Encryption, Groups, Industry and Manufacturing - Information Management Today

Lacroix Group shut down three facilities after a ‘targeted cyberattack’

Security Affairs

MAY 16, 2023

French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack. The French electronics manufacturer Lacroix Group shut down three facilities in France, Germany, and Tunisia in response to a cyber attack. ” reported Yahoo Finance.

Manufacturing

Manufacturing Ransomware Sales Encryption

8Base ransomware operators use a new variant of the Phobos ransomware

Security Affairs

NOVEMBER 19, 2023

Phobos variants are usually distributed by the SmokeLoader , but in 8Base campaigns, it has the ransomware component embedded in its encrypted payloads. In June, VMware Carbon Black researchers observed an intensification of the activity associated with a stealthy ransomware group named 8Base. and Brazil.

Ransomware

Ransomware Encryption Metadata Manufacturing

Key aerospace player Safran Group leaks sensitive data

Security Affairs

MARCH 15, 2023

Top aviation company Safran Group left itself vulnerable to cyberattacks, likely for well over a year, underlining how vulnerable big aviation firms are to threat actors, according to research by Cybernews. According to its own estimates, Safran Group ’s revenue for 2022 was above €19 billion.

Manufacturing

Manufacturing Access Risk IT

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Researchers Quietly Cracked Zeppelin Ransomware Keys

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin. ” they wrote.

Ransomware

Ransomware Encryption Manufacturing Phishing

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

The Last Watchdog

NOVEMBER 12, 2023

This is precisely what the consortium of software companies and device manufacturers, led Google, Amazon and Apple, set out to achieve when Matter was conceived four years ago. Matter works much the way website authentication and website traffic encryption gets executed. This same approach really could be applied to other industries.

Security

Security Manufacturing Authentication Marketing

Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications

Security Affairs

JANUARY 8, 2024

. “According to this and other leaked documents, the Department of Defence purchased technology for the Air Force’s encrypted communications. The ALPHV/Blackcat group was the second most prolific ransomware-as-a-service operation, it amassed hundreds of millions of dollars in ransom payments.

Communications

Communications Ransomware Data breaches Manufacturing

Experts warn of a spike in May and June of 8Base ransomware attacks

Security Affairs

JUNE 28, 2023

Researchers warn of a massive spike in May and June 2023 of the activity associated with the ransomware group named 8Base. VMware Carbon Black researchers observed an intensification of the activity associated with a stealthy ransomware group named 8Base. The 8BASE group claims to be composed of honest pentesters. “We

Ransomware

Ransomware Encryption Manufacturing Business Services

Experts spotted a variant of the Agenda Ransomware written in Rust

Security Affairs

DECEMBER 19, 2022

The Qilin ransomware-as-a-service (RaaS) group uses a double-extortion model, with most of the victims in the manufacturing and IT industries. The Rust variant has also been seen using intermittent encryption, one of the emerging tactics that threat actors use today for faster encryption and detection evasion.”

Ransomware

Ransomware Encryption Passwords Education

MY TAKE: Can Matter 1.0 springboard us from truly smart homes to the Internet of Everything?

The Last Watchdog

NOVEMBER 14, 2022

The technology industry hopes that Matter arises as the lingua franca for the Internet of Things. What they came up with is an open-source standard designed to ensure that smart home devices from different manufacturers can communicate simply and securely via an advanced type of mesh network. . Related: Why standards are so vital.

IoT

IoT Manufacturing Encryption Authentication

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

Lockbit ransomware group administrative staff has confirmed with us their websites have been seized. pic.twitter.com/SvpbeslrCd — vx-underground (@vxunderground) February 19, 2024 The operation led to the arrest of two members of the ransomware gang in Poland and Ukraine and the seizure of hundreds of crypto wallets used by the group.

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

. “The Department of State is announcing reward offers totaling up to $15 million for information leading to the arrest and/or conviction of any individual participating in a LockBit ransomware variant attack and for information leading to the identification and/or location of any key leaders of the LockBit ransomware group.”

