Dark Reading

NOVEMBER 12, 2020

Crypto-ransomware groups are increasingly adopting malware and tools that can probe and attack operational technology, such as industrial control systems, according to an assessment of current threats.

Manufacturing 131

Manufacturing Ransomware 131

Security Affairs

NOVEMBER 15, 2023

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. The report is part of the ongoing #StopRansomware effort that disseminates advisories about tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with ransomware groups.

Ransomware 121

Ransomware Manufacturing Education Passwords 121

Security Affairs

NOVEMBER 4, 2021

CISA urges vendors to address BrakTooth flaws after researchers have released public exploit code and a proof of concept tool for them. US CISA is urging vendors to address BrakTooth flaws after security researchers have released public exploit code and a proof of concept tool to test Bluetooth devices against potential Bluetooth exploits.

Manufacturing 105

Manufacturing Security IT Information Security 105

Security Affairs

MARCH 16, 2021

Microsoft released an Exchange On-premises Mitigation Tool (EOMT) tool to small businesses for the fix of ProxyLogon vulnerabilities. Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). ” reads the post published by Microsoft.

Military 105

Military Manufacturing Access Security 105

Security Affairs

FEBRUARY 3, 2022

A China-linked APT group tracked as Antlion used a custom backdoor called xPack that was undetected for months. A China-linked APT group tracked as Antlion is using a custom backdoor called xPack in attacks aimed at financial organizations and manufacturing companies, Symantec researchers reported. ” continues Symantec.

Manufacturing 96

Manufacturing Data collection Encryption Passwords 96

The Last Watchdog

SEPTEMBER 21, 2023

21, 2023 — MxD, the Digital Manufacturing and Cybersecurity Institute, today hosted a roundtable discussion with the White House Office of the National Cyber Director. Each participating organization is committed to developing cyber skills and programs to train the workforce across a wide range of industries, including manufacturing.

Cybersecurity 147

Cybersecurity Manufacturing Military Artificial Intelligence 147

Security Affairs

MAY 22, 2020

ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. The group behind this activity is the same we identified in the past malicious operations described in Roma225 (12/2018), Hagga (08/2019), Mana (09/2019), YAKKA (01/2020). Introduction.

Manufacturing 137

Manufacturing e-Delivery IT Security 137

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government. Gelsemium is a group focused on cyberespionage that has been active since at least 2014.

Government 113

Government Manufacturing Education Access 113

Security Affairs

APRIL 18, 2024

BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. carmaker with spear-phishing attacks.

Phishing 113

Phishing Manufacturing Libraries IT 113

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Access 99

Access Financial Services Retail Insurance 99

Security Affairs

MARCH 25, 2020

The China-linked group tracked as APT41 exploited vulnerabilities in Citrix, Cisco, and ManageEngine in a campaign on a global scale. The China-linked cyberespionage group tracked as APT41 exploited vulnerabilities in Citrix, Cisco, and Zoho ManageEngine in a campaign on a global scale. ” reads the advisory published by FireEye.

Healthcare 129

Healthcare Education Manufacturing Government 129

Security Affairs

FEBRUARY 8, 2024

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Energy and Utilities 118

Energy and Utilities Communications Military Manufacturing 118

eSecurity Planet

SEPTEMBER 8, 2021

The Ragnar Locker group posted on its darknet leak site a note outlining the warning, putting even more pressure on target companies (which the group calls “clients”) and increasing attention on the already high-profile debate about organizations paying ransoms. To Pay or Not to Pay? Colonial Pipeline paid its DarkSide attackers $4.4

Ransomware 109

Ransomware Manufacturing Risk Encryption 109

The Last Watchdog

NOVEMBER 12, 2023

This is precisely what the consortium of software companies and device manufacturers, led Google, Amazon and Apple, set out to achieve when Matter was conceived four years ago. Email remains far and away the most widely used business communication tool, and thus a primary target. We’re also moving on smart commercial buildings.

