Government, Groups, Manufacturing and Security - Information Management Today

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government. Gelsemium is a group focused on cyberespionage that has been active since at least 2014.

Government

Government Manufacturing Education Access

US offers $10 million reward for info on Hive ransomware group leaders

Security Affairs

FEBRUARY 8, 2024

Government offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware group. The US Department of State announced rewards up to $10,000,000 for information leading to the identification and/or location of the leaders of the Hive ransomware group.

Ransomware

Ransomware Blockchain Manufacturing Analytics

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

Security Affairs

JANUARY 26, 2023

The BlackCat Ransomware group claims to have hacked SOLAR INDUSTRIES INDIA and to have stolen 2TB of “secret military data.” The BlackCat Ransomware group claims to have breached the company infrastructure and to have stolen 2TB of data, including secret military data related to weapons production.

Military

Military Manufacturing Ransomware Mining

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. The company has operations in 25 countries, more than 4,000 employees, and billions in revenue annually.

Ransomware

Ransomware Security Agriculture Cybersecurity

Key aerospace player Safran Group leaks sensitive data

Security Affairs

MARCH 15, 2023

Top aviation company Safran Group left itself vulnerable to cyberattacks, likely for well over a year, underlining how vulnerable big aviation firms are to threat actors, according to research by Cybernews. According to its own estimates, Safran Group ’s revenue for 2022 was above €19 billion.

Manufacturing

Manufacturing Access Risk IT

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Security Affairs

DECEMBER 7, 2021

Microsoft seized dozens of malicious domains used by the China-linked APT15 group to target organizations worldwide. APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing.

Manufacturing

Manufacturing Phishing Government Security

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Security Affairs

DECEMBER 19, 2023

The Federal Bureau of Investigation (FBI) announced the seizure of the Tor leak site of the AlphV/Blackcat ransomware group. The FBI seized the Tor leak site of the AlphV/Blackcat ransomware group and replaced the home page with the announcement of the seizure. the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware

Ransomware IT Access Manufacturing

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Security Affairs

DECEMBER 11, 2020

Vietnam-linked APT group APT32 , also known as OceanLotus and APT-C-00, carried out cyber espionage campaigns against Chinese entities to gather intelligence on the COVID-19 crisis. Now the Facebook security team has revealed the real identity of APT32 , linking the group to an IT company in Vietnam named CyberOne Group. .

Agriculture

Agriculture IT Retail Manufacturing

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

Security Affairs

OCTOBER 1, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Patch your TeamCity instance to avoid server hack Is Gelsemium APT behind a targeted attack in Southeast Asian Government? A new round of the weekly SecurityAffairs newsletter arrived!

Artificial Intelligence

Artificial Intelligence Security Ransomware Data breaches

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. Pierluigi Paganini.

Government

Government Communications Ransomware Manufacturing

Balikbayan Foxes group spoofs Philippine gov to spread RATs

Security Affairs

NOVEMBER 1, 2021

Meet Balikbayan Foxes: a threat group impersonating the Philippine gov’t. Experts uncovered a new threat actor, tracked as Balikbayan Foxes, that is impersonating the Philippine government to spread malware. . Victims of the group are located in North America, Europe, and Southeast Asia. . ” concludes the report.

Healthcare

Healthcare Phishing Manufacturing Government

China-linked APT41 group targets Hong Kong with Spyder Loader

Security Affairs

OCTOBER 18, 2022

Symantec researchers reported that cyberespionage group APT41 targeted organizations in Hong Kong in a campaign that is a likely continuation of the Operation CuckooBees activity detailed by Cybereason in May. Winnti (aka APT41 , Axiom, Barium , Blackfly) is a cyberespionage group that has been active since at least 2007.

File names

File names Encryption Manufacturing Libraries

China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks

Security Affairs

JUNE 26, 2023

China-linked APT group VANGUARD PANDA, aka Volt Typhoon, was spotted observing a novel tradecraft to gain initial access to target networks. CrowdStrike researchers observed the China-linked APT group VANGUARD PANDA, aka Volt Typhoon , using a novel tradecraft to gain initial access to target networks.

Cleanup

Cleanup Libraries Access Manufacturing

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

IT Governance

FEBRUARY 14, 2024

Compromised data includes policyholders’ and their families’ civil status, dates of birth and social security numbers, as well as the name of their health insurer and information relating to their contracts. It has since been confirmed by Anukul Peedkaew, the permanent secretary of social development and human security.

Data Privacy

Data Privacy Manufacturing Privacy Security

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

Krebs on Security

FEBRUARY 20, 2024

authorities have seized the darknet websites run by LockBit , a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. This prompted several XSS members to start posting memes taunting the group about the security failure.

