• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Press Release
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – Snake Keylogger’s Malware – Active IOCs
September 4, 2022
Rewterz Threat Alert – BlackCat Ransomware – Active IOCs
September 4, 2022

Rewterz Threat Update – Samsung Confirms A Second Data Breach This Year

September 4, 2022

Severity

High

Analysis Summary

Samsung today announced a fresh data breach after some of its US networks were compromised to obtain user data.

Following the incident in late July 2022, The Electronics giant discovered on August 4 that threat actors had gained access to its networks and exfiltrated consumer personal information.

The threat actors got access to the names, contacts, dates of birth, product registration data, and demographic information of Samsung consumers. At the same time, no Social Security or credit card details were compromised as a result of the security incident.

The company mentioned, 

On or around August 4, 2022, we determined through our ongoing investigation that personal information of certain customers was affected. We have taken actions to secure the affected systems, and have engaged a leading outside cybersecurity firm and are coordinating with law enforcement.” 

According to the company, the information disclosed for each relevant customer may differ, but they are notifying their impacted customers.

Samsung July data breach notification email

source

Samsung claims to have discovered the incident and taken steps to secure the affected systems. In addition, the corporation has recruited a prominent cybersecurity firm to examine the incident, which has been reported to law police.

The company advises its customers to:

  • Be wary of unsolicited communications that request personal information or direct you to a website that requests personal information.
  • Avoid clicking on links or downloading attachments from suspicious emails
  • Review your accounts for any unusual activity.

Samsung announced another data breach in March 2020 after becoming the target of an attack by the data extortion gang Lapsus$. Threat actors were able to steal private & confidential data.

The group released 190GB of purported Samsung data as evidence of the breach and claimed to have stolen a big trove of sensitive data from Samsung.

On its Telegram channel, the gang published a Torrent file with instructions for downloading the sample data and proclaimed its availability. 

On the recent incident, Samsung did not respond to a request for further information regarding the July data breach till yet.

Impact

  • Personal Information Theft

Remediations

  • The company recommends its affected customers to be wary of unsolicited communications that request personal information or direct you to a website that requests personal information.
  • Avoid clicking on links or downloading attachments from suspicious emails
  • Review your accounts for any suspicious activity.
  • Maintain cyber hygiene by updating your anti-virus software and implement patch management lifecycle.
  • Search for Indicator of compromise (IOCs) in your environment utilizing your respective security controls
  • Enforced Access Management Policies
  • Do not open emails and attachments from unknown or suspicious sources.
  • Enable two-factor authentication.
     
  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.