Analysis, Manufacturing and Ransomware - Information Management Today

Researchers Quietly Cracked Zeppelin Ransomware Keys

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. There are multiple examples of ransomware groups doing just that after security researchers crowed about finding vulnerabilities in their ransomware code. ” they wrote.

Ransomware

Ransomware Encryption Manufacturing Phishing

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Security Affairs

APRIL 16, 2024

The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company. The Dark Angels (Dunghill) ransomware group claims responsibility for hacking chipmaker Nexperia and stealing 1 TB of the company’s data. The chipmaker has 14,000 employees as of 2024.

Ransomware

Ransomware Manufacturing Insurance Cybersecurity

8Base ransomware operators use a new variant of the Phobos ransomware

Security Affairs

NOVEMBER 19, 2023

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the Phobos ransomware in recent attacks. The ransomware component is then decrypted and loaded into the SmokeLoader process’ memory.

Ransomware

Ransomware Encryption Metadata Manufacturing

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks against organizations across multiple industry sectors. ” reads the joint advisory.

Ransomware

Ransomware Manufacturing Education Passwords

New Linux Ransomware BlackSuit is similar to Royal ransomware

Security Affairs

JUNE 3, 2023

Experts noticed that the new Linux ransomware BlackSuit has significant similarities with the Royal ransomware family. Royal ransomware is one of the most notable ransomware families of 2022, it made the headlines in early May 2023 with the attack against the IT systems in Dallas, Texas. Extension: blacksuit.

Ransomware

Ransomware Encryption File names Cybersecurity

Experts spotted a variant of the Agenda Ransomware written in Rust

Security Affairs

DECEMBER 19, 2022

Researchers spotted a new variant of the Agenda ransomware which is written in the cross-platform programming language Rust. Trend Micro researchers have spotted a new variant of the Agenda ransomware (aka Qilin) that is written in Rust Language. ” reads the analysis published by Trend Micro. AGENDA.THIAFBB.”

Ransomware

Ransomware Encryption Passwords Education

Breakdown of a Break-in: A Manufacturer's Ransomware Response

Dark Reading

NOVEMBER 16, 2020

The analysis of an industrial ransomware attack reveals common tactics and proactive steps that businesses can take to avoid similar incidents.

Manufacturing

Manufacturing Ransomware

RansomExx Ransomware upgrades to Rust programming language

Security Affairs

NOVEMBER 24, 2022

RansomExx ransomware is the last ransomware in order of time to have a version totally written in the Rust programming language. The operators of the RansomExx ransomware (aka Defray777 and Ransom X) have developed a new variant of their malware, tracked as RansomExx2, that was ported into the Rust programming language.

Ransomware

Ransomware Encryption Manufacturing Government

Holy Ghost ransomware operation is linked to North Korea

Security Affairs

JULY 15, 2022

Microsoft researchers linked the Holy Ghost ransomware (H0lyGh0st) operation to North Korea-linked threat actors. The Microsoft Threat Intelligence Center (MSTIC) researchers linked the activity of the Holy Ghost ransomware (H0lyGh0st) operation to a North Korea-linked group they tracked as DEV-0530.

Ransomware

Ransomware Encryption Government Manufacturing

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Security Affairs

DECEMBER 1, 2023

The Black Basta ransomware gang infected over 300 victims accumulating ransom payments exceeding $100 million since early 2022. The Black Basta ransomware group has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. ” reads the Elliptic’s report.

Ransomware

Ransomware Blockchain Retail Insurance

RedEnergy Stealer-as-a-Ransomware employed in attacks in the wild

Security Affairs

JULY 5, 2023

RedEnergy is a sophisticated stealer-as-a-ransomware that was employed in attacks targeting energy utilities, oil, gas, telecom, and machinery sectors. Zscaler ThreatLabz researchers discovered a new Stealer-as-a-Ransomware named RedEnergy used in attacks against energy utilities, oil, gas, telecom, and machinery sectors.

Ransomware

Ransomware Energy and Utilities Encryption Manufacturing

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

The LockBit ransomware group successfully extorted roughly $91 million from approximately 1,700 U.S. According to a joint advisory published by cybersecurity agencies, the LockBit ransomware group has successfully extorted roughly $91 million in about 1,700 attacks against U.S. organizations since 2020. organizations since 2020.

Ransomware

Ransomware Cybersecurity Agriculture Education

Experts warn of a spike in May and June of 8Base ransomware attacks

Security Affairs

JUNE 28, 2023

Researchers warn of a massive spike in May and June 2023 of the activity associated with the ransomware group named 8Base. VMware Carbon Black researchers observed an intensification of the activity associated with a stealthy ransomware group named 8Base. and Brazil. and Brazil. ” reported NCC. ” continues the report.

