Tag: BANK

10 Most Historic Cyber Attacks That Changed the Internet World
This article discusses the evolution of cyber warfare through historical cyberattacks, emphasizing the importance of cybersecurity in the digital age. It highlights ten significant cyber incidents that have shaped our understanding of digital security, the lessons learned, and the ongoing threats organizations face today. Affected: organizations, government, healthcare, energy, transportation, technology sector

Keypoints :

Cyberattacks are malicious attempts to steal, damage, or disrupt computer systems and data.…
Read More

Victim: MassDevelopment Country : US Actor: bianlian Source: http://bianlianlbc5an4kgnay3opdemgcryg2kpfcbgczopmm3dnbz3uaunad.onion/companies/massdevelopment.com/ Discovered: 2025-01-18 11:58:56.070595 Published: 2025-01-18 11:58:56.070595 Description : MassDevelopment, the state’s development finance agency and land bank, collaborates with businesses, nonprofit organizations, banks, and communities to promote economic growth.

Ransomware Victims – ALL | Other Victims by bianlian

Understanding the Context of MassDevelopment About the Victim: MassDevelopment MassDevelopment is the state’s development finance agency and land bank.…
Read More
If you think you blocked NTLMv1 in your org, think again
Silverfort has uncovered a significant misconfiguration in Active Directory Group Policy that allows NTLMv1 authentications to persist despite attempts to disable it. This flaw poses a security risk for organizations using on-prem applications, as attackers can exploit this vulnerability to gain unauthorized access. Affected: Active Directory, NTLMv1

Keypoints :

Silverfort’s research reveals a misconfiguration in Group Policy that allows NTLMv1 authentications to continue.…
Read More
Summary: The Middle East is experiencing a surge in sophisticated real estate scams that exploit digital platforms, particularly targeting expatriates and newcomers. Scammers utilize fraudulent advertisements and manipulated rental agreements to deceive victims, often resulting in significant financial losses. Group-IB’s report highlights the operational scale of these scams and emphasizes the need for enhanced fraud detection and proactive measures by organizations.…
Read More
In Other News: Lawsuits and Settlements, CrowdStrike Phish, MITRE’s D3FEND 1.0 
Summary: This week’s cybersecurity news roundup highlights significant developments in the field, including new tools, vulnerabilities, and legal actions involving major companies. Key stories include the launch of MITRE’s D3FEND 1.0, a phishing campaign targeting CrowdStrike, and various lawsuits related to data breaches. The roundup emphasizes the evolving landscape of cyber threats and the ongoing efforts to enhance security measures.…
Read More
Summary: Michael Scheuer, a former Disney employee, pleaded guilty to hacking Disney’s computer network to alter food menus, endangering guests with false allergen information. In a separate case, Alexandru Ionut Gheorghe and Marian Aurelian Neacsu were charged with using skimming devices to steal bank card data, resulting in significant financial losses.…
Read More
Wultra Raises €3 Million for Post-Quantum Authentication
Summary: Wultra, a Czech startup specializing in authentication solutions, has raised €3 million (~$3.1 million) in seed funding to enhance its post-quantum technology. The company aims to provide secure authentication methods that can withstand future quantum threats, catering primarily to banks and fintech companies. With plans for expansion into Southeast Asia and the opening of a Singapore office, Wultra is positioned to lead in quantum-resistant security solutions.…
Read More
Label giant Avery says website hacked to steal credit cards
Summary: Avery Products Corporation has reported a data breach resulting from a hack on their website, which compromised customers’ credit card and personal information. The breach occurred between July 18, 2024, and December 9, 2024, affecting over 61,000 customers. Avery is offering free credit monitoring services to those impacted and has set up a dedicated assistance line for inquiries related to the incident.…
Read More
Wultra Raises €3 Million for Post-Quantum Authentication
Summary: This week’s cybersecurity news roundup highlights significant developments, including vulnerabilities, data breaches, and geopolitical implications involving major companies and organizations.