Ransomware

Ransomware Encryption Insurance Manufacturing

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Security Affairs

DECEMBER 19, 2023

The Federal Bureau of Investigation (FBI) announced the seizure of the Tor leak site of the AlphV/Blackcat ransomware group. The FBI seized the Tor leak site of the AlphV/Blackcat ransomware group and replaced the home page with the announcement of the seizure. the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware

Ransomware IT Access Manufacturing

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. ” continues the DoJ.

Energy and Utilities

Energy and Utilities Government Cybersecurity Military

MSI confirms security breach after Money Message ransomware attack

Security Affairs

APRIL 7, 2023

Multinational IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards for customers in the United States, Canada, and internationally.

Ransomware

Ransomware Security Manufacturing Cybersecurity

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

IT Governance

JANUARY 9, 2024

LockBit claims responsibility for Capital Health security incident The LockBit ransomware group has claimed responsibility for an attack on Capital Health , a healthcare provider in Pennington, New Jersey, last November. The group has allegedly exfiltrated more than 10 million files. Data breached: 41,500,000 records.

Data Privacy

Data Privacy Privacy Manufacturing Data breaches

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

IT Governance

FEBRUARY 21, 2024

Fowler sent a responsible disclosure notice when he discovered the database and it was secured the following day. Source New Manufacturing USA Yes 20,415 TECA Srl Source New Transport Italy Yes 16.7 Known records breached Zenlayer Source New Telecoms USA Yes 384,658,212 ASA Electronics Source New Engineering USA Yes 2.7

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. The report is part of the ongoing #StopRansomware effort that disseminates advisories about tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with ransomware groups.

Ransomware

Ransomware Manufacturing Education Passwords

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Access

Access Financial Services Retail Insurance

To Make the Internet of Things Safe, Start with Manufacturing

Thales Cloud Protection & Licensing

SEPTEMBER 11, 2018

In this blog, and in and accompanying interview with our colleague Daniel Hjort from Nexus Group, we discuss the challenges that industry faces to ensure safe deployment and management of IoT technologies. According to Maciej Kranz, Cisco VP for strategic innovation, writing for IoTechExpo.com , “[In 2018] IoT security will become the No.

Manufacturing

Manufacturing IoT Authentication Paper

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

China-linked APT Curious Gorge targeted Russian govt agencies

Security Affairs

MAY 3, 2022

China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge , is targeting Russian government agencies.

Manufacturing

Manufacturing Phishing Passwords Military

Security Affairs newsletter Round 357 by Pierluigi Paganini

Security Affairs

MARCH 13, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 357 by Pierluigi Paganini appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook.

Security

Security Data breaches Ransomware Manufacturing

Apple Security Under Scrutiny Amid Fallout from NSO Spyware Scandal

eSecurity Planet

JULY 21, 2021

Reports that the NSO Group’s Pegasus spyware was used by governments to spy on Apple iPhones used by journalists, activists, government officials and business executives is becoming a global controversy for NSO, Apple and a number of governments at the center of the scandal. Journalists, Government Officials Targeted.

Security

Security Government Privacy Ransomware

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Security Affairs

MAY 22, 2020

ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. The group behind this activity is the same we identified in the past malicious operations described in Roma225 (12/2018), Hagga (08/2019), Mana (09/2019), YAKKA (01/2020). Introduction.

Manufacturing

Manufacturing e-Delivery IT Security

US gov offers a reward of up to $10M for info on ALPHV/Blackcat gang leaders

Security Affairs

FEBRUARY 16, 2024

government offers rewards of up to $10 million for information that could lead to the identification or location of ALPHV/Blackcat ransomware gang leaders. This additional reward aims to target affiliated and initial access brokers involved and that facilitated the attacks of the group. critical infrastructure.”

Ransomware

Ransomware Government Manufacturing Access

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

The Last Watchdog

SEPTEMBER 21, 2023

21, 2023 — MxD, the Digital Manufacturing and Cybersecurity Institute, today hosted a roundtable discussion with the White House Office of the National Cyber Director. Each participating organization is committed to developing cyber skills and programs to train the workforce across a wide range of industries, including manufacturing.

Cybersecurity

Cybersecurity Manufacturing Military Artificial Intelligence

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

Security Affairs

FEBRUARY 28, 2024

. “This trend is believed to be a response to the encouragement from ALPHV Blackcat administrators, who urged affiliates to focus their efforts on hospitals following operational actions against the group and its infrastructure in early December 2023.” reads the press release. “To

Ransomware

Ransomware Government Insurance Manufacturing

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

Security Affairs

MARCH 25, 2020

The China-linked group tracked as APT41 exploited vulnerabilities in Citrix, Cisco, and ManageEngine in a campaign on a global scale. The China-linked cyberespionage group tracked as APT41 exploited vulnerabilities in Citrix, Cisco, and Zoho ManageEngine in a campaign on a global scale. Pierluigi Paganini.

