Security Affairs

FEBRUARY 28, 2024

. “This trend is believed to be a response to the encouragement from ALPHV Blackcat administrators, who urged affiliates to focus their efforts on hospitals following operational actions against the group and its infrastructure in early December 2023.” reads the press release. “FBI reads the press release. “To

Ransomware 104

Ransomware Government Insurance Manufacturing 104

Security Affairs

MARCH 16, 2021

Microsoft released an Exchange On-premises Mitigation Tool (EOMT) tool to small businesses for the fix of ProxyLogon vulnerabilities. Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). ” reads the post published by Microsoft.

Military 95

Military Manufacturing Access Security 95

The Last Watchdog

SEPTEMBER 21, 2023

21, 2023 — MxD, the Digital Manufacturing and Cybersecurity Institute, today hosted a roundtable discussion with the White House Office of the National Cyber Director. Each participating organization is committed to developing cyber skills and programs to train the workforce across a wide range of industries, including manufacturing.

Cybersecurity 147

Cybersecurity Manufacturing Military Artificial Intelligence 147

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Access 88

Access Financial Services Retail Insurance 88

Security Affairs

FEBRUARY 8, 2024

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Energy and Utilities 108

Energy and Utilities Communications Military Manufacturing 108

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. Pierluigi Paganini.

Government 52

Government Communications Ransomware Manufacturing 52

Security Affairs

APRIL 19, 2024

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Energy and Utilities 96

Energy and Utilities Communications Military Manufacturing 96

Security Affairs

MAY 22, 2020

ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. The group behind this activity is the same we identified in the past malicious operations described in Roma225 (12/2018), Hagga (08/2019), Mana (09/2019), YAKKA (01/2020). Introduction.

Manufacturing 131

Manufacturing e-Delivery IT Security 131

Security Affairs

OCTOBER 13, 2022

The Budworm espionage group resurfaced targeting a U.S.-based This is the first time that Symantec researchers have observed the Budworm group targeting a U.S-based The group also targeted a hospital in South East Asia. The China-linked APT27 group has been active since 2010, it targeted organizations worldwide, including U.S.

File names 128

File names Financial Services Manufacturing Libraries 128

Security Affairs

AUGUST 25, 2023

China-linked APT group Flax Typhoon targeted dozens of organizations in Taiwan as part of a suspected espionage campaign. The group relies on tools built into the operating system, along with some legitimate software. The group primarily relies on living-off-the-land techniques and hands-on-keyboard activity.

Manufacturing 83

Manufacturing Education Access Government 83

Security Affairs

MARCH 25, 2020

The China-linked group tracked as APT41 exploited vulnerabilities in Citrix, Cisco, and ManageEngine in a campaign on a global scale. The China-linked cyberespionage group tracked as APT41 exploited vulnerabilities in Citrix, Cisco, and Zoho ManageEngine in a campaign on a global scale. ” reads the advisory published by FireEye.

Healthcare 120

Healthcare Education Manufacturing Government 120

Security Affairs

FEBRUARY 27, 2024

A BlackCat ransomware attack hit UnitedHealth Group subsidiary Optum causing an outage impacting the Change Healthcare payment exchange platform. A ransomware attack hit the UnitedHealth Group subsidiary Optum leading to an outage impacting the Change Healthcare payment exchange platform. ” reads the Reuters.

Ransomware 89

Ransomware Government Insurance Manufacturing 89

Security Affairs

FEBRUARY 28, 2024

“As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report.

Energy and Utilities 95

Energy and Utilities Military Government Phishing 95

Security Affairs

FEBRUARY 19, 2024

Lockbit ransomware group administrative staff has confirmed with us their websites have been seized. In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. According to a joint report published by US authorities and international peers, the total of U.S. on January 5, 2020.

Energy and Utilities 104

Energy and Utilities Ransomware Agriculture Financial Services 104

Security Affairs

FEBRUARY 21, 2024

government offers rewards of up to $15 million for information that could lead to the identification or location of LockBit ransomware gang members and affiliates. The operation led to the arrest of two members of the ransomware gang in Poland and Ukraine and the seizure of hundreds of crypto wallets used by the group.

