Manufacturing, Ransomware and Tools - Information Management Today

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

Krebs on Security

FEBRUARY 20, 2024

authorities have seized the darknet websites run by LockBit , a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Investigators used the existing design on LockBit’s victim shaming website to feature press releases and free decryption tools.

Ransomware

Ransomware Encryption Insurance Manufacturing

How 'Mespinoza' Ransomware Group Hits Targets

Data Breach Today

JULY 16, 2021

Palo Alto Networks Report Describes Tactics of Group Leveraging Open-Source Tools The gang behind the ransomware strain known as Mespinoza, aka PYSA, is targeting manufacturers, schools and others, mainly in the U.S. million, according to Palo Alto Networks' Unit 42, which says the group leverages open-source tools.

Ransomware

Ransomware Manufacturing

Researchers Quietly Cracked Zeppelin Ransomware Keys

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. There are multiple examples of ransomware groups doing just that after security researchers crowed about finding vulnerabilities in their ransomware code.

Ransomware

Ransomware Encryption Manufacturing Phishing

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Ransomware attacks break records in 2023: the number of victims rose by 128%

Security Affairs

JANUARY 19, 2024

Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. According to the Ransomlooker tool, the number of ransomware attack victims increased by 128.17% compared to the previous year (2022), with 1837 additional incidents. Winter was the least active time (14.6%

Ransomware

Ransomware Manufacturing Retail Insurance

Sierra Wireless halted production at its manufacturing sites due to ransomware attack

Security Affairs

MARCH 23, 2021

This week, IoT company Sierra Wireless disclosed a ransomware attack that hit its internal IT systems on March 20 and disrupted its production. Sierra Wireless is a Canadian multinational wireless communications equipment designer and manufacturer headquartered in Richmond, British Columbia, Canada. ” . . Pierluigi Paganini.

Manufacturing

Manufacturing Ransomware IT IoT

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks against organizations across multiple industry sectors. ” reads the joint advisory.

Ransomware

Ransomware Manufacturing Education Passwords

Manufacturing Sees Rising Ransomware Threat

Dark Reading

NOVEMBER 12, 2020

Crypto-ransomware groups are increasingly adopting malware and tools that can probe and attack operational technology, such as industrial control systems, according to an assessment of current threats.

Manufacturing

Manufacturing Ransomware

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

Security Affairs

FEBRUARY 28, 2024

healthcare organizations of targeted ALPHV/Blackcat ransomware attacks. healthcare organizations of targeted attacks conducted by ALPHV/Blackcat ransomware attacks. The advisory updates to the FBI FLASH BlackCat/ALPHV Ransomware Indicators of Compromise released on April 19, 2022 and on December 19, 2023.

Ransomware

Ransomware Government Insurance Manufacturing

New Linux Ransomware BlackSuit is similar to Royal ransomware

Security Affairs

JUNE 3, 2023

Experts noticed that the new Linux ransomware BlackSuit has significant similarities with the Royal ransomware family. Royal ransomware is one of the most notable ransomware families of 2022, it made the headlines in early May 2023 with the attack against the IT systems in Dallas, Texas. Extension: blacksuit.

Ransomware

Ransomware Encryption File names Cybersecurity

US pharmacy outage caused by Blackcat ransomware attack on Optum Solutions

Security Affairs

FEBRUARY 27, 2024

A BlackCat ransomware attack hit UnitedHealth Group subsidiary Optum causing an outage impacting the Change Healthcare payment exchange platform. A ransomware attack hit the UnitedHealth Group subsidiary Optum leading to an outage impacting the Change Healthcare payment exchange platform. ” reads the Reuters.

Ransomware

Ransomware Government Insurance Manufacturing

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

The City of Dallas revealed that the Royal ransomware gang that hit the city system in May used a stolen account. In May 2023, a ransomware attack hit the IT systems at the City of Dallas , Texas. CBS News Texas obtained an image the ransomware note dropped by the malware on the infected systems. ” reads the report.

Ransomware

Ransomware Encryption Systems administration Cybersecurity

Holy Ghost ransomware operation is linked to North Korea

Security Affairs

JULY 15, 2022

Microsoft researchers linked the Holy Ghost ransomware (H0lyGh0st) operation to North Korea-linked threat actors. The Microsoft Threat Intelligence Center (MSTIC) researchers linked the activity of the Holy Ghost ransomware (H0lyGh0st) operation to a North Korea-linked group they tracked as DEV-0530. ” concludes Microsoft.

