Georgia Wire Manufacturer Struck by Ransomware

Data Breach Today

Southwire Says It's Bringing Systems Back Online A large Atlanta-area manufacturer of wire and cable says it has brought some systems back online after what appears to be a ransomware infection.

Tesla, SpaceX Parts Manufacturer Suffers Data Breach

Dark Reading

Visser Precision has confirmed a security incident likely caused by the data-stealing DoppelPaymer ransomware

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Ransomware at IT Services Provider Synoptek

Krebs on Security

Synoptek , a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. Ransomware rEvil Sodinokibi Synoptek

How a Manufacturing Firm Recovered from a Devastating Ransomware Attack

Dark Reading

The infamous Ryuk ransomware slammed a small company that makes heavy-duty vehicle alternators for government and emergency fleet. Here's what happened

Who’s Behind the GandCrab Ransomware?

Krebs on Security

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims.

Ransomware Attack Costs Norsk Hydro $40 Million - So Far

Data Breach Today

Norwegian Aluminum Maker Still Fighting LockerGoga Ransomware Attack Norsk Hydro reports that a March 18 ransomware attack has already cost the aluminum manufacturer more than $40 million, and the company continues to bring its systems back online

LockerGoga Ransomware Suspected in Two More Attacks

Data Breach Today

Chemical Manufacturers Hexion and Momentive Still Recovering from Cyberattacks A pair of U.S.

EVRAZ operations in North America disrupted by Ryuk ransomware

Security Affairs

Computer systems at EVRAZ, a multinational vertically integrated steel making and mining company, have been hit by Ryuk ransomware. According to ZDnet, the systems at the company have been infected with a strain of the Ryuk ransomware.

Ransomware: A Persistent Scourge Requiring Corporate Action Now

Threatpost

ASCO is the latest headline-making organization to be hit by ransomware, prompting many companies to consider what to do to minimize their risk.

The City of Durham shut down its network after Ryuk Ransomware attack

Security Affairs

The City of Durham, North Carolina, was the last victim in order of time of the infamous Ryuk ransomware that infected its systems. The City of Durham, North Carolina was forced to shut down its network after its systems have been infected with the Ryuk Ransomware during the weekend.

Maze Ransomware Victim Sues Anonymous Attackers

Data Breach Today

Southwire Also Obtains Irish Court Injunction, Forcing Blackmail Site Offline The Maze gang crypto-locked Georgia cable and wire manufacturer Southwire's systems and publicly dumped stolen data to try to force it to pay a ransom.

Ransomware Victim Southwire Sues Maze Operators

Dark Reading

Attackers demanded $6 million from the wire and cable manufacturer when they launched a December ransomware campaign

RobbinHood ransomware exploit GIGABYTE driver flaw to kill security software

Security Affairs

The operators behind the infamous RobbinHood ransomware are exploiting a vulnerable GIGABYTE driver to kill antivirus products. Ransomware operators leverage a custom antivirus killing p ackage that is delivered to workstations to disable security solution before starting encryption.

A new piece of Snake Ransomware targets ICS processes

Security Affairs

The recently discovered Snake Ransomware has been targeting processes and files associated with industrial control systems (ICS). The Snake ransomware is written in the Golang programming language and has been used in targeted attacks against businesses worldwide.

A new NAS Ransomware targets QNAP Devices

Security Affairs

Malware researchers at two security firms Intezer and Anomali have discovered a new piece of ransomware targeting Network Attached Storage (NAS) devices. “We have named the ransomware QNAPCrypt , as this is the name the authors have appeared to label the malware.

Norsk Hydro Hit with ‘Severe’ LockerGoga Ransomware Attack

The Security Ledger

Global aluminum manufacturer Norsk Hydro was hit with an alleged ransomware attack Tuesday. The post Norsk Hydro Hit with ‘Severe’ LockerGoga Ransomware Attack appeared first on The Security Ledger. Business critical infrastructure Hacks & Hackers Internet of Things Malware ransomware Technologies Threats Top Stories cyber security cyberattacks Indegy industrial control system LockerGoGo manufacturing Norsk Hydro Rapid7

IoT 40

Ransomware paralyzed production for at least a week at ASCO factories

Security Affairs

Malware infections could be devastating for production environments, a ransomware infection halts production operations for days at airplane parts manufacturer ASCO. ASCO , is of the world’s largest manufacturers of aerospace components.

Hackers infect Linux servers with JungleSec Ransomware via IPMI Remote console

Security Affairs

Since November, a new ransomware called JungleSec has been infecting servers through unsecured IPMI (Intelligent Platform Management Interface) cards. The ransomware was first observed early November. “In one case, the IPMI interface was using the default manufacturer passwords.

Maze Ransomware operators leak 14GB of files stolen from Southwire

Security Affairs

The Maze ransomware gang has released 14GB of files that they claim were stolen from one of its victims, the Southwire cable manufacturer. In December, Maze ransomware operators have released 2GB of files that were allegedly stolen from the City of Pensacola during the recent attack.

MY TAKE: SMBs can do much more to repel ransomware, dilute disinformation campaigns

The Last Watchdog

However, at this moment in history, two particularly worrisome types of cyber attacks are cycling up and hitting local government entities hard: ransomware sieges and election tampering. population 12,046, paid $460,000, respectively, for ransomware decryption keys.

