Security Affairs

JULY 6, 2022

Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. The group used a variety of attack methods, including malspam campaigns, vulnerable RDP servers, and compromised VPN credentials. ” reads the post published by Microsoft.

Encryption 110

Encryption Ransomware Blockchain Libraries 110

Security Affairs

JULY 28, 2021

BlackMatter is a new ransomware gang that started its activity this week, the cybercriminals group claims to be the successor of Darkside and REvil groups. Lile other ransomware operations, BlackMatter also set up its leak site where it will publish data exfiltrated from the victims before encrypting their system.

Ransomware 120

Ransomware Encryption Access IT 120

Security Affairs

JUNE 7, 2023

The PowerShell-based malware uses advanced techniques to evade detection, including deception, encoding, and encryption. Adlumin recommends organizations in the aerospace defense industry remain vigilant against PowerDrop. “It aerospace defense industry appeared first on Security Affairs. aerospace sector.

Encryption 82

Encryption Cybersecurity IT Access 82

Security Affairs

JANUARY 23, 2024

The Black Basta ransomware gang claimed to have hacked the UK water utility Southern Water, a major player in the UK water industry. The company is a major player in the UK water industry, it employs over 6,000 people and has an annual turnover of over £1 billion. Black Basta posts UK water utility Southern Water. southernwater.co[.]uk

Encryption 111

Encryption Ransomware Blockchain Insurance 111

Security Affairs

OCTOBER 8, 2020

A previously unknown threat actor, tracked as MontysThree , composed of Russian speaking members targets Russian industrial organizations. Kaspersky Lab researchers spotted a new threat actor, tracked as MontysThree , composed of Russian speaking members targets Russian industrial organizations.

Encryption 98

Encryption Archiving Communications Cloud 98

Security Affairs

MAY 16, 2023

French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack. The French electronics manufacturer Lacroix Group shut down three facilities in France, Germany, and Tunisia in response to a cyber attack. The company earned $770 million in 2022.

Manufacturing 84

Manufacturing Ransomware Sales Encryption 84

Security Affairs

MARCH 15, 2023

Top aviation company Safran Group left itself vulnerable to cyberattacks, likely for well over a year, underlining how vulnerable big aviation firms are to threat actors, according to research by Cybernews. According to its own estimates, Safran Group ’s revenue for 2022 was above €19 billion.

Manufacturing 86

Manufacturing Access Risk IT 86

Security Affairs

JULY 5, 2020

Experts spotted recent samples of the Snake ransomware that were isolating the infected systems while encrypting files to avoid interference. Snake Ransomware is suspected to have been employed in a ransomware attacks that hit Fresenius Group, Europe’s largest hospital provider, and the Japanese carmaker Honda.

Encryption 94

Encryption Ransomware Cybersecurity Archiving 94

Security Affairs

AUGUST 2, 2021

The experts analyzed encryption algorithms in a decryptor used by BlackMatter, which is actively attacking corporate entities. Oil and gas industry (pipelines, oil refineries). Defense industry. The post More evidence suggests that DarkSide and BlackMatter are the same group appeared first on Security Affairs.

Ransomware 114

Ransomware Encryption IT Security 114

Security Affairs

NOVEMBER 19, 2023

Phobos variants are usually distributed by the SmokeLoader , but in 8Base campaigns, it has the ransomware component embedded in its encrypted payloads. In June, VMware Carbon Black researchers observed an intensification of the activity associated with a stealthy ransomware group named 8Base. and Brazil.

Ransomware 119

Ransomware Encryption Metadata Manufacturing 119

eSecurity Planet

OCTOBER 4, 2021

percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations that lack processes for decrypting and scanning HTTPS traffic for threats. Malware in Encrypted Traffic. A surprising 91.5

Encryption 134

Encryption Ransomware Communications Cybersecurity 134

Security Affairs

APRIL 21, 2024

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers.

Ransomware 88

Ransomware Encryption Education Phishing 88

Security Affairs

DECEMBER 22, 2021

PYSA and Lockbit were the most active ransomware gangs in the threat landscape in November 2021, researchers from NCC Group report. Security researchers from NCC Group reported an increase in ransomware attacks in November 2021 over the past month, and PYSA (aka Mespinoza) and Lockbit were the most active ransomware gangs.

