Security Affairs

NOVEMBER 19, 2023

Phobos variants are usually distributed by the SmokeLoader , but in 8Base campaigns, it has the ransomware component embedded in its encrypted payloads. In June, VMware Carbon Black researchers observed an intensification of the activity associated with a stealthy ransomware group named 8Base. and Brazil.

Ransomware 128

Ransomware Encryption Metadata Manufacturing 128

Krebs on Security

FEBRUARY 20, 2024

authorities have seized the darknet websites run by LockBit , a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. This prompted several XSS members to start posting memes taunting the group about the security failure. ” one denizen quipped.

Ransomware 259

Ransomware Encryption Insurance Manufacturing 259

Security Affairs

OCTOBER 18, 2022

Symantec researchers reported that cyberespionage group APT41 targeted organizations in Hong Kong in a campaign that is a likely continuation of the Operation CuckooBees activity detailed by Cybereason in May. Winnti (aka APT41 , Axiom, Barium , Blackfly) is a cyberespionage group that has been active since at least 2007.

File names 114

File names Encryption Manufacturing Libraries 114

Security Affairs

AUGUST 29, 2021

The name of the sportswear manufacturer Puma appeared on the dark web marketplace of stolen data Marketo, threat actors claim to have stolen 1 GB of data from the company. The ad on Marketo claims to have about 1GB of data stolen from the company that are now auctioned to the highest bidder. . Pierluigi Paganini.

Manufacturing 123

Manufacturing Data breaches Encryption Ransomware 123

eSecurity Planet

SEPTEMBER 8, 2021

The cybercriminal gang behind the Ragnar Locker ransomware attacks is threatening victims that it will go public with data captured in an attack if they contact law enforcement agencies or hire negotiators. Many groups will become more aggressive if they themselves feel threatened. Colonial Pipeline paid its DarkSide attackers $4.4

Ransomware 96

Ransomware Manufacturing Risk Encryption 96

The Last Watchdog

NOVEMBER 12, 2023

This is precisely what the consortium of software companies and device manufacturers, led Google, Amazon and Apple, set out to achieve when Matter was conceived four years ago. Matter works much the way website authentication and website traffic encryption gets executed. This same approach really could be applied to other industries.

Security 229

Security Manufacturing Authentication Marketing 229

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. The company has operations in 25 countries, more than 4,000 employees, and billions in revenue annually.

Ransomware 337

Ransomware Security Agriculture Cybersecurity 337

Security Affairs

FEBRUARY 3, 2022

A China-linked APT group tracked as Antlion used a custom backdoor called xPack that was undetected for months. A China-linked APT group tracked as Antlion is using a custom backdoor called xPack in attacks aimed at financial organizations and manufacturing companies, Symantec researchers reported. ” continues Symantec.

Manufacturing 95

Manufacturing Data collection Encryption Passwords 95

Security Affairs

JANUARY 8, 2024

Documents belonging to the Swiss Air Force were leaked on the dark web after the US security company Ultra Intelligence & Communications suffered a data breach. “According to this and other leaked documents, the Department of Defence purchased technology for the Air Force’s encrypted communications.

Communications 117

Communications Ransomware Data breaches Manufacturing 117

IT Governance

MARCH 5, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: 183,754,481 records. EasyPark data breach: 21.1 million data records belonging to EasyPark have been listed for sale on a hacking forum.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

JANUARY 16, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data is no longer publicly available. Data breached: >223,000,000 records. Data breached: >7,000,000 records. Data breached: 5,500,000 records.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

Security Affairs

JUNE 28, 2023

Researchers warn of a massive spike in May and June 2023 of the activity associated with the ransomware group named 8Base. VMware Carbon Black researchers observed an intensification of the activity associated with a stealthy ransomware group named 8Base. The 8BASE group claims to be composed of honest pentesters. “We

Ransomware 93

Ransomware Encryption Manufacturing Business Services 93

IT Governance

MARCH 11, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: 36 million records. Data breached: 6,935,412 individuals’ data. Data breached: 6.9 Only 3 definitely haven’t had data breached.

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

Security Affairs

SEPTEMBER 23, 2020

Researchers from threat hunting and intelligence firm Group-IB have detected a successful attack by a ransomware gang tracked as OldGremlin. Group-IB , a global threat hunting and intelligence company headquartered in Singapore, has detected a successful attack by a ransomware gang, codenamed OldGremlin. Unsought invoice.

