware-as-a-service (RaaS) model.

Ransomware

Ransomware Retail Malware Cyber threats

Sweden’s liquor supply severely impacted by ransomware attack on logistics company

Security Affairs

APRIL 25, 2024

Skanlog, a critical distributor for Systembolaget, the Swedish government-owned retail chain suffered a ransomware attack. It operates stores across Sweden and is responsible for the retail sale of wine, spirits, and strong beer. “It Systembolaget has a monopoly on the sale of alcoholic beverages containing more than 3.5%

Ransomware

Ransomware Retail Cyber Attacks Backups

Crooks leverage Zoom’s popularity in Coronavirus outbreak to serve malware

Security Affairs

MARCH 30, 2020

com to deliver malware. One way to do this is NOT to click on promotional links in emails, and instead, Google your desired retailer and click the link from the Google results page. The post Crooks leverage Zoom’s popularity in Coronavirus outbreak to serve malware appeared first on Security Affairs.

Malware

Malware Advertising Retail Architecture

Croatia government agencies targeted with news SilentTrinity malware

Security Affairs

JULY 7, 2019

Croatia government agencies have been targeted by unknown hackers with a new piece of malware tracked as SilentTrinity. A mysterious group of hackers carried out a series of cyber attacks against Croatian government agencies, infecting employees with a new piece of malware tracked as SilentTrinity. ” reads one of the alerts.

Government

Government Malware Computers and Electronics Advertising

Cactus ransomware gang claims the Schneider Electric hack

Security Affairs

JANUARY 30, 2024

Once the malware has escalated the privileges on a machine, the threat actors use a batch script to uninstall popular antivirus solutions installed on the machine. In early January, the Cactus ransomware group claimed to have hacked Coop, one of the largest retail and grocery providers in Sweden.

Ransomware

Ransomware Hacking Data breaches Digital transformation

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

MAY 12, 2024

Most of the victims are in the manufacturing, engineering and construction, and retail sectors. Some of the victims’ ransom payments were sent by both Conti and Black Basta groups to the gang behind the Qakbot malware. 61,9% of the victims are in the US, 15.8% in Germany, and 5.9%

Ransomware

Ransomware Hacking Healthcare Retail

Lumber Liquidators hit by malware attack that took down its network

Security Affairs

AUGUST 29, 2019

Lumber Liquidators, a leading specialty retailer of hard-surface flooring in North America, announced that a malware attack took down its network. North American hard-surface flooring retailer Lumber Liquidators revealed that it was victim of a security incident, a malware-based attack took down part of its network for nearly a week.

Malware

Malware Retail Advertising Mobile

Nodersok malware delivery campaign relies on advanced techniques

Security Affairs

SEPTEMBER 28, 2019

Microsoft researchers observed a campaign delivering malware, dubbed Nodersok, relying on advanced techniques and elusive network infrastructure. Microsoft experts observed a malware campaign, tracked as Nodersok, relying on advanced techniques and elusive network infrastructure. Pierluigi Paganini.

Malware

Malware Advertising Retail Healthcare

UScellular data breach: attackers ported customer phone numbers

Security Affairs

JANUARY 30, 2021

The company detected the security breach on January 6, 2021, and determined that the intrusion took place early this year, on January 4th, 2021. Then threat actors tricked UScellular employees working in retail stores into downloading and installing malicious software. ” reads the USCellular data breach notification.

Data breaches

Data breaches Wireless Retail Accountability

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Security Affairs

DECEMBER 11, 2020

Facebook has suspended some accounts linked to APT32 that were involved in cyber espionage campaigns to spread malware. Facebook has suspended several accounts linked to the APT32 cyberespionage that abused the platform to spread malware. APT32 also carried out watering hole attacks through compromised websites or their own sites.

Retail

Retail Malware Mobile Accountability

The Hidden Costs of an Information Security Breach

NopSec

SEPTEMBER 14, 2014

No industry is immune to IT security breaches and it seems that retailers have been in the spotlight of late. It will be interesting to see if courts decide whether the retailer was vigilant enough in protecting against known security vulnerabilities and allowing a significant breach to go on for multiple months undetected.