Ransomware 96

Ransomware Encryption Government Retail 96

DLA Piper Privacy Matters

AUGUST 8, 2023

Such regulated processing activities mainly include those carried out in the following business areas: monetary policy, cross-border RMB transactions, inter-bank transactions, comprehensive financial industry statistics, payment and clearing, currency management and digital RMB, treasury management, credit collection and anti-money-laundering.

Financial Services 98

Financial Services Personal data Compliance Data collection 98

Security Affairs

FEBRUARY 25, 2021

North Korea-linked Lazarus APT group has targeted the defense industry with the custom-backdoor dubbed ThreatNeedle since 2020. North Korea-linked Lazarus APT group has targeted the defense industry with the backdoor dubbed ThreatNeedle since early 2020. ” reads the press release published by Kaspersky.

Encryption 91

Encryption Access Phishing Passwords 91

Security Affairs

MAY 28, 2021

Researchers from FireEye warn that China-linked APT groups continue to target Pulse Secure VPN devices to compromise networks. Cybersecurity researchers from FireEye warn once again that Chinese APT groups continue to target Pulse Secure VPN devices to penetrate target networks and deliver malicious web shells to steal sensitive information.

Security 126

Security Passwords Cybersecurity Government 126

eSecurity Planet

JUNE 24, 2021

The increasing mobility of data, as it ping-pongs between clouds, data centers and the edge, has made it an easier target of cybercrime groups, which has put a premium on the encryption of that data in recent years. However, there is a glaring weakness. Putting a Focus on FHE. It’s available on GitHub. DARPA Gets In on the Effort.

Encryption 86

Encryption Cloud Libraries Privacy 86

Security Affairs

JANUARY 30, 2024

Energy management and industrial automation firm Schneider Electric suffered a data breach after a Cactus ransomware attack. Schneider Electric is a multinational company that specializes in energy management, industrial automation, and digital transformation.

Ransomware 121

Ransomware Data breaches Digital transformation Encryption 121

Info Source

SEPTEMBER 1, 2020

Newest working group member to enhance the TWAIN Direct specification with consulting and development services. P3iD develops key technologies that address such concerns, and form part of the mission of the company to bring intelligent insight to the TWAIN Working Group through secure, easy and effective document capture. “A

Authentication 80

Authentication Digital transformation Cloud Encryption 80

Krebs on Security

NOVEMBER 17, 2022

He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin. “We’ve found someone who can crack the encryption.” Then came the unlikely call from an FBI agent. “Don’t pay,” the agent said.

Ransomware 300

Ransomware Encryption Manufacturing Phishing 300

Security Affairs

APRIL 18, 2021

Fedir Hladyr (35), a Ukrainian national was sentenced today to 10 years in prison for his role in the financially motivated group FIN7, aka Carbanak. Between 2014 and 2016 the group used a new custom malware dubbed Carbanak that is considered a newer version of Anunak. The man is suspected to be a supervisor of the group.

Systems administration 110

Systems administration Encryption Communications Security 110

Security Affairs

FEBRUARY 26, 2024

ThyssenKrupp AG is a German industrial engineering and steel production multinational conglomerate. “The IT security of Automotive Body Solutions recognized the incident early on and has now contained the danger with the IT security of the Thyssenkrupp Group ,” Veit told the website Golem.de.

Ransomware 96

Ransomware Encryption Access Security 96

Security Affairs

SEPTEMBER 28, 2021

Microsoft discovered new custom malware, dubbed FoggyWeb, used by the Nobelium cyberespionage group to implant backdoor in Windows domains. ” The attackers use the version.dll DLL to load FoggyWeb which is stored in the encrypted file Windows.Data.TimeZones.zh-PH.pri. Follow me on Twitter: @securityaffairs and Facebook.

Encryption 82

Encryption Military Government Access 82

Krebs on Security

SEPTEMBER 18, 2023

The victim shaming website operated by the cybercriminals behind 8Base — currently one of the more active ransomware groups — was until earlier today leaking quite a bit of information that the crime group probably did not intend to be made public. The 8Base ransomware group’s victim shaming website on the darknet.

Ransomware 229

Ransomware Communications Encryption IT 229

Security Affairs

MAY 22, 2020

The Winnti hacking group continues to target gaming industry, recently it used a new malware named PipeMon and a new method to achieve persistence. Winnti hacking group is using a new malware dubbed PipeMon and a novel method to achieve persistence in attacks aimed at video game companies. ” concludes ESET.

