Recorded Future – Page 7 – WindowsTechs.com

Ransomware gang Egregor publishes details from HR firm Randstand following hack

Posted on December 4, 2020 by Sean Lyngaas

A cybercriminal group breached the IT systems of Randstad, one of the largest head-hunting companies in the world, and published some internal corporate data in an apparent extortion attempt, the firm said Thursday. Netherlands-based Randstad pointed the finger at the criminal gang behind Egregor, a nascent type of ransomware that’s struck multiple organizations in recent weeks. The attackers gained access “to our global IT environment and to certain data, in particular related to our operations in the US, Poland, Italy and France,” Randstad said in a press release. “A limited number of servers were impacted.” Randstad, which employed more than 38,000 people last year and reported more than $28 billion in revenue, said it was still identifying what data had been accessed. Law enforcement and third-party investigators are also involved in the matter, the company said. “We believe the incident started with a phishing email that initiated malicious software to […]

The post Ransomware gang Egregor publishes details from HR firm Randstand following hack appeared first on CyberScoop.

Continue reading Ransomware gang Egregor publishes details from HR firm Randstand following hack→

Malware activity spikes 128%, Office document phishing skyrockets

Posted on November 13, 2020 by Help Net Security

Nuspire released a report, outlining new cybercriminal activity and tactics, techniques and procedures (TTPs) throughout Q3 2020, with additional insight from Recorded Future. Threat actors becoming even more ruthless The report demonstrates threat act… Continue reading Malware activity spikes 128%, Office document phishing skyrockets→

Experts Weigh in on E-Commerce Security Amid Snowballing Threats

Posted on October 28, 2020 by Becky Bracken

How a retail sector reeling from COVID-19 can lock down their online systems to prevent fraud during the upcoming holiday shopping spike. Continue reading Experts Weigh in on E-Commerce Security Amid Snowballing Threats→

Android ransomware authors have a new trick to go with an old shakedown technique

Posted on October 8, 2020 by Sean Lyngaas

Mobile ransomware scams — in which crooks lock your phone and demand money — are nothing new. But they are getting more clever as cybercriminals find new ways to circumvent security. The latest example is a ransomware scheme targeting Android phones that Microsoft made public Thursday. According to the research, the malicious code gets around security checks that Google, which owns Android, has instituted against previous ransomware kits. Instead of abusing a permission feature that controls what apps can do on the phone, as other mobile ransomware scams have, this one triggers an incoming call notice to display the ransom note. It’s “the latest variant of a ransomware family that’s been in the wild for a while but has been evolving non-stop,” Dinesh Venkatesan, a Microsoft researcher, wrote in a blog. Mobile ransomware generally isn’t as profitable as ransomware attacks on PCs or enterprise networks. But Allan Liska, an analyst at threat […]

The post Android ransomware authors have a new trick to go with an old shakedown technique appeared first on CyberScoop.

Continue reading Android ransomware authors have a new trick to go with an old shakedown technique→

Public disclosure didn’t stop suspected Chinese hackers from targeting the Vatican

Posted on September 15, 2020 by Shannon Vavra

Hackers with suspected ties to the Chinese government kept up their operations in the weeks after they were caught targeting the Vatican, according to Recorded Future findings published Tuesday. Recorded Future researchers first called out the hacking group’s focus on the Vatican and Hong Kong’s Catholic Diocese in July, after which the hackers appeared to briefly pause their activity, in a likely effort to evade detection. But within two weeks, the hackers, known as RedDelta, had resumed their activities, aiming to infiltrate mail servers of the Vatican and the Hong Kong Catholic Diocese, researchers said. “This is indicative of RedDelta’s persistence in maintaining access to these environments for gathering intelligence, in addition to the group’s aforementioned high risk tolerance,” the researchers write in a blog post on the matter. China has long had an interest in collecting intelligence on religious groups in the region, and in particular on Catholics, ever since the Vatican […]

The post Public disclosure didn’t stop suspected Chinese hackers from targeting the Vatican appeared first on CyberScoop.