Information Security

Information Security Retail Cyber Attacks Data breaches

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Security Affairs

OCTOBER 6, 2021

Agent Tesla , first discovered in late 2014, is an extremely popular “malware-as-a-service” Remote Access Trojan (RAT) tool used by threat actors to steal information such as credentials, keystrokes, clipboard data and other information from its operators’ targets. SecurityAffairs – hacking, malware).

Cyber threats

Cyber threats Engineering Financial Services Malware

Android devices shipped with backdoored firmware as part of the BADBOX network

Security Affairs

OCTOBER 8, 2023

Human Security identified a supply chain of a Chinese manufacturer that was compromised to backdoor the firmware of several products delivered to resellers, physical retail stores and e-commerce warehouses. “Unfortunately, BADBOX-infected devices are unsalvageable by an average user. ” concludes the report.

Firmware

Firmware Mobile Malware Retail

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

Security Affairs

FEBRUARY 19, 2024

Once the malware has escalated the privileges on a machine, the threat actors use a batch script to uninstall popular antivirus solutions installed on the machine. In early January, the Cactus ransomware group claimed to have hacked Coop, one of the largest retail and grocery providers in Sweden.

Ransomware

Ransomware Digital transformation Retail Antivirus

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Security Affairs

MAY 22, 2024

Once the malware has escalated the privileges on a machine, the threat actors use a batch script to uninstall popular antivirus solutions installed on the machine. In early January, the Cactus ransomware group claimed to have hacked Coop, one of the largest retail and grocery providers in Sweden.

Data breaches

Data breaches Ransomware Manufacturing Encryption

Security Affairs newsletter Round 403 by Pierluigi Paganini

Security Affairs

JANUARY 22, 2023

PoC Exploit for CVE-2022-47966 will be released soon Fortinet observed three rogue PyPI packages spreading malware Managing Asset Risks During Healthcare M&As Avast researchers released a free BianLian ransomware decryptor for some variants of the malware Experts spotted a backdoor that borrows code from CIA’s Hive malware T95 Android TV Box sold (..)

Data breaches

Data breaches Retail Malware VPN

Threat Report Portugal: Q4 2020

Security Affairs

JANUARY 26, 2021

Threat Report Portugal Q4 2020: Data related to Phishing and malware attacks based on the Portuguese Abuse Open Feed 0xSI_f33d. The submissions were classified as either phishing or malware. Phishing and Malware Q4 2020. A new piece of malware was also tracked and analyzed during Q3 and active in Q4 – trojan URSA/mispadu.

Threat Reports

Threat Reports Phishing Malware Banking

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

In contrast, past Dudear email campaigns carried the malware as attachment or used malicious URLs. pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. Pierluigi Paganini.

Malware

Malware Security Intelligence Banking Phishing

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Security Affairs

DECEMBER 1, 2023

.” Most of the victims are in the manufacturing, engineering and construction, and retail sectors. Some of the victims’ ransom payments were sent by both Conti and Black Basta groups to gang behind the Qakbot malware. The malware spreads via malspam campaigns, it inserts replies in active email threads.

Ransomware

Ransomware Retail Malware Insurance

Threat Report Portugal: Q2 2020

Security Affairs

AUGUST 14, 2020

The campaigns were classified as either phishing or malware. This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipating emerging threats, and manage security awareness in a better way. Phishing and Malware Q2 2020. Malware by Numbers.

Threat Reports

Threat Reports Phishing Banking Malware

The Five-Step PCI DSS 4.0 Transition Checklist

CyberSecurity Insiders

JANUARY 6, 2023

Census Bureau’s latest  Annual Retail Trade Survey  reports e-commerce expenditures rose from $571.2 Test security of systems and networks regularly. Support information security within organizational policies and programs. In fact, the U.S. billion in 2019 to $815.4 billion in 2020, a 43% increase.