Ransomware

Ransomware Encryption Manufacturing Business Services

Hades ransomware gang targets big organizations in the US

Security Affairs

MARCH 26, 2021

Accenture security researchers published an analysis of the latest Hades campaign, which is ongoing since at least December 2020. . Experts discovered that threat actors targeted a large US transportation & logistics organization, a large US consumer products organization, and a global manufacturing organization.

Ransomware

Ransomware Encryption File names Manufacturing

Best Ransomware Removal and Recovery Services

eSecurity Planet

OCTOBER 5, 2021

Malware has been around for nearly 40 years, longer even than the World Wide Web, but ransomware is a different kind of threat, capable of crippling a company and damaging or destroying its critical data. Ransomware Protection and Recovery Steps. Ransomware removal tools. Ransomware recovery services. Data backup.

Ransomware

Ransomware Encryption Cybersecurity Insurance

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

The City of Dallas revealed that the Royal ransomware gang that hit the city system in May used a stolen account. In May 2023, a ransomware attack hit the IT systems at the City of Dallas , Texas. CBS News Texas obtained an image the ransomware note dropped by the malware on the infected systems. ” continues the report.

Ransomware

Ransomware Encryption Systems administration Cybersecurity

A new wave of ech0raix ransomware attacks targets QNAP NAS devices

Security Affairs

DECEMBER 27, 2021

A new wave of ech0raix ransomware attacks is targeting QNAP network-attached storage (NAS) devices. The threat actors behind the ech0raix ransomware are targeting NAP network-attached storage (NAS) devices. ech0raix ransomware operators demand a ransom raising from.024 TXTT” extension. 024 ($1,200) up to.06 06 bitcoins ($3,000).

Ransomware

Ransomware Encryption Manufacturing Passwords

Audio equipment maker Bose Corporation discloses a ransomware attack

Security Affairs

MAY 25, 2021

The audio equipment manufacturer Bose Corporation said it was the victim of a ransomware attack that took place earlier this year, on March 7. Bose Corporation has announced it was the victim of a ransomware attack that took place earlier this year, on March 7. Bose first detected the malware/ransomware on Bose’s U.S.

Ransomware

Ransomware Manufacturing Encryption Passwords

UK Suffers Third Highest Rate of Ransomware Attacks in the World

IT Governance

SEPTEMBER 30, 2022

UK organisations suffer the third highest rate of ransomware attacks globally, with small businesses most at risk, a report by NordLocker has found. The other most vulnerable sectors were business services (23), construction (22), manufacturing (19) and transport (18). What else should organisations do?

Ransomware

Ransomware Manufacturing Data breaches Risk

Nefilim ransomware gang published Luxottica data on its leak site

Security Affairs

OCTOBER 20, 2020

The Nefilim ransomware operators have posted a long list of files that appear to belong to Italian eyewear and eyecare giant Luxottica. Security experts believe that threat actor exploited the above flaw to infect the systems at the company with ransomware. Luxottica Group S.p.A. Pierluigi Paganini.

Ransomware

Ransomware IT Retail Manufacturing

LockFile Ransomware uses a new intermittent encryption technique

Security Affairs

AUGUST 31, 2021

Recently emerged LockFile ransomware family LockFile leverages a novel technique called intermittent encryption to speed up encryption. LockFile ransomware gang started its operations last month, recently it was spotted targeting Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities.

Encryption

Encryption Ransomware Financial Services Manufacturing

Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia

Security Affairs

MAY 16, 2021

Avaddon ransomware gang has breached the France-based financial consultancy firm Acer Finance. Avaddon ransomware gang made the headlines again, the cybercrime gang has breached the France-based financial consultancy firm Acer Finance. Acer Finance operates as an investment management company. Pierluigi Paganini.

Ransomware

Ransomware Manufacturing Communications Risk

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Security Affairs

JANUARY 6, 2024

It is one of the largest pharmaceutical companies globally, engaged in the research, development, manufacturing, and marketing of a wide range of healthcare products. The analysis conducted on the ransomware revealed it was designed to look like ransomware but was wiper malware designed for sabotage purposes.

Insurance

Insurance Healthcare Manufacturing Ransomware

CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance

KnowBe4

OCTOBER 19, 2023

October 18, 2023, the Cybersecurity Infrastructure and Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint guide, Phishing Guidance: Stopping the Attack Cycle at Phase One.

Phishing

Phishing Manufacturing Education Ransomware

FBI published a flash alert on Mamba Ransomware attacks

Security Affairs

MARCH 26, 2021

The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. Mamba ransomware is one of the first malware that encrypted hard drives rather than files that was detected in public attacks. ” reads the alert published by the FBI.