Continue reading Public disclosure didn’t stop suspected Chinese hackers from targeting the Vatican→

Microsoft Patch Tuesday, Sept. 2020 Edition

Posted on September 8, 2020 by BrianKrebs

Microsoft today released updates to remedy nearly 130 security vulnerabilities in its Windows operating system and supported software. None of the flaws are known to be currently under active exploitation, but 23 of them could be exploited by malware or malcontents to seize complete control of Windows computers with little or no help from users. Continue reading Microsoft Patch Tuesday, Sept. 2020 Edition→

Ransomware hits two state-run organizations in the Middle East and North Africa

Posted on September 4, 2020 by Sean Lyngaas

A strain of ransomware designed to disrupt computers’ booting processes hit government-run organizations in the Middle East and North Africa in July, researchers said Friday, in the latest example of data-wiping tools being aimed at key organizations in the region. The ransomware attacks used Thanos, a type of malware that surfaced earlier this year and has gained traction on underground forums, according to analysts at Palo Alto Networks. In an increasingly popular tactic among ransomware gangs, Thanos is sold “as a service” to other hackers interested in deploying it. That can make the attacks harder to trace, and allow users to develop their own custom features. The motives behind the attacks are mysterious. A hacker interested in getting paid typically doesn’t disrupt a machine to make it harder for a victim to hand over the ransom. Yet that’s exactly what the perpetrators of the July attacks attempted to do: Their […]

The post Ransomware hits two state-run organizations in the Middle East and North Africa appeared first on CyberScoop.

Continue reading Ransomware hits two state-run organizations in the Middle East and North Africa→

‘Wormable’ Flaw Leads July Microsoft Patches

Posted on July 14, 2020 by BrianKrebs

Microsoft today released updates to plug a whopping 123 security holes in Windows and related software, including fixes for a critical, “wormable” flaw in Windows Server versions that Microsoft says is likely to be exploited soon. While this particular weakness mainly affects enterprises, July’s care package from Redmond has a little something for everyone. So if you’re a Windows (ab)user, it’s time once again to back up and patch up (preferably in that order). Continue reading ‘Wormable’ Flaw Leads July Microsoft Patches→

In Brazil, scammers see the coronavirus as a serious money-making opportunity

Posted on July 8, 2020 by Sean Lyngaas

Brazilian President Jair Bolsonaro’s critics say he hasn’t taken the impact of the coronavirus seriously. The same can’t be said for Brazil’s cybercriminals. As deaths from the virus have surged past 66,000 in Brazil, scammers have set up new infrastructure to dupe people who are desperate for relief, and have set up bank accounts in their names. At a time when even more people in South America’s biggest country are glued to their phones or computers, Brazil’s already-flourishing cybercriminal economy has been busy. “Scam operations have been highly effective in Brazil, from the first announcement of the government assistance program,” Jefferson Macedo, managing consultant on IBM’s X-Force security team, told CyberScoop. IBM has uncovered nearly 700 malicious websites related to COVID-19, the disease caused by the virus, in recent months. The crooks are impersonating government apps used to sign up for financial relief and sending people a flurry of text […]

The post In Brazil, scammers see the coronavirus as a serious money-making opportunity appeared first on CyberScoop.

Continue reading In Brazil, scammers see the coronavirus as a serious money-making opportunity→

Magecart-related group hits 570 websites, taking 184,000 card numbers

Posted on July 7, 2020 by Jeff Stone

Hackers who targeted 570 e-commerce sites to steal customer financial information compromised more than 180,000 payment cards as part of a covert fraud effort, according to new research analysis. The group, known as “Keeper,” inserted malicious computer code onto the sites, typically by exploiting weaknesses in technology provided by the sites’ third-party software suppliers. The attack technique, broadly known as Magecart, has struck many thousands of merchants in recent years, ranging from British Airways and NurtiBullet to smaller stores. Gemini Advisory, a threat intelligence startup that scans criminal forums for stolen payment card data, announced the latest campaign in a report published Tuesday. Since April 2017, the Keeper group has aimed to infect 570 websites based in 55 countries, most often in the U.S., U.K. and the Netherlands. Researchers found an unsecured access log belonging to the Keeper group containing 184,000 compromised payment cards from between July 2018 until April […]

The post Magecart-related group hits 570 websites, taking 184,000 card numbers appeared first on CyberScoop.

Continue reading Magecart-related group hits 570 websites, taking 184,000 card numbers→