Security 276

Security Manufacturing Authentication Marketing 276

Security Affairs

FEBRUARY 16, 2024

This additional reward aims to target affiliated and initial access brokers involved and that facilitated the attacks of the group. The ransom demands of the group range from a few tens of thousands of dollars up to tens of millions of dollars. the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware 121

Ransomware Government Manufacturing Access 121

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. There are multiple examples of ransomware groups doing just that after security researchers crowed about finding vulnerabilities in their ransomware code.

Ransomware 310

Ransomware Encryption Manufacturing Phishing 310

Security Affairs

OCTOBER 4, 2018

Positive Technologies while analyzing Intel Management Engine (ME) discovered that Apple did not disable Intel Manufacturing Mode in its laptops. Last year the same group of experts at Positive Technologies discovered an undocumented configuration setting that disabled the Intel Management Engine. ” concludes the experts.

Manufacturing 90

Manufacturing IT Access Sales 90

Security Affairs

OCTOBER 13, 2022

The Budworm espionage group resurfaced targeting a U.S.-based This is the first time that Symantec researchers have observed the Budworm group targeting a U.S-based The group also targeted a hospital in South East Asia. The China-linked APT27 group has been active since 2010, it targeted organizations worldwide, including U.S.

File names 136

File names Financial Services Manufacturing Libraries 136

Security Affairs

FEBRUARY 28, 2024

. “This trend is believed to be a response to the encouragement from ALPHV Blackcat administrators, who urged affiliates to focus their efforts on hospitals following operational actions against the group and its infrastructure in early December 2023.” reads the press release. “FBI reads the press release. “To

Ransomware 114

Ransomware Government Insurance Manufacturing 114

Security Affairs

AUGUST 25, 2023

China-linked APT group Flax Typhoon targeted dozens of organizations in Taiwan as part of a suspected espionage campaign. The group relies on tools built into the operating system, along with some legitimate software. The group primarily relies on living-off-the-land techniques and hands-on-keyboard activity.

Manufacturing 91

Manufacturing Education Access Government 91

Synergis Software

JANUARY 9, 2019

Automobile manufacturer Audi is using its A4 Limousine, a low-production model, as a proving ground for process innovation research. One large steel frame section of the A4 has always been difficult to manufacture, so the research team decided to try 3D printing. His company currently has three basic uses for 3D printing.

Manufacturing 58

Manufacturing IT 58

Security Affairs

SEPTEMBER 23, 2020

Researchers from threat hunting and intelligence firm Group-IB have detected a successful attack by a ransomware gang tracked as OldGremlin. Group-IB , a global threat hunting and intelligence company headquartered in Singapore, has detected a successful attack by a ransomware gang, codenamed OldGremlin. Unsought invoice.

Ransomware 108

Ransomware Phishing Encryption Authentication 108

Security Affairs

FEBRUARY 20, 2024

Lockbit ransomware group administrative staff has confirmed with us their websites have been seized. pic.twitter.com/SvpbeslrCd — vx-underground (@vxunderground) February 19, 2024 The operation led to the arrest of two members of the ransomware gang in Poland and Ukraine and the seizure of hundreds of crypto wallets used by the group.

Energy and Utilities 109

Energy and Utilities Ransomware Manufacturing Agriculture 109

Security Affairs

APRIL 19, 2024

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Energy and Utilities 107

Energy and Utilities Communications Military Manufacturing 107

Security Affairs

FEBRUARY 19, 2024

Lockbit ransomware group administrative staff has confirmed with us their websites have been seized. In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. According to a joint report published by US authorities and international peers, the total of U.S. on January 5, 2020.

Energy and Utilities 114

Energy and Utilities Ransomware Agriculture Financial Services 114

Security Affairs

FEBRUARY 21, 2024

. “The Department of State is announcing reward offers totaling up to $15 million for information leading to the arrest and/or conviction of any individual participating in a LockBit ransomware variant attack and for information leading to the identification and/or location of any key leaders of the LockBit ransomware group.”