Energy and Utilities 88

Energy and Utilities Ransomware Agriculture Manufacturing 88

Security Affairs

JULY 15, 2022

The Microsoft Threat Intelligence Center (MSTIC) researchers linked the activity of the Holy Ghost ransomware (H0lyGh0st) operation to a North Korea-linked group they tracked as DEV-0530. The list of victims includes manufacturing organizations, banks, schools, and event and meeting planning companies. ” concludes Microsoft.

Ransomware 130

Ransomware Encryption Government Manufacturing 130

Security Affairs

DECEMBER 13, 2023

The group managed to maintain access without being detected for as long as possible. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Communications 110

Communications Manufacturing Education Government 110

Security Affairs

SEPTEMBER 23, 2020

Researchers from threat hunting and intelligence firm Group-IB have detected a successful attack by a ransomware gang tracked as OldGremlin. Group-IB , a global threat hunting and intelligence company headquartered in Singapore, has detected a successful attack by a ransomware gang, codenamed OldGremlin. Unsought invoice.

Ransomware 100

Ransomware Phishing Encryption Authentication 100

Security Affairs

DECEMBER 12, 2023

North Korea-linked APT group Lazarus was spotted exploiting Log4j vulnerabilities to deploy previously undocumented remote access trojans. The North Korea-linked APT group Lazarus is behind a new hacking campaign that exploits Log4j vulnerabilities to deploy previously undocumented remote access trojans (RATs).

Agriculture 100

Agriculture Data collection Access Manufacturing 100

Security Affairs

FEBRUARY 20, 2024

Lockbit ransomware group administrative staff has confirmed with us their websites have been seized. pic.twitter.com/SvpbeslrCd — vx-underground (@vxunderground) February 19, 2024 The operation led to the arrest of two members of the ransomware gang in Poland and Ukraine and the seizure of hundreds of crypto wallets used by the group.

Energy and Utilities 98

Energy and Utilities Ransomware Manufacturing Agriculture 98

Security Affairs

JUNE 1, 2021

Prometheus is a new emerging ransomware group extorting enterprises in various verticals across the globe. On their updated logo, the group illustrated ties to another notorious underground ransomware group – REvil. Some actors design various landing pages in TOR to blur attribution acting as new groups.

Sales 81

Sales Ransomware Government GDPR 81

Security Affairs

JUNE 15, 2023

The LockBit ransomware group successfully extorted roughly $91 million from approximately 1,700 U.S. According to a joint advisory published by cybersecurity agencies, the LockBit ransomware group has successfully extorted roughly $91 million in about 1,700 attacks against U.S. organizations since 2020. organizations since 2020.

Ransomware 89

Ransomware Cybersecurity Agriculture Education 89

Security Affairs

SEPTEMBER 23, 2023

MILES/CBS NEWS TEXAS The Royal ransomware group is behind the attack and threatens to publish stolen data if the City will not meet its ransom demand. Once obtained access to the City’s network, the group performed reconnaissance and information-gathering activities using legitimate third-party remote management tools.

Ransomware 103

Ransomware Encryption Systems administration Cybersecurity 103

Security Affairs

OCTOBER 1, 2022

A cyberespionage group, tracked as Witchetty, used steganography to hide a previously undocumented backdoor in a Windows logo. The group used the backdoor in attacks against Middle Eastern governments. The group used the backdoor in attacks against Middle Eastern governments. ” the researchers concluded.

Manufacturing 110

Manufacturing Government Cybersecurity IT 110

Security Affairs

MARCH 5, 2019

A cyber-espionage group, tracked as APT40, apparently linked to the Chinese government is focused on targeting countries important to the country’s Belt and Road Initiative. The cyber-espionage group tracked as APT40 (aka TEMP. Periscope , TEMP. ” reads the analysis published by FireEye. ” continues the analysis.

Phishing 81

Phishing Passwords Manufacturing Government 81

Collibra

APRIL 20, 2023

Earth Day organizer, Earthday.org , says, “The theme is focused on engaging governments, institutions, businesses, and the more than 1 billion citizens who participate annually in Earth Day to do their part — everyone accounted for, everyone accountable.” Better yet, form a group to hold each other accountable to make those calls!

