2022, Information Security, IT and Manufacturing

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Security Affairs

DECEMBER 1, 2023

The Black Basta ransomware gang infected over 300 victims accumulating ransom payments exceeding $100 million since early 2022. The Black Basta ransomware group has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. ” reads the Elliptic’s report.

Ransomware

Ransomware Blockchain Retail Insurance

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

Source (New) Transport USA Yes 3,815 Okta Source 1 ; source 2 (Update) Cyber security USA Yes 3,800 Shah Dixit & Associates, P.C. We also found 14 organisations providing a significant update on a previously disclosed incident. Organisation(s) Sector Location Data breached? TB Paysign, Inc. TB Paysign, Inc.

Data Privacy

Data Privacy Privacy Security Data breaches

Ransomware attacks break records in 2023: the number of victims rose by 128%

Security Affairs

JANUARY 19, 2024

According to the Ransomlooker tool, the number of ransomware attack victims increased by 128.17% compared to the previous year (2022), with 1837 additional incidents. The top 10 groups, based on the number of victims, collectively account for 59% of the total victims in 2023. LockBit remained the most active group through 2023.

Ransomware

Ransomware Manufacturing Retail Insurance

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs

OCTOBER 19, 2023

In March 2022, the US Federal Bureau of Investigation (FBI) and CISA published a flash alert to warn that the Ragnar Locker ransomware gang breached the networks of at least 52 organizations across 10 critical infrastructure sectors. “As

Ransomware

Ransomware Financial Services Manufacturing Government

LockBit ransomware gang leaked data stolen from Boeing

Security Affairs

NOVEMBER 13, 2023

The Boeing Company, commonly known as Boeing, is one of the world’s largest aerospace manufacturers and defense contractors. In 2022, Boeing recorded $66.61 billion in sales, the aerospace giant has 156,000 (2022). At the end of October, the Lockbit ransomware group added Boeing to the list of victims on its Tor leak site.

Ransomware

Ransomware Authentication Manufacturing Sales

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Security Affairs

MARCH 8, 2022

The US Federal Bureau of Investigation (FBI) and CISA published a flash alert to warn that the Ragnar Locker ransomware gang has breached the networks of at least 52 organizations across 10 critical infrastructure sectors. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Ransomware

Ransomware Passwords Financial Services Manufacturing

Qualcomm Snapdragon flaws impact Lenovo, Microsoft, Lenovo, and Samsung devices

Security Affairs

JANUARY 9, 2023

Qualcomm January 2023 security bulletin addressed 22 software vulnerabilities in its Snapdragon suite. The most severe flaw is an integer overflow to buffer overflow in Automotive tracked as CVE-2022-33219 (CVSS Score 9.3). CVE-2022-33265 (CVSS Score 7.3) – the flaw is an Information exposure in Powerline Communication Firmware.

Communications

Communications Manufacturing Security IT

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

IT Governance

APRIL 29, 2024

Source (New) Manufacturing Taiwan Yes 4,715,133 Mustafa Centre Source 1 ; source 2 (Update) Retail Singapore Yes >3,5000,000 TRAXERO Source (New) Software USA Yes 2,634,753 Piping Rock Health Products Source 1 ; source 2 ; source 3 (New) Manufacturing USA Yes 2,103,100 FBCS, Inc. iSharing is used by more than 35 million users.

Data Privacy

Data Privacy Privacy Manufacturing Security

French authorities arrested a Russian national for his role in the Hive ransomware operation

Security Affairs

DECEMBER 14, 2023

The threat actors behind the Hive RaaS have extorted $100 million in ransom payments from over 1,300 companies worldwide as of November 2022, reported the U.S. According to a report published by blockchain analytics company Chainalysis, the Hive operation is one of the top 10 ransomware strains by revenue in 2021.

Ransomware

Ransomware Blockchain Manufacturing Analytics

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Security Affairs

JUNE 6, 2024

The FBI is informing victims of LockBit ransomware it has obtained over 7,000 LockBit decryption keys that could allow some of them to decrypt their data. ” said Bryan Vorndran, the Assistant Director at the FBI Cyber Division, during the 2024 Boston Conference on Cyber Security. continues the NCA.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Encryption

Hive Ransomware Tor leak site apparently seized by law enforcement

Security Affairs

JANUARY 26, 2023

The Tor leak site used by Hive ransomware operators has been seized as part of an international operation conducted by law enforcement in 10 countries. The threat actors behind the Hive ransomware -as-a-service (RaaS) have extorted $100 million in ransom payments from over 1,300 companies worldwide as of November 2022, reported the U.S.

Ransomware

Ransomware Blockchain Manufacturing Analytics

Law enforcement arrested 31 suspects for stealing cars by hacking key fobs

Security Affairs

OCTOBER 18, 2022

“As a result of a coordinated action carried out on 10 October in the three countries involved, 31 suspects were arrested. The police operation took place on October 10, 2022, arrested suspects are from across 22 locations in the three nations. .” reads the press release published by Europol.