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

ransomware attacks against Australian organizations in multiple industry sectors starting July 2021. This activity has occurred across multiple industry sectors. In addition to the encryption of data, victims have received threats that data stolen during the incidents will be published.” ransomware. . ransomware.

Ransomware

Ransomware Retail Security Manufacturing

BlackMatter ransomware gang hit Technology giant Olympus

Security Affairs

SEPTEMBER 13, 2021

A ransom note that was found on the infected systems claimed that the company was hit by the BlackMatter ransomware group. The BlackMatter group launched its operations at at the end of July, the gang claims to be the successor of Darkside and REvil groups.

Ransomware

Ransomware Computer and Electronics Manufacturing Encryption

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

Security Affairs

APRIL 3, 2019

The OceanLotus APT group, also known as APT32 or Cobalt Kitty , leverages a steganography-based loader to deliver backdoors on compromised systems. The APT32 group, also known as OceanLotus Group, has been active since at least 2013, according to the experts it is a state-sponsored hacking group.

Libraries

Libraries Encryption Communications Manufacturing

FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks

Security Affairs

MAY 11, 2021

The Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) are warning of an ongoing Avaddon ransomware campaign targeting organizations worldwide in multiple industries, including government, finance, energy, manufacturing, and healthcare. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Manufacturing Phishing Encryption

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

Security Affairs

NOVEMBER 16, 2022

DTrack is a modular backdoor used by the Lazarus group since 2019 , it was employed in attacks against a wide variety of targets, from financial environments to a nuclear power plan. The second stage payload is a heavily obfuscated shellcode, the APT group used an encryption method different for each sample.

Manufacturing

Manufacturing Education Encryption IT

China-Linked APT15 group is using a previously undocumented backdoor

Security Affairs

JULY 23, 2019

ESET researchers reported that China-linked cyberespionage group APT15 has been using a previously undocumented backdoor for more than two years. Experts discovered that since December 2016, the APT15 group has been using the previously undocumented backdoor dubbed Okrum. ” reads the report published by ESET.

Communications

Communications Manufacturing Encryption Security

Security Affairs newsletter Round 404 by Pierluigi Paganini

Security Affairs

JANUARY 29, 2023

Copycat Criminals mimicking Lockbit gang in northern Europe Sandworm APT targets Ukraine with new SwiftSlicer wiper ISC fixed high-severity flaws in DNS software suite BIND Patch management is crucial to protect Exchange servers, Microsoft warns Hacker accused of having stolen personal data of all Austrians and more CVE-2023-23560 flaw exposes 100 (..)

Security

Security Data breaches Military Ransomware

Critical Success Factors to Widespread Deployment of IoT

Thales Cloud Protection & Licensing

FEBRUARY 16, 2021

Digital technology and connected IoT devices have proliferated across industries and into our daily lives. Driven by the need to secure themselves against increasing threats, organizations (both manufacturers and IoT consumers) realize that they need better built-in security. Critical Success Factors to Widespread Deployment of IoT.

IoT

IoT Manufacturing Energy and Utilities Encryption

Cuba Ransomware received over $60M in Ransom payments as of August 2022

Security Affairs

DECEMBER 2, 2022

Like other ransomware gangs, Cuba used ‘double extortion’ techniques which means that it exfiltrates data from the target systems before encrypting them and demanding a ransom payment, threatening to publicly release it if payment is not made. In May, MalwareHunterTeam found evidence that links Cuba and the Industrial Spy crew.

Ransomware

Ransomware Financial Services Manufacturing Phishing

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

“These operations have targeted various industries, including Aerospace & Defense, Education, Energy & Utilities, Governments, Hospitality, Manufacturing, Oil & Gas, Retail, Technology, and Transportation. Communication to and from the EdgeRouters involved encryption using a randomly generated 16-character AES key.

