FIN7 – Page 6 – WindowsTechs.com

Lord & Taylor & Saks customers payment cards stolen, sold on Dark Web

Posted on April 2, 2018 by Carolina

By Carolina
Apparently, FIN7 hackers are behind the breach – The same
This is a post from HackRead.com Read the original post: Lord & Taylor & Saks customers payment cards stolen, sold on Dark Web
Continue reading Lord & Taylor & Saks customers payment cards stolen, sold on Dark Web→

FIN7 Spear Phishing Attacks Now Aim At Avoiding Detection

Posted on October 24, 2017 by Uzair Amir

By Uzair Amir
The FIN7 hacking group has been targeting organizations from the
This is a post from HackRead.com Read the original post: FIN7 Spear Phishing Attacks Now Aim At Avoiding Detection
Continue reading FIN7 Spear Phishing Attacks Now Aim At Avoiding Detection→

Fin7 weaponization of DDE is just their latest slick move, say researchers

Posted on October 16, 2017 by Shaun Waterman

When cybercrime gang FIN7 weaponized a new attack vector against Microsoft applications within a day of it being published last week, it was just the latest slick move from a threat group who’ve been consistently one step ahead of cyber defenders. A timeline of different attack vectors used by the group compiled by Morphisec researchers shows that FIN7 typically adopts a new technique within “a couple of days” of an attack being discovered, once the number of security solutions that detect it gets into double figures. The Morphisec researchers analyzed scoring of FIN7 attachment lures by VirusTotal — a service that scans files and tests them against 56 kinds of security software. “A look at Virus Total scoring reveals that when a FIN7 campaign is first active, is goes mostly undetected by security solutions. The malicious documents do not score more than 1-3 detections. Within a couple of days, security solutions update their patterns and […]

The post Fin7 weaponization of DDE is just their latest slick move, say researchers appeared first on Cyberscoop.

Continue reading Fin7 weaponization of DDE is just their latest slick move, say researchers→

Cybercriminals hijacked a government server to send sophisticated malware to U.S. companies

Posted on October 11, 2017 by Chris Bing

A Eastern European hacking group hijacked U.S. state government servers to dispense malware through phishing emails that were designed to appear like they had come from the Securities and Exchange Commission, according to research by Cisco’s Talos team and an analysis by other cybersecurity experts familiar with the activity. The technical findings connect a known advanced persistent threat (APT) group, codenamed FIN7 by U.S. cybersecurity firm FireEye, to a sophisticated intrusion technique that was detected in a recent wave of spoofed emails that mimicked the SEC’s domain. The messages carried malware-laden Microsoft Word documents mentioning financial disclosure information from the EDGAR system. FIN7 is believed to represent a eastern European criminal enterprise that speaks Russian and operates internationally. Emails tied to this campaign were “highly targeted” and only sent to a small, select group of U.S. businesses in several different industry sectors, including finance, insurance and information technology, said Craig Williams, a senior […]

The post Cybercriminals hijacked a government server to send sophisticated malware to U.S. companies appeared first on Cyberscoop.

Continue reading Cybercriminals hijacked a government server to send sophisticated malware to U.S. companies→

FIN7 Hitting Restaurants with Fileless Malware

Posted on June 13, 2017 by Tom Spring

A campaign attributed to the FIN7 attackers targets restaurants with phishing emails and infected RTF Word documents that carry out fileless malware attacks. Continue reading FIN7 Hitting Restaurants with Fileless Malware→

Carbanak Attackers Devise Clever New Persistence Trick

Posted on May 5, 2017 by Tom Spring

Hackers behind the Carbanak criminal gang have devised a clever way to gain persistence on targeted systems to more effectively pull off financially motivated crimes. Continue reading Carbanak Attackers Devise Clever New Persistence Trick→

This elite cybercrime group is wreaking havoc on the U.S. restaurant industry

Posted on May 3, 2017 by Chris Bing

A sophisticated hacking group with suspected ties to cybercrime gangs operating in Eastern Europe is now actively targeting and breaching prominent, brand name restaurants in the U.S. A recently disclosed data breach suffered by Mexican fast food restaurant Chipotle was carried out by hackers linked to a group known as FIN7 or Carbanak Group, CyberScoop has learned. In addition to Chipotle, the hackers appears to be targeting national restaurant franchises Baja Fresh and Ruby Tuesday, according to malware samples and other evidence CyberScoop obtained. More than 20 U.S.-based hospitality companies — a combination of hotels and restaurants — have been successfully hacked by FIN7 since the summer of 2016, two cybersecurity researchers told CyberScoop on the condition of anonymity in order to speak freely regarding ongoing investigations. On February 22, a phishing email carrying an attachment titled “Payment overdue.eml” was sent to an email account associated with a Chipotle location […]

The post This elite cybercrime group is wreaking havoc on the U.S. restaurant industry appeared first on Cyberscoop.

Continue reading This elite cybercrime group is wreaking havoc on the U.S. restaurant industry→

Fileless Malware Campaigns Tied to Same Attacker

Posted on March 16, 2017 by Michael Mimoso

Two recent fileless malware campaigns targeting financial institutions, government agencies and other enterprises have been linked to the same attack group. Continue reading Fileless Malware Campaigns Tied to Same Attacker→