Manufacturing

Manufacturing Marketing Security Information Security

Ukraine’s intelligence service hacked Russia’s Federal Air Transport Agency, Rosaviatsia

Security Affairs

NOVEMBER 27, 2023

In the same period in 2022, 50 such incidents were recorded. As of March 2022, Russia had about 820 foreign-made civilian aircraft. The leader here was the Russian short-haul aircraft “dry superjet” – 34 emergency cases. In the first 9 months of 2023, 150 cases of aircraft malfunctions were recorded in Russia.

Military

Military Manufacturing Government Authentication

Witchetty APT used steganography in attacks against Middle East entities

Security Affairs

OCTOBER 1, 2022

The cyber espionage group Witchetty (aka LookingFrog) was first spotted by cybersecurity firm ESET in April 2022, the experts argue it is a sub-group of the China-linked TA410 group (aka APT10, Cicada, Stone Panda, and TA429)). ” reads the analysis published by Broadcom’s Symantec Threat Hunter researchers.

Manufacturing

Manufacturing Government Cybersecurity IT

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

Security Affairs

FEBRUARY 28, 2024

The advisory updates to the FBI FLASH BlackCat/ALPHV Ransomware Indicators of Compromise released on April 19, 2022 and on December 19, 2023. Department of State announced a reward of up to $10 million for information leading to the identification or location of the key figures behind the ALPHV/Blackcat ransomware operation.

Ransomware

Ransomware Government Insurance Manufacturing

Security Affairs newsletter Round 357 by Pierluigi Paganini

Security Affairs

MARCH 13, 2022

CVE-2022-0492 flaw in Linux Kernel cgroups feature allows container escape Charities and NGOs providing support in Ukraine hit by malware. Is it fake news? Follow me on Twitter: @securityaffairs and Facebook.

Security

Security Data breaches Ransomware Manufacturing

GoDaddy discloses a new data breach

Security Affairs

FEBRUARY 18, 2023

GoDaddy discloses a security breach, threat actors have stolen source code and installed malware on its servers in a long-runing attack. The security breach was discovered in December 2022 after customer reported that their sites were being used to redirect to random domains. ” reads a FORM- 10-K filed with SEC.

Data breaches

Data breaches Military Manufacturing Libraries

New RA Group ransomware gang is the latest group using leaked Babuk source code

Security Affairs

MAY 15, 2023

Compromised organizations operate in different business verticals, including manufacturing, wealth management, insurance providers, and pharmaceuticals. Like other ransomware operations, the RA Group also uses a double extortion model and runs a date leak site. “This actor is expanding its operations at a fast pace. We are in the final!

Ransomware

Ransomware Encryption Healthcare Insurance

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The campaign has been active since at least September 2022, most of the infections have been observed in Argentina (34,8%), followed by Australia (23,2%). “The main payload itself is packed with more than 10 layers for obfuscation and is capable of delivering a fake payload once it detects sandboxing and security analytics tools.”

Government

Government Communications Ransomware Manufacturing

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The campaign has been active since at least September 2022, most of the infections have been observed in Argentina (34,8%), followed by Australia (23,2%). “The main payload itself is packed with more than 10 layers for obfuscation and is capable of delivering a fake payload once it detects sandboxing and security analytics tools.”

Government

Government Communications Ransomware Manufacturing

Hive Ransomware extorted over $100M in ransom payments from over 1,300 companies

Security Affairs

NOVEMBER 18, 2022

Hive ransomware operators have extorted over $100 million in ransom payments from over 1,300 companies worldwide as of November 2022. The threat actors behind the Hive ransomware -as-a-service (RaaS) have extorted $100 million in ransom payments from over 1,300 companies worldwide as of November 2022, reported the U.S. key files.

Ransomware

Ransomware Blockchain Manufacturing Analytics

Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital

Security Affairs

SEPTEMBER 9, 2023

Today we are posting the first batch of MYMC internal files, you can find among those a lot of personal information, internal emails, finances, medical cards and more of highly sensitive data. The cybercrime group claims to have stolen 1 TB of data from the hospital and threatens to leak it. Come on guys, seriously?

Ransomware

Ransomware Phishing Encryption Financial Services

Information Management Today

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

Trending Sources

Ransomware attacks break records in 2023: the number of victims rose by 128%

Law enforcement operation seized Ragnar Locker group’s infrastructure

LockBit ransomware gang leaked data stolen from Boeing

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Qualcomm Snapdragon flaws impact Lenovo, Microsoft, Lenovo, and Samsung devices

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

French authorities arrested a Russian national for his role in the Hive ransomware operation

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Hive Ransomware Tor leak site apparently seized by law enforcement

Law enforcement arrested 31 suspects for stealing cars by hacking key fobs

Ukraine’s intelligence service hacked Russia’s Federal Air Transport Agency, Rosaviatsia

Witchetty APT used steganography in attacks against Middle East entities

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

Security Affairs newsletter Round 357 by Pierluigi Paganini

GoDaddy discloses a new data breach

New RA Group ransomware gang is the latest group using leaked Babuk source code

Raspberry Robin malware used in attacks against Telecom and Governments

Raspberry Robin malware used in attacks against Telecom and Governments

Hive Ransomware extorted over $100M in ransom payments from over 1,300 companies

Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital

Stay Connected