Energy and Utilities

Energy and Utilities Military Government Phishing

Avaddon ransomware gang shuts down their operations and releases decryption keys

Security Affairs

JUNE 11, 2021

Good news for the victims of the Avaddon ransomware gang , the cybercrime group has shut down its operations and provided the decryption keys to BleepingComputer website. The group has also shut down its servers and deleted profiles on hacking forums, they also shut down their leak site. ” states Emsisoft. Pierluigi Paganini.

Ransomware

Ransomware Passwords Manufacturing Archiving

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Security Affairs

NOVEMBER 20, 2020

Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has discovered that QakBot (aka Qbot) operators have abandoned ProLock for Egregor ransomware. The biggest ransom demand detected by Group-IB team has been at $4 million worth of BTC. Egregor’s favorite sectors are Manufacturing (28.9%

Ransomware

Ransomware Retail Encryption Manufacturing

A new piece of Snake Ransomware targets ICS processes

Security Affairs

JANUARY 28, 2020

The recently discovered Snake Ransomware has been targeting processes and files associated with industrial control systems (ICS). Security experts from SentinelOne reported that the recently discovered Snake Ransomware has been targeting processes and files associated with industrial control systems (ICS).

Ransomware

Ransomware Energy and Utilities Manufacturing Encryption

Anatomy of a Quantum Attack

Thales Cloud Protection & Licensing

APRIL 27, 2022

A conventional computer would need 300 trillion years to break RSA encryption – considered the gold standard for Public Key Encryption (PKE). Research by the Organization of American States found cyberattacks against critical infrastructure and manufacturing are more likely to target industrial control systems than steal data.

Encryption

Encryption Cybersecurity Government Communications

Ransomware at IT Services Provider Synoptek

Krebs on Security

DECEMBER 27, 2019

-based Synoptek is a managed service provider that maintains a variety of cloud-based services for more than 1,100 customers across a broad spectrum of industries , including state and local governments, financial services, healthcare, manufacturing, media, retail and software.

Ransomware

Ransomware IT Phishing Financial Services

Connecting the Bots – Hancitor fuels Cuba Ransomware Operations

Security Affairs

MAY 7, 2021

Hancitor became another commodity malware which partnered with ransomware gangs to help them gain initial access to target networks – the increasing trend outlined by Group-IB researchers in the recent Ransomware Uncovered 2020/2021 report. In addition, the group leveraged some custom tools for network reconnaissance. exe: Figure 3.

Ransomware

Ransomware Education Manufacturing Healthcare

Raspberry Robin operators are selling initial access to compromised enterprise networks to ransomware gangs

Security Affairs

OCTOBER 27, 2022

DEV-0950 group used Clop ransomware to encrypt the network of organizations previously infected with the Raspberry Robin worm. The experts noticed that threat actors tracked as DEV-0950 used Clop ransomware to encrypt the network of organizations previously infected with the worm.

Ransomware

Ransomware Access Encryption Manufacturing

MY TAKE: The role of semiconductors in bringing the ‘Internet of Everything’ into full fruition

The Last Watchdog

DECEMBER 11, 2022

Not as noticeably, but perhaps even more crucially, big advances have been made in semiconductors, the chips that route electrical current in everything from our phones and laptops to automobile components and industrial plant controls. Both come into play across the breadth of IoT and, even more so, with respect to IoE. Energy at the edges.

Energy and Utilities

Energy and Utilities IoT Artificial Intelligence Cloud

US CISA and FBI publish joint alert on DarkSide ransomware

Security Affairs

MAY 13, 2021

FBI and DHS’s CISA have published a joint alert to warn of ransomware attacks conducted by the DarkSide group. The Darkside ransomware gang first emerged in the threat landscape in August 2020, in recent months the group was very active and targeted organizations worldwide. 3 ],[ 4 ]” reads the joint alert.

Ransomware

Ransomware Phishing Encryption Risk

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Security Affairs

OCTOBER 24, 2020

An industry leader in multiple U.S. The ransomware encrypted files and renamed their filenames by adding the “ easy2lock” extension, this extension was previously associated with recent WastedLocker ransomware infections. This group has been active since at least 2007, in December 2019, the U.S.

