Communications, Information Security, Libraries and Manufacturing

Raspberry Robin spotted using two new 1-day LPE exploits

Security Affairs

FEBRUARY 11, 2024

The malware was first spotted in September 2021, the experts observed it targeting organizations in the technology and manufacturing industries. The malicious code also changed its communication method and lateral movement to avoid detection. Initial access is typically through infected removable drives, often USB devices.

Communications

Communications Manufacturing Libraries Cybersecurity

Microsoft: Raspberry Robin worm already infected hundreds of networks

Security Affairs

JULY 3, 2022

The malware was first spotted in September 2021, the experts observed Raspberry Robin targeting organizations in the technology and manufacturing industries. Now Microsoft confirmed that the threat was discovered on the networks of multiple customers, including organizations in the technology and manufacturing sectors.

Manufacturing

Manufacturing Libraries Communications Cybersecurity

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

Security Affairs

NOVEMBER 25, 2022

Researchers discovered that devices from Dell, HP, and Lenovo are still using outdated versions of the OpenSSL cryptographic library. Binarly researchers discovered that devices from Dell, HP, and Lenovo are still using outdated versions of the OpenSSL cryptographic library. ” continues the report. that dates back to 2009.

Libraries

Libraries Manufacturing Communications Security

Ongoing Raspberry Robin campaign leverages compromised QNAP devices

Security Affairs

JULY 9, 2022

The malware was first spotted in September 2021, the experts observed Raspberry Robin targeting organizations in the technology and manufacturing industries. Last week, Microsoft confirmed that the threat was discovered on the networks of multiple customers , including organizations in the technology and manufacturing sectors.

Manufacturing

Manufacturing Libraries Communications IT

China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks

Security Affairs

JUNE 26, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. ” concludes the report.

Cleanup

Cleanup Libraries Access Manufacturing

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The malware was first spotted in September 2021, the experts observed it targeting organizations in the technology and manufacturing industries. Once installed the malware contact the hard-coded.onion address using an embedded custom TOR client designed to communicate with the real payload using shared memory and it to await further commands.

Government

Government Communications Ransomware Manufacturing

Microsoft experts linked the Raspberry Robin malware to Evil Corp operation

Security Affairs

JULY 29, 2022

The malware was first spotted in September 2021, the experts observed Raspberry Robin targeting organizations in the technology and manufacturing industries. Initial access is typically through infected removable drives, often USB devices. Then msiexec.exe launches a legitimate Windows utility, fodhelper.exe, which in turn run rundll32.exe

Manufacturing

Manufacturing Libraries Access Communications

China-linked APT41 group targets Hong Kong with Spyder Loader

Security Affairs

OCTOBER 18, 2022

The attacks detailed by Cybereason targeted technology and manufacturing companies primarily located in East Asia, Western Europe, and North America. Like the sample analyzed by Cyberreason, the Spyder Loader sample analyzed by Symantec uses the CryptoPP C++ library. ” continues the report.

File names

File names Encryption Manufacturing Libraries

Raspberry Robin operators are selling initial access to compromised enterprise networks to ransomware gangs

Security Affairs

OCTOBER 27, 2022

The malware was first spotted in September 2021, the experts observed Raspberry Robin targeting organizations in the technology and manufacturing industries. Initial access is typically through infected removable drives, often USB devices. Then msiexec.exe launches a legitimate Windows utility, fodhelper.exe, which in turn run rundll32.exe

Ransomware

Ransomware Access Encryption Manufacturing

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The malware was first spotted in September 2021, the experts observed it targeting organizations in the technology and manufacturing industries. Once installed the malware contact the hard-coded.onion address using an embedded custom TOR client designed to communicate with the real payload using shared memory and it to await further commands.

Government

Government Communications Ransomware Manufacturing

Raspberry Robin spreads via removable USB devices

Security Affairs

MAY 7, 2022

The malware was first spotted in September 2021, the experts observed Raspberry Robin targeting organizations in the technology and manufacturing industries. The malware uses TOR exit nodes as a backup C2 infrastructure. Initial access is typically through infected removable drives, often USB devices. exe to execute a malicious command.

Manufacturing

Manufacturing Libraries Cybersecurity Communications

xHelper, the Unkillable Android malware that re-Installs after factory reset

Security Affairs

APRIL 7, 2020

Upon the installation, the malicious app registers itself as a foreground service and extracts an encrypted payload that gathers information about the victim’s device (android_id, manufacturer, model, firmware version, etc.) and sends it to a server under the control of the attackers ([link]. ” continues the report.

Manufacturing

Manufacturing Libraries Access Encryption

The Hacker Mind Podcast: Hacking Teslas

ForAllSecure

JUNE 8, 2022

Even so, the car manufacturers carved out large groups of codes. Since then, car manufacturers have improved on this. And the coffee spur was an attempt to show manufacturers of hands free sets that pre-programmed pin that cannot be changed by the user would not be the ideal way to handle security in this respect.

Manufacturing

Manufacturing Encryption IT Security

Decommissioned medical infusion pumps sold on secondary market could reveal Wi-Fi configuration settings

Security Affairs

AUGUST 3, 2023

The researchers analysed 13 infusion pumps that despite being no longer manufactured are still working in numerous medical organizations worldwide. The Alaris security team explained that the documentation is only accessible to customers that have a support contract with Becton, Dickinson and Company (BD).

Marketing

Marketing Authentication Communications Manufacturing

Information Management Today

Raspberry Robin spotted using two new 1-day LPE exploits

Microsoft: Raspberry Robin worm already infected hundreds of networks

Trending Sources

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

Ongoing Raspberry Robin campaign leverages compromised QNAP devices

China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks

Raspberry Robin malware used in attacks against Telecom and Governments

Microsoft experts linked the Raspberry Robin malware to Evil Corp operation

China-linked APT41 group targets Hong Kong with Spyder Loader

Raspberry Robin operators are selling initial access to compromised enterprise networks to ransomware gangs

Raspberry Robin malware used in attacks against Telecom and Governments

Raspberry Robin spreads via removable USB devices

xHelper, the Unkillable Android malware that re-Installs after factory reset

The Hacker Mind Podcast: Hacking Teslas

Decommissioned medical infusion pumps sold on secondary market could reveal Wi-Fi configuration settings

Stay Connected