Ransomware

Ransomware Encryption Government Manufacturing

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Security Affairs

DECEMBER 19, 2023

The Federal Bureau of Investigation (FBI) announced the seizure of the Tor leak site of the AlphV/Blackcat ransomware group. The FBI seized the Tor leak site of the AlphV/Blackcat ransomware group and replaced the home page with the announcement of the seizure. the fashion giant Moncler , the Swissport , NCR , and Western Digital. .

Ransomware

Ransomware IT Access Manufacturing

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

The LockBit ransomware group successfully extorted roughly $91 million from approximately 1,700 U.S. According to a joint advisory published by cybersecurity agencies, the LockBit ransomware group has successfully extorted roughly $91 million in about 1,700 attacks against U.S. organizations since 2020. organizations since 2020.

Ransomware

Ransomware Cybersecurity Agriculture Education

Manufacturing needs to adopt a Zero Trust approach to mitigate increased cyber threats

Thales Cloud Protection & Licensing

OCTOBER 19, 2022

Manufacturing needs to adopt a Zero Trust approach to mitigate increased cyber threats. Long gone is the time when manufacturing systems and operations were siloed from the Internet and, therefore, were not a cybersecurity target. Thu, 10/20/2022 - 06:20. Survey’s key findings.

Manufacturing

Manufacturing Encryption Cloud IoT

The U.S. CISA and FBI warn of Royal ransomware operation

Security Affairs

MARCH 3, 2023

Cybersecurity and Infrastructure Security Agency (CISA) is warning of the capabilities of the recently emerged Royal ransomware. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars. ” reads the alert.

Ransomware

Ransomware Encryption Cybersecurity Communications

Ransomware at IT Services Provider Synoptek

Krebs on Security

DECEMBER 27, 2019

Synoptek , a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. A now-deleted Tweet from Synoptek on Dec. A now-deleted Tweet from Synoptek on Dec.

Ransomware

Ransomware IT Phishing Financial Services

Best Ransomware Removal and Recovery Services

eSecurity Planet

OCTOBER 5, 2021

Malware has been around for nearly 40 years, longer even than the World Wide Web, but ransomware is a different kind of threat, capable of crippling a company and damaging or destroying its critical data. Zero trust is an important new tool to add to all that, essentially walling off your most important data. Ransomware removal tools.

Ransomware

Ransomware Encryption Cybersecurity Insurance

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Security Affairs

DECEMBER 4, 2021

The FBI has revealed that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. A flash alert published by the FBI has reported that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. ” states the alert.

Ransomware

Ransomware Encryption Communications Manufacturing

City of Dallas shut down IT services after ransomware attack

Security Affairs

MAY 4, 2023

The City of Dallas, Texas, was hit by a ransomware attack that forced it to shut down some of its IT systems. The IT systems at the City of Dallas, Texas, have been targeted by a ransomware attack. However, CBS News Texas obtained an image the ransomware note dropped by the malware on the infected systems. Source J.D.

Ransomware

Ransomware IT Encryption Education

FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks

Security Affairs

MAY 11, 2021

The FBI and Australian Australian Cyber Security Centre (ACSC) warn of an ongoing Avaddon ransomware campaign targeting organizations worldwide. “The Australian Cyber Security Centre (ACSC) is aware an ongoing ransomware campaign utilising the Avaddon Ransomware malware. . ” reads the alert published by ACSC.

Ransomware

Ransomware Manufacturing Phishing Encryption

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Security Affairs

DECEMBER 19, 2023

The Federal Bureau of Investigation (FBI) announced the seizure of the Tor leak site of the AlphV/Blackcat ransomware group. The FBI seized the Tor leak site of the AlphV/Blackcat ransomware group and replaced the home page with the announcement of the seizure. the fashion giant Moncler , the Swissport , NCR , and Western Digital. .

Ransomware

Ransomware IT Access Manufacturing

Hive Ransomware Tor leak site apparently seized by law enforcement

Security Affairs

JANUARY 26, 2023

The leak site of the Hive ransomware gang was seized due to an international operation conducted by law enforcement in ten countries. The Tor leak site used by Hive ransomware operators has been seized as part of an international operation conducted by law enforcement in 10 countries. cybersecurity and intelligence authorities.