Ransomware

Ransomware Retail Manufacturing Encryption

The Scammers’ Playbook: How Cybercriminals Get Ahold of Your Data

eSecurity Planet

SEPTEMBER 14, 2022

Cybercrime is a growth industry like no other. A major focus of cybersecurity as an industry is its efforts to detect, root out, and respond to potential fraudsters attempting to trick companies and people out of their money, data, or both. According to data from the Federal Reserve , the 55-69 age group currently controls 41.2%

Energy and Utilities

Energy and Utilities Phishing Blockchain Cybersecurity

Which is the Threat landscape for the ICS sector in 2020?

Security Affairs

MARCH 22, 2021

The experts gathered data related to the cyberthreats that were blocked on computers used to manage industrial control equipment and targeting software used in ICS engineering and integration industry, including human-machine interface (HMI), OPC gateway, engineering, control, and data acquisition software. In H2 2020, 39.3%

Phishing

Phishing Passwords Access Manufacturing

MY TAKE: How digital technology and the rising gig economy are exacerbating third-party risks

The Last Watchdog

APRIL 24, 2019

I had the chance at RSA 2019 to discuss that question with Catherine Allen, chairman and CEO of the Santa Fe Group, and Mike Jordan, senior director of Santa Fe’s Shared Assessments program. Addressing third-parties Allen founded The Santa Fe Group in 1995 and established it as a leading consultancy, specializing on emerging technologies.

Risk

Risk IoT Digital transformation Retail

Qbot uses a new email collector module in the latest campaign

Security Affairs

AUGUST 31, 2020

Most of the infections were observed in organizations in the US and Europe, the most targeted industries were in the government, military, and manufacturing sectors. . ” The spam messages contain URLs to.ZIP files that serve VBS content designed to download the payload from one of six hardcoded encrypted URLs. . .

Passwords

Passwords Military Manufacturing Encryption

List of Data Breaches and Cyber Attacks in March 2023 – 41.9 Million Records Breached

IT Governance

APRIL 3, 2023

Reports suggest that the group is stealing the data rather than encrypting the organisations’ systems and holding them to ransom. The attacks have been attributed to the Clop ransomware gang, but coverage of their activity is not consistent with traditional ransomware attacks.

Data breaches

Data breaches Ransomware Phishing Government

NIST Tests Forensic Methods for Getting Data From Damaged Mobile Phones

Security Affairs

JANUARY 31, 2020

However, they can still be useful with encrypted phones because investigators often manage to get the passcode during their investigation. Manufacturers use those taps to test their circuit boards, but by soldering wires onto them, forensic investigators can extract data from the chips.

Manufacturing

Manufacturing Access Encryption IT

New Rules on CFIUS Mandatory Filings

Data Matters

SEPTEMBER 21, 2020

businesses that produce, design, test, manufacture, fabricate, or develop one or more critical technologies (“U.S. Filings Apply to Investments in All Industries: Currently, filings are mandatory for certain covered transactions involving U.S. critical technology businesses in any industry.

Encryption

Encryption Government Manufacturing Sales

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

eSecurity Planet

NOVEMBER 6, 2023

also adds Supplemental and Environmental safety measurements and values relevant to operational technology (OT), industrial control systems (ICS), and Internet of Things (IoT) contexts. Exploiting these issues might result in unauthorized command execution, exposing NAS systems to data theft, encryption, or ransomware attacks.

Ransomware

Ransomware Authentication Cybersecurity Education

List of Data Breaches and Cyber Attacks in February 2023 – 29.5 Million Records Breached

IT Governance

MARCH 1, 2023

filed notice of a security breach (726) Motto Mortgage comes under cyber attack (unknown) Highmark discloses security breach after employee falls victim to phishing (300,000) Stroke Scan reports security breach (50,000) Meriplex Communications announces security breach affecting Malaga Bank customers (unknown) DotHouse Health Inc.