Ransomware 106

Ransomware Phishing Encryption Authentication 106

Security Affairs

SEPTEMBER 23, 2023

MILES/CBS NEWS TEXAS The Royal ransomware group is behind the attack and threatens to publish stolen data if the City will not meet its ransom demand. Once obtained access to the City’s network, the group performed reconnaissance and information-gathering activities using legitimate third-party remote management tools.

Ransomware 111

Ransomware Encryption Systems administration Cybersecurity 111

Security Affairs

FEBRUARY 20, 2024

Lockbit ransomware group administrative staff has confirmed with us their websites have been seized. pic.twitter.com/SvpbeslrCd — vx-underground (@vxunderground) February 19, 2024 The operation led to the arrest of two members of the ransomware gang in Poland and Ukraine and the seizure of hundreds of crypto wallets used by the group.

Energy and Utilities 107

Energy and Utilities Ransomware Manufacturing Agriculture 107

Security Affairs

FEBRUARY 21, 2024

. “The Department of State is announcing reward offers totaling up to $15 million for information leading to the arrest and/or conviction of any individual participating in a LockBit ransomware variant attack and for information leading to the identification and/or location of any key leaders of the LockBit ransomware group.”

Energy and Utilities 95

Energy and Utilities Ransomware Agriculture Manufacturing 95

Security Affairs

MARCH 3, 2023

Unlike other ransomware operations, Royal doesn’t offer Ransomware-as-a-Service, it appears to be a private group without a network of affiliates. The Royal ransomware is written in C++, it infected Windows systems and deletes all Volume Shadow Copies to prevent data recovery. ” reads the alert. ” continues the alert.

Ransomware 96

Ransomware Encryption Cybersecurity Communications 96

Security Affairs

APRIL 13, 2019

Hackers publish personal data on thousands of US police officers and federal agents. Media outlet Techcrunch reported that a hacker group has breached several FBI-affiliated websites and leaked the stolen info online. TechCrunch spoke to one of the hackers, who didn’t identify his or her name, through an encrypted chat late Friday. “We

Encryption 101

Encryption Ransomware Manufacturing Personal data 101

Security Affairs

JULY 15, 2022

The Microsoft Threat Intelligence Center (MSTIC) researchers linked the activity of the Holy Ghost ransomware (H0lyGh0st) operation to a North Korea-linked group they tracked as DEV-0530. The list of victims includes manufacturing organizations, banks, schools, and event and meeting planning companies.

Ransomware 135

Ransomware Encryption Government Manufacturing 135

Security Affairs

MARCH 26, 2021

Accenture’s Cyber Investigation & Forensic Response (CIFR) and Cyber Threat Intelligence (ACTI) teams published an analysis of the latest campaign conducted by financially motivated threat group Hades which have been operating since at least December 2020. . The copy is then deleted and an executable is unpacked in memory.

Ransomware 143

Ransomware Encryption File names Manufacturing 143

Security Affairs

AUGUST 9, 2021

In addition to the encryption of data, victims have received threats that data stolen during the incidents will be published.” Ransomware operators also stole data from the victims and leaked it online when they refused to pay the ransom. This activity has occurred across multiple industry sectors.

Ransomware 111

Ransomware Retail Security Manufacturing 111

IT Governance

APRIL 3, 2023

Welcome to our March 2023 list of data breaches and cyber attacks. You can find the full list of data breaches and cyber attacks below, including our new feature in which we delve into the month’s biggest incidents in a little more detail. This suggests that it had a poor understanding of the attack and rushed to disclose the breach.

Data breaches 119

Data breaches Ransomware Phishing Government 119

Security Affairs

JUNE 3, 2023

The Royal ransomware is written in C++, it infected Windows systems and deletes all Volume Shadow Copies to prevent data recovery. According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education.

Ransomware 97

Ransomware Encryption File names Cybersecurity 97

Security Affairs

JANUARY 12, 2022

The RedLine malware allows operators to steal several information, including credentials, credit card data, cookies, autocomplete information stored in browsers, cryptocurrency wallets, credentials stored in VPN clients and FTP clients. “Some telemetry data is shown below. The malicious code can also act as a first-stage malware.