Antivirus

Antivirus Retail Software Accountability

Threat Report Portugal: Q3 & Q4 2022

Security Affairs

APRIL 6, 2023

The submissions were classified as either phishing or malware. This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipate emerging threats, and manage security awareness in a better way. For more information about the Qakbot TTPs check below the full analysis.

Threat Reports

Threat Reports Phishing Malware Banking

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 3, 2023

This Is What Will Change When You Sign On Growing use of AI in cybersecurity reveals new possibilities Are Software Updates Useless Against Advanced Persistent Threats?

Social Engineering

Social Engineering Spyware Data breaches Surveillance

Staples discloses data breach exposing customer order data

Security Affairs

SEPTEMBER 14, 2020

Giant office retail company Staples disclosed a data breach, threat actors accessed some of its customers’ order data. Staples, the office retail giant, disclosed a data breach, it notified its customers that their order data have been accessed by threat actors without authorization.

Data breaches

Data breaches Retail Identity Theft Advertising

Threat Report Portugal: Q2 2021

Security Affairs

JULY 22, 2021

The submissions were classified as either phishing or malware. This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipating emerging threats, and manage security awareness in a better way. Phishing and Malware Q2 2021. Malware by Numbers.

Threat Reports

Threat Reports Phishing Malware Banking

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 21, 2024

Automotive Industry Chinese Organized Crime’s Latest U.S.

Data breaches

Data breaches Phishing Ransomware Malware

Threat Report Portugal: Q4 2021

Security Affairs

FEBRUARY 20, 2022

The submissions were classified as either phishing or malware. This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipate emerging threats, and manage security awareness in a better way. Phishing and Malware Q4 2021. Malware by Numbers. in Q3 2021.

Threat Reports

Threat Reports Phishing Banking Malware

Chilean-based retail giant Cencosud hit by Egregor Ransomware

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Webinars

Trending Sources

TA547 targets German organizations with Rhadamanthys malware

Webinars

Montenegro is the Victim of a Cyberattack

Hacker stole credit cards from the website of Canada’s largest alcohol retailer LCBO

New Agent Raccoon malware targets the Middle East, Africa and the US

Who and What is Behind the Malware Proxy Service SocksEscort?

Retailer WH Smith discloses data breach after a cyberattack

American retailer Guess discloses data breach after ransomware attack

Retail giant Target open sources Merry Maker e-skimmer detection tool

German laptop retailer fined €10.4m under GDPR for video-monitoring employees

Exclusive: The largest mobile malware marketplace identified by Resecurity in the Dark Web

New Lobshot hVNC malware spreads via Google ads

European firm DSIRF behind the attacks with Subzero surveillance malware

Sysadmin of fake cybersecurity company sentenced to jail after billion-dollar crime spree

Clop Ransomware gang claims to have stolen 2 million credit cards from E-Land

TA544 group behind a spike in Ursnif malware campaigns targeting Italy

Sugar Ransomware, a new RaaS in the threat landscape

Sweden’s liquor supply severely impacted by ransomware attack on logistics company

Crooks leverage Zoom’s popularity in Coronavirus outbreak to serve malware

Croatia government agencies targeted with news SilentTrinity malware

Cactus ransomware gang claims the Schneider Electric hack

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Lumber Liquidators hit by malware attack that took down its network

Nodersok malware delivery campaign relies on advanced techniques

UScellular data breach: attackers ported customer phone numbers

Facebook links cyberespionage group APT32 to Vietnamese IT firm

The Hidden Costs of an Information Security Breach

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Android devices shipped with backdoored firmware as part of the BADBOX network

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Security Affairs newsletter Round 403 by Pierluigi Paganini

Threat Report Portugal: Q4 2020

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Threat Report Portugal: Q2 2020

The Five-Step PCI DSS 4.0 Transition Checklist

Threat Report Portugal: Q3 & Q4 2022

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

Staples discloses data breach exposing customer order data

Threat Report Portugal: Q2 2021

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

Threat Report Portugal: Q4 2021

Stay Connected