Podcast: The High-Risk Threats Behind the Norsk Hydro Cyberattack

Threatpost

Threatpost talks to Phil Neray with CyberX about Tuesday's ransomware attack on aluminum producer Norsk Hydro, and how it compares to past manufacturing attacks like Triton, WannaCry and more. Critical Infrastructure Hacks Malware Podcasts cyberattack manufacturing cyberattack norsk hydro operational technology ransomware Triton WannaCry

Risk 81

Visser Precision, a part maker for Tesla, Boeing, and Lockheed Martin hit with data-stealing ransomware

Security Affairs

Data-stealing ransomware infected systems at Visser Precision, a parts maker for many enterprises, including Tesla, Boeing, and Lockheed Martin. Visser Precision is a parts maker for many companies in several industries, including aerospace, automotive, industrial and manufacturing.

TSMC Chip Maker confirms its facilities were infected with WannaCry ransomware

Security Affairs

TSMC shared further details on the attack and confirmed that its systems were infected with a variant of the infamous WannaCry ransomware. Early in August, a malware has infected systems at several Taiwan Semiconductor Manufacturing Co.

Special-Purpose Vehicle Maker Aebi Schmidt Hit by Malware

Security Affairs

The Aebi Schmidt Group is a manufacturer of product systems and services for the management, cleaning and clearance of traffic areas as well as for the maintenance of green areas in demanding terrain. “Aebi Schmidt, a European manufacturing giant with operations in the U.S.,

California IT service provider Synoptek pays ransom after Sodinokibi attack

Security Affairs

Synoptek, A California-based IT service provider decided to pay the ransom to decrypt its files after being infected with the Sodinokibi ransomware. The infection took place on December 23, the hackers first compromised the company network then installed the ransomware.

Aluminum producer Norsk Hydro hit by a massive cyber attack

Security Affairs

The company defined the situation “quite severe,” its systems were infected with ransomware and the experts are still working to contain the threat. Breaking News Hacking Malware Security Pierluigi Paganini ransomware Security Affairs

Marcus “MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking Malware

Krebs on Security

media revealed him as the “accidental hero” who inadvertently halted the global spread of WannaCry , a ransomware contagion that had taken the world by storm just days before.

Security Affairs newsletter Round 250

Security Affairs

Ransomware brought down services of popular TV search engine TVEyes. The city of Racine was offline following a ransomware attack. Toll Group shuts down some online systems after ransomware attack. IoT devices at major Manufacturers infected with crypto-miner.

Top cybersecurity Predictions for 2020

Security Affairs

1) Targeted ransomware attacks on the rise. In 2020, we will witness an increase in targeted ransomware attacks. Threat actors behind ransomware campaigns will switch tactics, leveraging access to organizations available for sale in the cybercrime underground.

Security Affairs newsletter Round 236

Security Affairs

Alabama Hospital chain paid ransom to resume operations after ransomware attack. Global Shipping and mailing services firm Pitney Bowes hit by ransomware attack. Winnti Group was planning a devastating supply-chain attack against Asian manufacturer.

Gangnam Industrial Style APT campaign targets industrial firms worldwide

Security Affairs

Experts from the CyberX’s threat intelligence team Section 52 uncovered an ongoing cyberespionage campaign, tracked as Gangnam Industrial Style, that targeted industrial, engineering, and manufacturing organizations, most of them in South Korea (60%).

New TA2101 threat actor poses as government agencies to distribute malware

Security Affairs

A new threat actor, tracked as TA2101, is using email to impersonate government agencies in the United States, Germany, and Italy to multiple families of malware, deliver ransomware, and banking Trojans.

Moody’s to Include Cyber Risk in Credit Ratings

Adam Levin

An organization, for instance, that is involved in manufacturing has a much higher exposure to ransomware than another sector,” Vadala said. The American business and financial services company Moody’s will start factoring risk of getting hacked into their credit ratings for companies. The move is seen as part of a wider initiative to gauge the risk of cyberattacks and data breaches to companies and their investors. “We’ve

Risk 84

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Security Affairs

At least two companies operating in pharmaceutical and manufacturing sectors have been affected. Researchers at Group-IB observed new financially motivated attacks in Western Europe traced to Russian-speaking threat actors.

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

The Last Watchdog

Lucy’s’s software allows companies to easily set-up customizable mock attacks to test employees’ readiness to avoid phishing, ransomware and other attacks with a social engineering component.

These hackers have breached FBI-affiliated websites and leaked data online

Security Affairs

Yesterday I wrote an article to announce the availability of a decryptor for the CryptoPokemon ransomware that was developed by EMSISOFT. The hacker also provided evidence to the journalists to have hacked other websites, including a subdomain belonging to manufacturing company Foxconn.

MY TAKE: Why DDoS weapons will proliferate with the expansion of IoT and the coming of 5G

The Last Watchdog

This attacker easily located IoT devices that used the manufacturers’ default security setting. They are also extending their malicious activities beyond DDoS attacks to also spread ransomware, crypto mine and burrow deep into large enterprises. A couple of high-profile distributed denial-of-service (DDoS) attacks will surely go down in history as watershed events – each for different reasons. Related: IoT botnets now available for economical DDoS blasts.

IoT 209

List of data breaches and cyber attacks in July 2018 – 139,731,894 million records leaked

IT Governance

Cyber attack and ransomware. Mumbai: Ransomware hits Dadar CA’s office, demands payment in bitcoins for decryption. Blue Springs Family Care notifies 44,979 patients after ransomware attack. Long Beach Port terminal hit by ransomware attack.

Security Affairs newsletter Round 183 – News of the week

Security Affairs

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal. 20% discount. Kindle Edition. Paper Copy.

QSnatch malware already infected thousands of QNAP NAS devices

Security Affairs

A new piece of malware dubbed QSnatch is infecting thousands of NAS devices manufactured by the Taiwanese vendor QNAP. The ransomware, tracked by Intezer as “ QNAPCrypt ” and “ eCh0raix ” by Anomali, is written in the Go programming language and uses AES encryption to encrypt files. .