Manufacturing 139

Manufacturing File names Archiving Encryption 139

Security Affairs

OCTOBER 13, 2022

The Budworm espionage group resurfaced targeting a U.S.-based This is the first time that Symantec researchers have observed the Budworm group targeting a U.S-based The group also targeted a hospital in South East Asia. The China-linked APT27 group has been active since 2010, it targeted organizations worldwide, including U.S.

File names 135

File names Financial Services Manufacturing Libraries 135

The Last Watchdog

NOVEMBER 14, 2022

What they came up with is an open-source standard designed to ensure that smart home devices from different manufacturers can communicate simply and securely via an advanced type of mesh network. . PKI also keeps data encrypted as it moves between endpoints. PKI also keeps data encrypted as it moves between endpoints.

IoT 183

IoT Manufacturing Encryption Authentication 183

Security Affairs

NOVEMBER 16, 2022

DTrack is a modular backdoor used by the Lazarus group since 2019 , it was employed in attacks against a wide variety of targets, from financial environments to a nuclear power plan. The second stage payload is a heavily obfuscated shellcode, the APT group used an encryption method different for each sample.

Manufacturing 128

Manufacturing Education Encryption IT 128

Security Affairs

MAY 11, 2021

The Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) are warning of an ongoing Avaddon ransomware campaign targeting organizations worldwide in multiple industries, including government, finance, energy, manufacturing, and healthcare. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware 127

Ransomware Manufacturing Phishing Encryption 127

Security Affairs

JANUARY 29, 2023

Copycat Criminals mimicking Lockbit gang in northern Europe Sandworm APT targets Ukraine with new SwiftSlicer wiper ISC fixed high-severity flaws in DNS software suite BIND Patch management is crucial to protect Exchange servers, Microsoft warns Hacker accused of having stolen personal data of all Austrians and more CVE-2023-23560 flaw exposes 100 (..)

Security 93

Security Data breaches Military Ransomware 93

Security Affairs

JANUARY 28, 2022

Taiwanese electronics manufacturing company Delta Electronics was hit by the Conti ransomware that took place this week. ” states the data breach notification published by the company. “According to the report, the sample may have been used in an attack on Taiwanese electronics manufacturing company Delta Electronics Inc.

Ransomware 96

Ransomware Computer and Electronics Manufacturing Encryption 96

Security Affairs

SEPTEMBER 13, 2021

As part of the investigation, we have suspended data transfers in the affected systems and have informed the relevant external partners.” A ransom note that was found on the infected systems claimed that the company was hit by the BlackMatter ransomware group. ” reads the statement issued by the company.

Ransomware 120

Ransomware Computer and Electronics Manufacturing Encryption 120

Security Affairs

DECEMBER 27, 2021

The attackers first create a user in the administrator group, then use it to encrypt the content of the NAS. However, there is no free solution to decrypt data locked by the latest variants of the malware (versions 1.0.5 The malicious code appends.encrypt extension to filenames of encrypted files. TXTT” extension.

Ransomware 129

Ransomware Encryption Manufacturing Passwords 129

IT Governance

MARCH 1, 2023

Welcome to our February 2023 list of data breaches and cyber attacks. It follows a mammoth start to the year, with more than 277 million breached records in January , and brings the running total for the year to over 300 million pieces of compromised personal data. You can find the full list of data breaches and cyber attacks below.

Data breaches 130

Data breaches Ransomware e-Delivery Government 130

Thales Cloud Protection & Licensing

FEBRUARY 16, 2021

There are three major threat vectors that harm IoT deployments: Devices are hijacked by malicious software; Data collected and processed in IoT ecosystems is tampered with and impacts the confidentiality, integrity and availability of the information; and, Weak user and device authentication. However, the security mindset is changing.

IoT 96

IoT Manufacturing Energy and Utilities Encryption 96

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. ” reads the report published by the company.

Ransomware 104

Ransomware Passwords Encryption Financial Services 104

Security Affairs

MAY 4, 2023

The City is investigating the scope of the incident with the help of law enforcement, at this time has yet to disclose details on the incident, including the ransomware family that hit its systems and if there is a data breach. However, CBS News Texas obtained an image the ransomware note dropped by the malware on the infected systems.

Ransomware 97

Ransomware IT Encryption Education 97