Healthcare 99

Healthcare Encryption Passwords IT 99

Security Affairs

MARCH 4, 2021

Group-IB published a report titled “Ransomware Uncovered 2020-2021 ”. Group-IB , a global threat hunting and adversary-centric cyber intelligence company, has presented its new report “Ransomware Uncovered 2020-2021 ”. The operators were less concerned about the industry and more focused on scale.

Ransomware 115

Ransomware Encryption Marketing Access 115

AIIM

JUNE 21, 2018

In light of recent events, we can all agree that information security has been criminally overlooked on some major fronts across most industries. Encryption is Key. In other words, encrypting your file systems can prevent a massive amount of damage that would have occurred if not for the encryption process. Conclusion.

Passwords 98

Passwords Encryption Information Security Privacy 98

Security Affairs

FEBRUARY 23, 2022

Pangu Lab researchers disclosed details of the Bvp47 backdoor that was used by the US NSA Equation Group. National Security Agency (NSA) Equation Group. The name “ Bvp47 ” comes form numerous references to the string “Bvp” and the numerical value “0x47” used in the encryption algorithm.

Encryption 110

Encryption Military Archiving Government 110

Security Affairs

JANUARY 8, 2024

. “According to this and other leaked documents, the Department of Defence purchased technology for the Air Force’s encrypted communications. The ALPHV/Blackcat group was the second most prolific ransomware-as-a-service operation, it amassed hundreds of millions of dollars in ransom payments.

Communications 106

Communications Ransomware Data breaches Manufacturing 106

Krebs on Security

DECEMBER 8, 2022

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. Holden’s team gained visibility into discussions among members of two different ransom groups: CLOP (a.k.a. “ Cl0p ” a.k.a. Last month, the U.S.

Ransomware 250

Ransomware Metadata Insurance Encryption 250

Security Affairs

JUNE 28, 2023

Researchers warn of a massive spike in May and June 2023 of the activity associated with the ransomware group named 8Base. VMware Carbon Black researchers observed an intensification of the activity associated with a stealthy ransomware group named 8Base. The 8BASE group claims to be composed of honest pentesters. “We

Ransomware 86

Ransomware Encryption Manufacturing Business Services 86

Security Affairs

MARCH 18, 2019

Slack announced today to launch encryption keys that will help businesses to protect their data. Slack announced today to launch encryption keys that will help businesses to protect their data. Slack announced today to launch encryption keys that will help businesses to protect their data. Admin Roles.

Encryption 70

Encryption Risk Financial Services Privacy 70

Security Affairs

DECEMBER 19, 2022

The Qilin ransomware-as-a-service (RaaS) group uses a double-extortion model, with most of the victims in the manufacturing and IT industries. The Rust variant has also been seen using intermittent encryption, one of the emerging tactics that threat actors use today for faster encryption and detection evasion.”

Ransomware 119

Ransomware Encryption Passwords Education 119

Security Affairs

OCTOBER 18, 2018

Security researchers from ESET published a detailed analysis of a recently discovered cyber espionage group tracked as GreyEnergy. Experts from ESET speculate the BlackEnergy threat actor evolved into two separate APT groups, namely TeleBots and GreyEnergy. ” reads the report. ” states ESET.

Phishing 89

Phishing Encryption Passwords Security 89

The Last Watchdog

DECEMBER 14, 2023

Cryptographic inventories need finalizing and quantum safe encryption needs to be adopted for sensitive communications and data. Consumers will begin to see their favorite applications touting “quantum-secure encryption.” CISOs will have to get quantum resilient encryption on their cyber roadmap.

Cybersecurity 201

Cybersecurity Encryption Marketing Risk 201

Security Affairs

APRIL 3, 2019

The OceanLotus APT group, also known as APT32 or Cobalt Kitty , leverages a steganography-based loader to deliver backdoors on compromised systems. The APT32 group, also known as OceanLotus Group, has been active since at least 2013, according to the experts it is a state-sponsored hacking group. Pierluigi Paganini.

Libraries 73

Libraries Encryption Communications Manufacturing 73

Security Affairs

SEPTEMBER 28, 2020

A new ransomware gang named Mount Locker has started its operations stealing victims’ data before encrypting. In one of the attacks attributed to the group, the gang stole 400 GB of data from the victim and threatened it to share them with the its competitors, the media outlets, and TV channels, if the ransom is not paid.

Ransomware 128

Ransomware Encryption Communications Security 128