Connect with us

IT Industry

Massive Gift Card-Motivated Campaign Targets Victims with Commercially Available Tools

GlobeNewswire

Published

on

Reading Time: 2 minutes

SAN FRANCISCO, June 26, 2019 (GLOBE NEWSWIRE) — RiskIQ, the global leader in attack surface management, today published a threat intelligence report detailing its discovery of a sophisticated, far-ranging threat campaign using commercially available and open-source marketing tools to launch phishing attacks against an array of organizations, many of which deal with gift cards.

This threat group’s activities initially surfaced when investigative journalist Brian Krebs reported on the breach of IT supplier Wipro on his website “Krebs on Security,” explaining how Wipro’s IT systems were compromised and used to attack the company’s customers. However, RiskIQ data pointed to this attack being far from an isolated incident.

The report shows how the campaign is, in reality, a highly targeted and well-orchestrated operation with a reach that far exceeds the compromised infrastructure of Wipro and involves a long list of targets dating back to 2016. Although attribution cannot be confirmed, the group’s numerous concurrent attacks display hallmarks of some state-sponsored activity such as precision, organization, and, likely, a financial motive.

Infrastructure overlap in PDNS, WHOIS, and SSL certificate data sets allowed RiskIQ researchers to profile this group and surface and connect its infrastructure.

“With RiskIQ’s data-collection grid and unique external view of threat actor operations, we could piece together a more complete picture of this group and their attack campaigns, tools, and possible motives,” said Yonathan Klijnsma, Head Researcher at RiskIQ. “The sheer scale of the infrastructure involved in this campaign and the concerted effort to attack so many different organizations at once is both impressive and disturbing.”

Report highlights include:

  • The group leveraged widely used email marketing and analytics tools to create effective email phishing campaigns and appear legitimate to targets’ network security.
  • The group primarily targets major gift card retailers, distributors, and card processors.
  • With access to this gift card infrastructure, the attackers use money transfer services, clearinghouses, and other payment processing institutions to monetize.
  • One of the PowerShell scripts used by the group, BabySharkPro, is often associated with North Korean threat activity. However, this may have been a false flag put in place to mislead researchers.
  • Subsequent attacks on IT infrastructure organizations like Wipro represent broader targeting by the threat group likely in an attempt to widen its reach.

Download the full report here: https://www.riskiq.com/research/gift-cardsharks/

About RiskIQ

RiskIQ is the global leader in attack surface management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. With more than 75 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social, and mobile exposures. Trusted by thousands of security analysts, security teams, and CISOs, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk, and take action. Its software protects businesses, brands, and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners, and MassMutual Ventures.
Visit https://www.riskiq.com or follow us on Twitter. Try RiskIQ Community Edition for free by visiting https://www.riskiq.com/community/

© 2019 RiskIQ, Inc. All rights reserved. RiskIQ is a registered trademark of RiskIQ, Inc. in the United States and other countries. All other trademarks contained herein are the property of their respective owners.

Contact
Holly Hitchcock
Front Lines Media
805-801-9798
Holly@FrontLines.io

GlobeNewswire is one of the world's largest newswire distribution networks, specializing in the delivery of corporate press releases financial disclosures and multimedia content to the media, investment community, individual investors and the general public.

IT Industry

IDEX begins deliveries of its dual-interface sensor to world class electronics manufacturer

GlobeNewswire

Published

on

Reading Time: 1 minute

Oslo, Norway, 15 October 2019: IDEX Biometrics ASA, a leading provider of advanced fingerprint identification and authentication solutions, has received a purchase order and initiated production ramp preparations to fulfill a multi-year order commitment signed with a leading provider of global financial news and IT services, as announced in April this year.

As part of this multimillion-dollar commitment IDEX is supplying its dual-interface sensors to one of the world’s largest electronics manufacturing service companies in order to qualify their manufacturing process; a critical step in any ramp-up process.

Stan Swearingen, CEO of IDEX Biometrics comments: “This is an exciting time for IDEX as we gear up volume production with our partners in what will be a cutting-edge, secure access solution. We now expect a regular flow of purchase orders from this customer and look forward to being an integral part of the rollout of their enhanced biometric security solutions”.