Energy and Utilities 97

Energy and Utilities Ransomware Agriculture Manufacturing 97

Security Affairs

DECEMBER 12, 2023

North Korea-linked APT group Lazarus was spotted exploiting Log4j vulnerabilities to deploy previously undocumented remote access trojans. The North Korea-linked APT group Lazarus is behind a new hacking campaign that exploits Log4j vulnerabilities to deploy previously undocumented remote access trojans (RATs).

Agriculture 110

Agriculture Data collection Access Manufacturing 110

Security Affairs

SEPTEMBER 23, 2023

MILES/CBS NEWS TEXAS The Royal ransomware group is behind the attack and threatens to publish stolen data if the City will not meet its ransom demand. Once obtained access to the City’s network, the group performed reconnaissance and information-gathering activities using legitimate third-party remote management tools.

Ransomware 113

Ransomware Encryption Systems administration Cybersecurity 113

Security Affairs

DECEMBER 14, 2023

Russia-linked cyber espionage group APT29 has been targeting JetBrains TeamCity servers since September 2023. Experts warn that the Russia-linked APT29 group has been observed targeting JetBrains TeamCity servers to gain initial access to the targets’ networks. The group used WMIC to facilitate lateral movement.

Authentication 107

Authentication Military Access Manufacturing 107

Security Affairs

FEBRUARY 27, 2024

A BlackCat ransomware attack hit UnitedHealth Group subsidiary Optum causing an outage impacting the Change Healthcare payment exchange platform. A ransomware attack hit the UnitedHealth Group subsidiary Optum leading to an outage impacting the Change Healthcare payment exchange platform. ” reads the Reuters.

Ransomware 99

Ransomware Government Insurance Manufacturing 99

Security Affairs

MARCH 5, 2019

A cyber-espionage group, tracked as APT40, apparently linked to the Chinese government is focused on targeting countries important to the country’s Belt and Road Initiative. The cyber-espionage group tracked as APT40 (aka TEMP. Periscope , TEMP. ” reads the analysis published by FireEye. ” continues the analysis.

Phishing 86

Phishing Passwords Manufacturing Government 86

IT Governance

FEBRUARY 14, 2024

TB JP Original Corp Source New Manufacturing USA Yes 1.2 TB JP Original Corp Source New Manufacturing USA Yes 1.2 TB JP Original Corp Source New Manufacturing USA Yes 1.2 TB JP Original Corp Source New Manufacturing USA Yes 1.2 TB KSA Architecture Source New Construction and real estate USA Yes 1.5

Data Privacy 52

Data Privacy Manufacturing Privacy Security 52

Security Affairs

DECEMBER 13, 2023

The group managed to maintain access without being detected for as long as possible. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Communications 119

Communications Manufacturing Education Government 119

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. Every 30 seconds, ActionSpy will collect basic device information, including IMEI, phone number, manufacturer, battery status, and send it to the C&C server. Pierluigi Paganini.

Phishing 69

Phishing Encryption Manufacturing Access 69

Security Affairs

JULY 23, 2019

ESET researchers reported that China-linked cyberespionage group APT15 has been using a previously undocumented backdoor for more than two years. Experts discovered that since December 2016, the APT15 group has been using the previously undocumented backdoor dubbed Okrum. ” reads the report published by ESET.

Communications 93

Communications Manufacturing Encryption Security 93

Security Affairs

NOVEMBER 16, 2018

According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world. Espionage as one of the main APT groups’ goals.

Phishing 88

Phishing Manufacturing Marketing Blockchain 88

IT Governance

FEBRUARY 21, 2024

Source New Manufacturing USA Yes 20,415 TECA Srl Source New Transport Italy Yes 16.7 Known records breached Zenlayer Source New Telecoms USA Yes 384,658,212 ASA Electronics Source New Engineering USA Yes 2.7 Known records breached Zenlayer Source New Telecoms USA Yes 384,658,212 ASA Electronics Source New Engineering USA Yes 2.7

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52