Data breaches

Data breaches Ransomware e-Delivery Government

Taking down Gooligan: part 2 — inner workings

Elie

MARCH 17, 2018

This file is encrypted with a hardcoded [XOR encryption] function. This encryption is used to escape the signatures that detect the code that Gooligan borrows from previous malware. Encrypting malicious payload is a very old malware trick that has been used by. Android malware. since at least 2011.

Encryption

Encryption Libraries Ransomware Marketing

Taking down Gooligan: part 2 — inner workings

Elie

MARCH 17, 2018

This file is encrypted with a hardcoded [XOR encryption] function. This encryption is used to escape the signatures that detect the code that Gooligan borrows from previous malware. Encrypting malicious payload is a very old malware trick that has been used by. Android malware. since at least 2011.

Encryption

Encryption Libraries Ransomware Marketing

Supply Chain Security 101: An Expert’s View

Krebs on Security

OCTOBER 12, 2018

In the 70s and 80s, the government was more dominant in the technology industry and didn’t have this massive internationalization of the technology supply chain. based technology industry so that we had an indigenous place to work with, and where we have only cleared people and total control over the processes and parts.

Security

Security Computer and Electronics IoT Cloud

Researchers released a free decryption tool for the Rhysida Ransomware

Security Affairs

FEBRUARY 12, 2024

The experts exploited the vulnerability to reconstruct encryption keys and developed a decryptor that allows victims of the Rhysida ransomware to recover their encrypted data for free. Rhysida ransomware employed a secure random number generator to generate the encryption key and subsequently encrypt the data.

Ransomware

Ransomware Encryption Paper Manufacturing

Lacroix Group shut down three facilities after a ‘targeted cyberattack’

8Base ransomware operators use a new variant of the Phobos ransomware

Webinars

Trending Sources

Key aerospace player Safran Group leaks sensitive data

Webinars

Researchers Quietly Cracked Zeppelin Ransomware Keys

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications

Experts warn of a spike in May and June of 8Base ransomware attacks

Experts spotted a variant of the Agenda Ransomware written in Rust

MY TAKE: Can Matter 1.0 springboard us from truly smart homes to the Internet of Everything?

More details about Operation Cronos that disrupted Lockbit operation

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

BlackMatter ransomware gang hit Technology giant Olympus

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

China-Linked APT15 group is using a previously undocumented backdoor

Security Affairs newsletter Round 404 by Pierluigi Paganini

Critical Success Factors to Widespread Deployment of IoT

Cuba Ransomware received over $60M in Ransom payments as of August 2022

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Avaddon ransomware gang shuts down their operations and releases decryption keys

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

A new piece of Snake Ransomware targets ICS processes

Anatomy of a Quantum Attack

Ransomware at IT Services Provider Synoptek

Connecting the Bots – Hancitor fuels Cuba Ransomware Operations

Raspberry Robin operators are selling initial access to compromised enterprise networks to ransomware gangs

MY TAKE: The role of semiconductors in bringing the ‘Internet of Everything’ into full fruition

US CISA and FBI publish joint alert on DarkSide ransomware

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

The Scammers’ Playbook: How Cybercriminals Get Ahold of Your Data

Which is the Threat landscape for the ICS sector in 2020?

MY TAKE: How digital technology and the rising gig economy are exacerbating third-party risks

Qbot uses a new email collector module in the latest campaign

List of Data Breaches and Cyber Attacks in March 2023 – 41.9 Million Records Breached

NIST Tests Forensic Methods for Getting Data From Damaged Mobile Phones

New Rules on CFIUS Mandatory Filings

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

List of Data Breaches and Cyber Attacks in February 2023 – 29.5 Million Records Breached

Taking down Gooligan: part 2 — inner workings

Taking down Gooligan: part 2 — inner workings

Supply Chain Security 101: An Expert’s View

Researchers released a free decryption tool for the Rhysida Ransomware

Stay Connected