For further information contact:
Stuart Hunt, Head of Investor Relations & Communications
+44 (0)1276 534 632

About IDEX Biometrics
IDEX Biometrics ASA (OSE: IDEX) is the leading provider of fingerprint identification technologies offering simple, secure and personal authentication for all. We help people make payments, prove their identity, gain access to information, unlock devices or gain admittance to buildings with the touch of a finger. We invent, engineer and commercialize these secure, yet incredibly user-friendly solutions. Our total addressable market represents a fast-growing multi-billion-unit opportunity.

For more information, visit www.idexbiometrics.com and follow @IDEXBiometrics

This information is subject to the disclosure requirements pursuant to section 5-12 of the Norwegian Securities Trading Act.

Continue Reading

IT Industry

Global e∙dentity™ files its third formal USPTO 37CFR1.290 request in six months against Apple AAPL (NASDAQ)

GlobeNewswire

Published

on

Reading Time: 1 minute

WILMINGTON, Del., Oct. 15, 2019 (GLOBE NEWSWIRE) — Global e∙dentity™, founded by Robert Adams, U.S. Navy veteran who along with the most amazing engineers & team, have developed and patented the next generation of identity protocol methods, has now filed its third 37CFR1.290 request with the USPTO within in six months against Apple; the formal third-party review request with the USPTO is in opposition to Apple newest patent application 16/262032 published on September 12, 2019. Adams stated that Global e∙dentity™ had “no choice, and once again, file a new third-party action with the USPTO in response to Apple’s latest published patent application.”  USPTO new third party filing is noted on the Global e·dentity™ website: https://www.globaledentity.com/third-party-review-uspto3/

Global e∙dentity™ was featured on Featured on KRON4 — San Francisco Bay Area’s Local TV www.globaledentity.com/2019/06/22/kron4-apple-intellectual-property-theft-and-patent-violations with regards the first of two third-party actions with the USPTO against Apple.  Adams continued, “We are indeed flattered that Apple has now filed, not one, not two, but now a third patent application based on our already patented technology 10,135,822 Biometric authentication of individuals utilizing characteristics of bone and blood vessel structures and its continuation patents.   Having said that, the key question remains: Why did Apple fail to inform the USPTO they had in their possession per their request, all of our trade secrets and provisional patent as early as March/April 2017 when negotiations started between representatives of Apple and Global e∙dentity?”

Global e·dentity™, is young well-funded tech start-up company with national security applications in mind; providing secure multi-factor biometric and digital identity solutions. For more information, visit www.globaledentity.com. Global e·dentity™ and product are either registered trademarks or trademarks of You are the ID ™ LLC in the United States and/or other countries.

For more information, press only: Sophia Miller  sophiam@globaledentity.com

Continue Reading

IT Industry

Digia Plc will publish its business review January-September 2019 on October 31, 2019

GlobeNewswire

Published

on

Reading Time: 1 minute

Digia Plc
Investor News
15 October 2019 at 09:00 am


Digia Plc will publish its business review January-September 2019 on Thursday 31 October at 8:00 am EET (GMT +2). After the publishing the report is available on: https://digia.com/en/investors/stock-exchange-releases/.

Timo Levoranta, President & CEO, and Kristiina Simola, CFO, will present the financial results in Finnish at an analyst and press conference in Helsinki on Thursday, October 31, 2019 at 11.00 am (EET). The conference will take place at Business Meeting Park in Helsinki (address: Forum, Mannerheimintie 20 B, 6th floor. Entrance from the glass corner of Mannerheimintie and Simonkatu).

The material and presentation for the event will be available from 11 am on October 31, 2019 in the Investors section of the company’s website: www.digia.com/en/investors/reports-and-presentations.

Digia Oyj
Timo Levoranta, CEO


Additional information:

Kristiina Simola, CFO, tel. +358 40 756 3132

Distribution:
Nasdaq Helsinki
Key media
digia.com

Digia is a software and service company that helps its customers renew themselves digitally. There are more than 1,200 of us working at Digia. Our roots are in Finland and we operate with our customers in Finland and abroad. world. We are building a world in which digitalisation makes a difference. Digia net sales were EUR 112.1 million in 2018. The company is listed on Nasdaq Helsinki (DIGIA). digia.com

Continue Reading

Font Resizer

Subscribe to PICANTE via Email

Enter your email address to subscribe to PICANTE and receive notifications of new posts by email.

Follow us on Facebook

Read more from our authors

Follow our Tweets

Trending

Please turn AdBlock off