Ransomware

Ransomware Blockchain Manufacturing Analytics

A Russian national charged for committing LockBit Ransomware attacks

Security Affairs

JUNE 16, 2023

DoJ charged a Russian national with conspiring to carry out LockBit ransomware attacks against U.S. The Justice Department announced charges against the Russian national Ruslan Magomedovich Astamirov (20) for his role in numerous LockBit ransomware attacks against systems in the United States, Asia, Europe, and Africa.

Ransomware

Ransomware Agriculture Education Government

FBI published a flash alert on Mamba Ransomware attacks

Security Affairs

MARCH 26, 2021

The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. Mamba ransomware is one of the first malware that encrypted hard drives rather than files that was detected in public attacks. ” continues the alert.

Ransomware

Ransomware Encryption File names Passwords

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

An international law enforcement operation codenamed ‘Operation Cronos’ led to the disruption of the LockBit ransomware operation. A joint law enforcement action, code-named Operation Cronos, conducted by law enforcement agencies from 11 countries has disrupted the LockBit ransomware operation. on January 5, 2020.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

Cuba Ransomware received over $60M in Ransom payments as of August 2022

Security Affairs

DECEMBER 2, 2022

Cuba ransomware gang received more than $60 million in ransom payments related to attacks against 100 entities worldwide as of August 2022. The threat actors behind the Cuba ransomware (aka COLDDRAW, Tropical Scorpius ) have demanded over 145 million U.S. “Since spring 2022, Cuba ransomware actors have expanded their TTPs.

Ransomware

Ransomware Financial Services Manufacturing Phishing

Avaddon ransomware gang shuts down their operations and releases decryption keys

Security Affairs

JUNE 11, 2021

The Avaddon ransomware gang has shut down its operations and released the decryption keys to allow victims to recover their files for free. Good news for the victims of the Avaddon ransomware gang , the cybercrime group has shut down its operations and provided the decryption keys to BleepingComputer website. Do not pay.

Ransomware

Ransomware Passwords Manufacturing Archiving

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Security Affairs

MARCH 16, 2021

Microsoft released an Exchange On-premises Mitigation Tool (EOMT) tool to small businesses for the fix of ProxyLogon vulnerabilities. Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). ” reads the post published by Microsoft.

Military

Military Manufacturing Access Security

Connecting the Bots – Hancitor fuels Cuba Ransomware Operations

Security Affairs

MAY 7, 2021

The Cuba Ransomware gang has partnered with the crooks behind the Hancitor malware in attacks aimed at corporate networks. Group-IB Threat Intelligence & Attribution team found that Hancitor is being actively used by the threat actors to deploy Cuba ransomware. Cuba ransomware has been active since at least January 2020.

Ransomware

Ransomware Education Manufacturing Healthcare

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

government offers rewards of up to $15 million for information that could lead to the identification or location of LockBit ransomware gang members and affiliates. According to the press release published by the Department of State , the Lockbit ransomware operators carried out over 2,000 attacks against victims worldwide since January 2020.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

US gov offers a reward of up to $10M for info on ALPHV/Blackcat gang leaders

Security Affairs

FEBRUARY 16, 2024

government offers rewards of up to $10 million for information that could lead to the identification or location of ALPHV/Blackcat ransomware gang leaders. Department of State is offering a reward of up to $10 million for information leading to the identification or location of the key figures behind the ALPHV/Blackcat ransomware operation.

Ransomware

Ransomware Government Manufacturing Access

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Security Affairs

AUGUST 10, 2021

A new variant of the eCh0raix ransomware is able to target Network-Attached Storage (NAS) devices from both QNAP and Synology vendors. A newly variant of the eCh0raix ransomware is able to infect Network-Attached Storage (NAS) devices from Taiwanese vendors QNAP and Synology. ” reads the report published by Palo Alto Researchers.

Ransomware

Ransomware Encryption Passwords Manufacturing

Hades ransomware gang targets big organizations in the US

Security Affairs

MARCH 26, 2021

Experts discovered that threat actors targeted a large US transportation & logistics organization, a large US consumer products organization, and a global manufacturing organization. Researchers from Crowdstrike speculate that the new variant is a successor to WastedLocker ransomware and linked the operations to Evil Corp operations.