Ransomware

Ransomware Encryption File names Passwords

At least 31 US Businesses targeted with WastedLocker Ransomware

Security Affairs

JUNE 29, 2020

Tens of organizations in the United States have been targeted with the recently discovered WastedLocker ransomware. The malicious code was first documented by researchers from the NCC Group’s report and later Symantec published its own analysis. ” reads the analysis published by Symantec. Pierluigi Paganini.

Ransomware

Ransomware Manufacturing Access Security

Orange Business Services hit by Nefilim ransomware operators

Security Affairs

JULY 17, 2020

Security researchers at Cyble reported that Nefilim ransomware operators allegedly targeted the mobile network operator Orange. Researchers from Cyble came across a post of Nefilim ransomware operators which were claiming to have stolen sensitive data of Orange S.A., one of the largest mobile networks based in France.

Business Services

Business Services Ransomware Manufacturing Archiving

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Security Affairs

NOVEMBER 20, 2020

The QakBot banking trojan has dropped the ProLock ransomware, they are now opting for the Egregor ransomware in their operations. Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has discovered that QakBot (aka Qbot) operators have abandoned ProLock for Egregor ransomware. ProLock = Egregor.

Ransomware

Ransomware Retail Encryption Manufacturing

China-linked APT Bronze Starlight deploys ransomware as a smokescreen

Security Affairs

JUNE 26, 2022

China-linked APT Bronze Starlight is deploying post-intrusion ransomware families as a diversionary action to its cyber espionage operations. Researchers from Secureworks reported that a China-linked APT group, tracked as Bronze Starlight (APT10), is deploying post-intrusion ransomware families to cover up the cyber espionage operations.

Ransomware

Ransomware Healthcare Manufacturing Encryption

Connecting the Bots – Hancitor fuels Cuba Ransomware Operations

Security Affairs

MAY 7, 2021

The Cuba Ransomware gang has partnered with the crooks behind the Hancitor malware in attacks aimed at corporate networks. Group-IB Threat Intelligence & Attribution team found that Hancitor is being actively used by the threat actors to deploy Cuba ransomware. Cuba ransomware has been active since at least January 2020.

Ransomware

Ransomware Education Manufacturing Healthcare

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

Security Affairs

OCTOBER 19, 2023

The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2023 (ETL) report , which is the annual analysis of the state of the cybersecurity threat landscape. It identifies the top threats, major trends observed with respect to threats, threat actors and attack techniques, as well as impact and motivation analysis.

Artificial Intelligence

Artificial Intelligence Ransomware Cybersecurity Manufacturing

A new NAS Ransomware targets QNAP Devices

Security Affairs

JULY 11, 2019

Malware researchers at two security firms Intezer and Anomali have discovered a new piece of ransomware targeting Network Attached Storage (NAS) devices. Experts at security firms Intezer and Anomali have separately discovered a new piece of ransomware targeting Network Attached Storage (NAS) devices. The malicious code appends.

Ransomware

Ransomware Encryption Manufacturing Security

Group-IB detects a series of ransomware attacks by OldGremlin

Security Affairs

SEPTEMBER 23, 2020

Researchers from threat hunting and intelligence firm Group-IB have detected a successful attack by a ransomware gang tracked as OldGremlin. Group-IB , a global threat hunting and intelligence company headquartered in Singapore, has detected a successful attack by a ransomware gang, codenamed OldGremlin. About Group-IB.

Ransomware

Ransomware Phishing Encryption Authentication

Wind Turbine giant Deutsche Windtechnik hit by a professional Cyberattack

Security Affairs

APRIL 27, 2022

“The forensic analysis has been completed and the result has shown that this was a targeted professional cyber attack.” ” Deutsche Windtechnik did not disclose details about the attack, but experts believe that the company was hit with ransomware. .” reads the press release published by the company.

Manufacturing

Manufacturing Ransomware Cybersecurity Security

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

IT Governance

FEBRUARY 21, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. ALPHV/BlackCat ransomware gang adds 2.7 TB of ASA Electronics data to its leak site The ALPHV/BlackCat ransomware gang is attempting to extort a ransom from ASA Electronics for 2.7

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

IT Governance

FEBRUARY 14, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. TB JP Original Corp Source New Manufacturing USA Yes 1.2 TB JP Original Corp Source New Manufacturing USA Yes 1.2 TB JP Original Corp Source New Manufacturing USA Yes 1.2

Data Privacy

Data Privacy Manufacturing Privacy Security

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

Security Affairs

APRIL 10, 2020

The gang behind the DoppelPaymer ransomware has stolen internal confidential documents belonging to some of the largest aerospace companies in the world from the industrial contractor Visser Precision. Visser Precision is a parts maker for many companies in several industries, including aerospace, automotive, industrial and manufacturing.