Threat Actor: Natohub, Silk Typhoon | Natohub, Silk Typhoon Victim: International Civil Aviation Organization, Bank of America, Green Bay Packers | International Civil Aviation Organization, Bank of America, Green Bay Packers

Key Point :

The US Defense Department has linked Tencent and CATL to the Chinese military.…
Read More
Medical billing firm Medusind discloses breach affecting 360,000 people
Summary: Medusind, a healthcare billing provider, has reported a data breach affecting over 360,000 individuals, exposing sensitive personal and health information. The breach was detected in December 2023, and the company is offering affected individuals two years of free identity monitoring services.

Threat Actor: Cybercriminals | cybercriminals Victim: Medusind | Medusind

Key Point :

The breach exposed personal and health information, including health insurance details, payment information, and government IDs.…
Read More
Thousands of credit cards stolen in Green Bay Packers store breach
Summary: The Green Bay Packers reported a cyber breach that compromised the credit card data of over 8,500 customers through their Pro Shop online store. The incident involved a credit card skimmer that harvested sensitive information during the checkout process.

Threat Actor: Cybercriminals | cybercriminals Victim: Green Bay Packers | Green Bay Packers

Key Point :

Over 8,500 customers had their credit card information stolen due to a breach in the Packers’ Pro Shop website.…
Read More
Cyber Briefing: January 7, 2025
This article discusses various recent cyber threats and incidents, including advanced backdoor attacks targeting AI models, data-stealing plugins, critical vulnerabilities in routers, and cyber espionage campaigns. It highlights the need for vigilance and updated security measures across multiple sectors. Affected Platform: Android, WordPress, Discord, various routers, telecommunications companies

Keypoints :

BARWM is a new backdoor attack method targeting deep learning models on mobile devices.…
Read More
Green Bay Packers’ online store hacked to steal credit cards
Summary: The Green Bay Packers have reported a security breach involving their online retail store, where a threat actor injected a card skimmer script to steal customers’ personal and payment information. The team has since disabled payment capabilities and initiated an investigation into the incident.

Threat Actor: Unknown | unknown Victim: Green Bay Packers | Green Bay Packers

Key Point :

The breach occurred between late September and October 2024, affecting customers who used specific payment options.…
Read More
China Protests US Sanctions for Its Alleged Role in Hacking, Complains of Foreign Hacker Attacks
Summary: The U.S. Treasury has sanctioned the Beijing-based cybersecurity firm Integrity Technology Group for its alleged involvement in hacking incidents targeting critical U.S. infrastructure, prompting a strong denial and condemnation from China. Chinese officials assert that the U.S. is misrepresenting the situation to defame China while also reporting cyberattacks on its own networks.…
Read More
Weekly Phishing Email Distribution Cases (2024/12/22~2024/12/28) – ASEC
This article provides information on phishing email attacks observed from December 22 to December 28, 2024, detailing email subjects, attachments, and URLs. It distinguishes between fake login pages and malware types, including information stealers and downloaders. The phishing emails discussed contain attachments, with the numbers in the email subjects and attachment names typically serving as unique IDs that may vary by recipient.…
Read More

Summary: Argentina’s airport security police (PSA) experienced a cyberattack that compromised personal and financial data, leading to unauthorized deductions from employees’ salaries. The breach is believed to have exploited a vulnerability in Banco Nación’s systems, raising concerns about internal accomplices and the motivations behind the attack.…
Read More

Summary: In 2024, cyber threats targeting SaaS platforms surged dramatically, with significant increases in password attacks and phishing attempts resulting in billions in losses. Security teams must prioritize risk assessments and adopt monitoring tools to defend against evolving threats from notable cybercriminals.

Threat Actor: ShinyHunters | ShinyHunters Victim: Snowflake | Snowflake

Key Point :

ShinyHunters exploited a misconfiguration to breach over 165 organizations, emphasizing the importance of proper security measures.…
Read More