Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. The attackers used invoice-themed lures targeting entities in manufacturing, industry, technology, finance, and other verticals. . .” Pierluigi Paganini.

Manufacturing 93

Manufacturing Business Services Communications IT 93

Security Affairs

NOVEMBER 19, 2023

The group has been active since March 2022, it focused on small and medium-size businesses in multiple industries, including finance, manufacturing, business services, and IT. Security experts attributed 67 attacks to the group in May 2023, most of the victims are in the U.S. and Brazil.

Ransomware 122

Ransomware Encryption Metadata Manufacturing 122

Security Affairs

JUNE 28, 2023

The group has been active since March 2022, it focused on small and medium-size businesses in multiple industries, including finance, manufacturing, business services, and IT. ” Security experts attributed 67 attacks to the group in May 2023, most of the victims are in the U.S. and Brazil. and Brazil.

Ransomware 85

Ransomware Encryption Manufacturing Business Services 85

Security Affairs

AUGUST 21, 2021

The popular security expert Kevin Beaumont was one of the first researchers to report that the LockFile operators are using the Microsoft Exchange ProxyShell and the Windows PetitPotam vulnerabilities to take over Windows domains. “The LockFile ransomware was first observed on the network of a U.S. Pierluigi Paganini.

Ransomware 135

Ransomware Encryption Financial Services Manufacturing 135

Security Affairs

NOVEMBER 1, 2021

Both Remcos and NanoCore are used for information gathering, data exfiltration, surveillance, and control of the victims’ computers. . The group focuses on Shipping/Logistics, Manufacturing, Business Services, Pharmaceutical, and Energy entities, among others. ” reads the analysis published by the experts.

Healthcare 91

Healthcare Phishing Manufacturing Government 91

Security Affairs

JULY 6, 2020

Global IT services and solutions provider DXC Technology disclosed a ransomware attack that infected systems at its Xchanging subsidiary. Xchanging is a business process and technology services provider and integrator, which provides technology-enabled business services to the commercial insurance industry.

Ransomware 75

Ransomware Insurance Financial Services Manufacturing 75

Security Affairs

AUGUST 31, 2021

The popular security expert Kevin Beaumont was one of the first researchers to report that the LockFile operators are using the Microsoft Exchange ProxyShell and the Windows PetitPotam vulnerabilities to take over Windows domains. The HTA ransom note used by LockFile closely resembles the one used by LockBit 2.0 Pierluigi Paganini.

Encryption 104

Encryption Ransomware Financial Services Manufacturing 104