Healthcare

Healthcare Education Manufacturing Government

US pharmacy outage caused by Blackcat ransomware attack on Optum Solutions

Security Affairs

FEBRUARY 27, 2024

A BlackCat ransomware attack hit UnitedHealth Group subsidiary Optum causing an outage impacting the Change Healthcare payment exchange platform. A ransomware attack hit the UnitedHealth Group subsidiary Optum leading to an outage impacting the Change Healthcare payment exchange platform. ” reads the SEC filing.

Ransomware

Ransomware Government Insurance Manufacturing

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. Pierluigi Paganini.

Government

Government Communications Ransomware Manufacturing

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs

OCTOBER 19, 2023

The ransomware operation has been active since late December 2019, the FBI published two flash alert to warn of the operation of the group. The Ragnar Locker group focuses on extortion, in some cases it did not deploy ransomware, instead it only stole the victim’s data threatening to leak it.

Ransomware

Ransomware Financial Services Manufacturing Government

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Krebs on Security

APRIL 15, 2020

The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. At least three major industry groups are working to counter the latest cyber threats and scams.

Cybersecurity

Cybersecurity Phishing Government Ransomware

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

IT Governance

MAY 7, 2024

At least 191 Australian organisations affected by ZircoDATA ransomware attack The ransomware group BlackBasta listed Australia-based ZircoDATA as a victim in February, allegedly exfiltrating 395 GB of data. Source (New) IT services USA Yes 1,382 Worthen Industries Source 1 ; source 2 (Update) Manufacturing USA Yes 1,277 R.J.

Data breaches

Data breaches Education Manufacturing Retail

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 The Australian Cyber Security Centre (ACSC) warns of an escalation in LockBit 2.0 Experts warn of active exploitation of the CVE-2018-13379 , a security bug heavily exploited by LockBit to breach networks. ransomware. in Australia since 2020.

Ransomware

Ransomware Retail Security Manufacturing

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide. .

Energy and Utilities

Energy and Utilities Military Government Phishing

Vietnam-linked APT32 group launches COVID-19-themed attacks against China

Security Affairs

APRIL 23, 2020

The Vietnam-linked cyberespionage group tracked as APT32 carried out hacking campaigns against Chinese entities to collect intelligence on the COVID-19 crisis. Vietnam-linked APT group APT32 , also known as OceanLotus and APT-C-00, carried out cyber espionage campaigns against Chinese entities to gather intelligence on the COVID-19 crisis.

Phishing

Phishing Government Manufacturing Cybersecurity

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Security Affairs

MARCH 8, 2022

. “As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors,” reads the FBI’s flash alert.

Ransomware

Ransomware Passwords Financial Services Manufacturing

Security Affairs newsletter Round 303

Security Affairs

FEBRUARY 28, 2021

Every week the best security articles from Security Affairs free for you in your email box. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. The post Security Affairs newsletter Round 303 appeared first on Security Affairs. Pierluigi Paganini.

Security

Security Blockchain Manufacturing Analytics

Group-IB detects a series of ransomware attacks by OldGremlin

Security Affairs

SEPTEMBER 23, 2020

Researchers from threat hunting and intelligence firm Group-IB have detected a successful attack by a ransomware gang tracked as OldGremlin. Group-IB , a global threat hunting and intelligence company headquartered in Singapore, has detected a successful attack by a ransomware gang, codenamed OldGremlin. Unsought invoice.

Ransomware

Ransomware Phishing Encryption Authentication

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

US offers $10 million reward for info on Hive ransomware group leaders

Webinars

Trending Sources

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

Webinars

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Key aerospace player Safran Group leaks sensitive data

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

Raspberry Robin malware used in attacks against Telecom and Governments

Balikbayan Foxes group spoofs Philippine gov to spread RATs

China-linked APT41 group targets Hong Kong with Spyder Loader

China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

US indicted 4 Russian government employees for attacks on critical infrastructure

MSI confirms security breach after Money Message ransomware attack

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

FBI and CISA warn of attacks by Rhysida ransomware gang

Iran-linked APT group Pioneer Kitten sells access to hacked networks

To Make the Internet of Things Safe, Start with Manufacturing

FBI chief says China is preparing to attack US critical infrastructure

China-linked APT Curious Gorge targeted Russian govt agencies

Security Affairs newsletter Round 357 by Pierluigi Paganini

Apple Security Under Scrutiny Amid Fallout from NSO Spyware Scandal

Cyber-Criminal espionage Operation insists on Italian Manufacturing

US gov offers a reward of up to $10M for info on ALPHV/Blackcat gang leaders

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

US pharmacy outage caused by Blackcat ransomware attack on Optum Solutions

Raspberry Robin malware used in attacks against Telecom and Governments

Law enforcement operation seized Ragnar Locker group’s infrastructure

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Vietnam-linked APT32 group launches COVID-19-themed attacks against China

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Security Affairs newsletter Round 303

Group-IB detects a series of ransomware attacks by OldGremlin

Stay Connected