Ransomware

Ransomware Manufacturing Military Cybersecurity

How to secure QNAP NAS devices? The vendor’s instructions

Security Affairs

JANUARY 7, 2022

QNAP is warning customers of ransomware attacks targeting network-attached storage (NAS) devices exposed online. Taiwanese vendor QNAP has warned customers to secure network-attached storage (NAS) exposed online from ransomware and brute-force attacks. In December a new wave of ech0raix ransomware attacks targeted QNAP NAS devices.

Ransomware

Ransomware Security Encryption Systems administration

Money Message gang leaked private code signing keys from MSI data breach

Security Affairs

MAY 8, 2023

The ransomware gang behind the attack on Taiwanese PC maker MSI leaked the company’s private code signing keys on their darkweb leak site. In early April, the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). MSI is headquartered in Taipei, Taiwan.

Data breaches

Data breaches Ransomware Manufacturing Authentication

Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware

Security Affairs

DECEMBER 12, 2023

The experts observed the use of NineRAT at around September 2023 against a European manufacturing entity. ” reads the analysis published by Talos. Additionally, Andariel has been involved in ransomware attacks against healthcare organizations in certain instances.

Agriculture

Agriculture Data collection Access Manufacturing

Experts link Raspberry Robin Malware to Evil Corp cybercrime gang

Security Affairs

SEPTEMBER 2, 2022

The malware was first spotted on September 2021, the experts observed it targeting organizations in the technology and manufacturing industries. The DEV-0206-associated FakeUpdates activity on affected systems has since led to follow-on actions resembling DEV-0243 pre-ransomware behavior.”. ” reported IBM.

Security awareness

Security awareness Manufacturing Ransomware Cybersecurity

The Week in Cyber Security and Data Privacy: 16–22 October 2023

IT Governance

OCTOBER 24, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Incident details: Network security incident, where allegedly AlphV gained unauthorised access and made demands to the hospital’s leadership, suggesting a ransomware attack.

Data Privacy

Data Privacy Privacy Security Data breaches

2021 data breach exposed data of 70 Million Luxottica customers

Security Affairs

MAY 20, 2023

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. On September 18, 2020, Luxottica was hit by a ransomware attack that took place on September 18.

Data breaches

Data breaches Retail Sales Ransomware

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The malware was first spotted in September 2021, the experts observed it targeting organizations in the technology and manufacturing industries. The worm was attributed by IBM to the cybercrime gang Evil Corp , however, it is used by multiple threat actors to deliver malicious payloads such as the Clop ransomware.

Government

Government Communications Ransomware Manufacturing

Researchers Quietly Cracked Zeppelin Ransomware Keys

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Webinars

Trending Sources

8Base ransomware operators use a new variant of the Phobos ransomware

Webinars

FBI and CISA warn of attacks by Rhysida ransomware gang

New Linux Ransomware BlackSuit is similar to Royal ransomware

Experts spotted a variant of the Agenda Ransomware written in Rust

Breakdown of a Break-in: A Manufacturer's Ransomware Response

RansomExx Ransomware upgrades to Rust programming language

Holy Ghost ransomware operation is linked to North Korea

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

RedEnergy Stealer-as-a-Ransomware employed in attacks in the wild

Cybersecurity agencies published a joint LockBit ransomware advisory

Experts warn of a spike in May and June of 8Base ransomware attacks

Hades ransomware gang targets big organizations in the US

Best Ransomware Removal and Recovery Services

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

A new wave of ech0raix ransomware attacks targets QNAP NAS devices

Audio equipment maker Bose Corporation discloses a ransomware attack

UK Suffers Third Highest Rate of Ransomware Attacks in the World

Nefilim ransomware gang published Luxottica data on its leak site

LockFile Ransomware uses a new intermittent encryption technique

Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance

FBI published a flash alert on Mamba Ransomware attacks

At least 31 US Businesses targeted with WastedLocker Ransomware

Orange Business Services hit by Nefilim ransomware operators

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

China-linked APT Bronze Starlight deploys ransomware as a smokescreen

Connecting the Bots – Hancitor fuels Cuba Ransomware Operations

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

A new NAS Ransomware targets QNAP Devices

Group-IB detects a series of ransomware attacks by OldGremlin

Wind Turbine giant Deutsche Windtechnik hit by a professional Cyberattack

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

How to secure QNAP NAS devices? The vendor’s instructions

Money Message gang leaked private code signing keys from MSI data breach

Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware

Experts link Raspberry Robin Malware to Evil Corp cybercrime gang

The Week in Cyber Security and Data Privacy: 16–22 October 2023

2021 data breach exposed data of 70 Million Luxottica customers

Raspberry Robin malware used in attacks against Telecom and Governments

Stay Connected