Government 87

Government Agriculture Manufacturing Analytics 87

IT Governance

FEBRUARY 14, 2024

TB JP Original Corp Source New Manufacturing USA Yes 1.2 TB JP Original Corp Source New Manufacturing USA Yes 1.2 TB JP Original Corp Source New Manufacturing USA Yes 1.2 TB JP Original Corp Source New Manufacturing USA Yes 1.2 TB KSA Architecture Source New Construction and real estate USA Yes 1.5

Data Privacy 52

Data Privacy Manufacturing Privacy Security 52

Security Affairs

SEPTEMBER 15, 2020

CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems. CISA published a security advisory warning of a wave of attacks carried out by China-linked APT groups affiliated with China’s Ministry of State Security.

Government 73

Government Energy and Utilities Healthcare Access 73

Security Affairs

MARCH 2, 2022

In the last few hours, in addition to government sites, the sites of the country’s main banks have been brought to their knees. The group also hacked the Russian tool manufacturer NPKTAIR, which works with designing TVs and broadcasting radios in Russia, and flyrf[.]ru, OJSC Ak Bars Holding, has now been breached.

IT 97

IT Manufacturing Mining Government 97

Security Affairs

MAY 11, 2021

The Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) are warning of an ongoing Avaddon ransomware campaign targeting organizations worldwide in multiple industries, including government, finance, energy, manufacturing, and healthcare.

Ransomware 125

Ransomware Manufacturing Phishing Encryption 125

Security Affairs

JULY 23, 2019

ESET researchers reported that China-linked cyberespionage group APT15 has been using a previously undocumented backdoor for more than two years. Experts discovered that since December 2016, the APT15 group has been using the previously undocumented backdoor dubbed Okrum. ” reads the report published by ESET.

Communications 87

Communications Manufacturing Encryption Security 87

IT Governance

FEBRUARY 21, 2024

Source New Manufacturing USA Yes 20,415 TECA Srl Source New Transport Italy Yes 16.7 Known records breached Zenlayer Source New Telecoms USA Yes 384,658,212 ASA Electronics Source New Engineering USA Yes 2.7 Known records breached Zenlayer Source New Telecoms USA Yes 384,658,212 ASA Electronics Source New Engineering USA Yes 2.7

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

Security Affairs

MAY 25, 2023

A China-linked APT group, tracked as Volt Typhoon, breached critical infrastructure organizations in the U.S. China-linked APT cyber espionage group Volt Typhoon infiltrated critical infrastructure organizations in the U.S. The group managed to maintain access without being detected for as long as possible.

Communications 77

Communications Manufacturing Access Archiving 77

Security Affairs

NOVEMBER 16, 2018

According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world. Espionage as one of the main APT groups’ goals.

Phishing 84

Phishing Manufacturing Marketing Blockchain 84

Security Affairs

DECEMBER 7, 2019

Alleged Vietnamese Ocean Lotus (APT32) hackers breached the networks of the car manufacturers BMW and Hyundai to steal automotive trade secrets. According to German media, hackers suspected to be members of the Vietnam-linked APT Ocean Lotus ( APT32 ) group breached the networks of the car manufacturers BMW and Hyundai.

Manufacturing 88

Manufacturing Government Security IT 88

Security Affairs

APRIL 3, 2019

The OceanLotus APT group, also known as APT32 or Cobalt Kitty , leverages a steganography-based loader to deliver backdoors on compromised systems. The APT32 group, also known as OceanLotus Group, has been active since at least 2013, according to the experts it is a state-sponsored hacking group. Pierluigi Paganini.

Libraries 75

Libraries Encryption Communications Manufacturing 75

Security Affairs

NOVEMBER 18, 2020

Symantec’s Threat Hunter Team, a Broadcom division, uncovered a global campaign conducted by a China-linked APT10 cyber-espionage group targeting businesses using the recently-disclosed ZeroLogon vulnerability. . The APT10 is well-resourced cyberespionage group that employed multiple tools and sophisticated techniques in its attacks.

Healthcare 100

Healthcare Archiving Cloud Manufacturing 100