Ransomware

Ransomware Encryption File names Manufacturing

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Security Affairs

AUGUST 13, 2022

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI are warning of Zeppelin ransomware attacks. The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have published a joint advisory to warn of Zeppelin ransomware attacks. The ransomware can be deployed as a

Ransomware

Ransomware Encryption Communications Manufacturing

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

Law enforcement provided additional details about the international Operation Cronos that led to the disruption of the Lockbit ransomware operation. Yesterday, a joint law enforcement action, code-named Operation Cronos , conducted by law enforcement agencies from 11 countries disrupted the LockBit ransomware operation.

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

US Treasury warns of ransomware attacks on COVID-19 vaccine research

Security Affairs

DECEMBER 29, 2020

The US Treasury Department’s Financial Crimes Enforcement Network (FinCEN) warns of ransomware attacks on COVID-19 vaccine research organizations. FinCEN urges financial institutions to remain vigilant on ransomware attacks targeting COVID-19 vaccine delivery operations as well as the supply chains the development of the vaccines.

Ransomware

Ransomware Sales Manufacturing Phishing

A new piece of Snake Ransomware targets ICS processes

Security Affairs

JANUARY 28, 2020

The recently discovered Snake Ransomware has been targeting processes and files associated with industrial control systems (ICS). Security experts from SentinelOne reported that the recently discovered Snake Ransomware has been targeting processes and files associated with industrial control systems (ICS).

Ransomware

Ransomware Energy and Utilities Manufacturing Encryption

At least 31 US Businesses targeted with WastedLocker Ransomware

Security Affairs

JUNE 29, 2020

Tens of organizations in the United States have been targeted with the recently discovered WastedLocker ransomware. Security experts from Symantec reported that at least 31 organizations in the United States have been targeted with the recently discovered WastedLocker ransomware. SecurityAffairs – hacking, WastedLocker ransomware).

Ransomware

Ransomware Manufacturing Access Security

US CISA and FBI publish joint alert on DarkSide ransomware

Security Affairs

MAY 13, 2021

FBI and DHS’s CISA have published a joint alert on DarkSide ransomware activity after the disruptive attack on Colonial Pipeline. FBI and DHS’s CISA have published a joint alert to warn of ransomware attacks conducted by the DarkSide group. The group provides Ransomware-as-a-Service (RaaS) to a network of affiliates.

Ransomware

Ransomware Phishing Encryption Risk

Ransomware Group Ragnar Locker Threatens Data Leaks if Law Enforcement Contacted

eSecurity Planet

SEPTEMBER 8, 2021

The cybercriminal gang behind the Ragnar Locker ransomware attacks is threatening victims that it will go public with data captured in an attack if they contact law enforcement agencies or hire negotiators. The warning was first reported by Bleeping Computer. To Pay or Not to Pay?

Ransomware

Ransomware Manufacturing Risk Encryption

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Security Affairs

NOVEMBER 20, 2020

The QakBot banking trojan has dropped the ProLock ransomware, they are now opting for the Egregor ransomware in their operations. Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has discovered that QakBot (aka Qbot) operators have abandoned ProLock for Egregor ransomware. Inside Egregor.

Ransomware

Ransomware Retail Encryption Manufacturing

Security Affairs newsletter Round 377

Security Affairs

AUGUST 7, 2022

affiliate sideloads Cobalt Strike through Windows Defender Gootkit AaaS malware is still active and uses updated tactics Austria investigates DSIRF firm for allegedly developing Subzero spyware ALPHV/BlackCat ransomware gang claims to have stolen data from Creos Luxembourg S.A.

Security

Security Manufacturing Passwords Ransomware

Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days

Security Affairs

DECEMBER 21, 2022

CyberNews researchers reported that Ecco, a global shoe manufacturer and retailer, exposed millions of documents. Ecco, a global shoe manufacturer and retailer, exposed millions of documents. Original post @ [link]. It’s no use carrying an umbrella if your shoes are leaking, an old Irish proverb says.

Retail

Retail Manufacturing Sales Phishing

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

How 'Mespinoza' Ransomware Group Hits Targets

Webinars

Trending Sources

Researchers Quietly Cracked Zeppelin Ransomware Keys

Webinars

Ransomware attacks break records in 2023: the number of victims rose by 128%

Sierra Wireless halted production at its manufacturing sites due to ransomware attack

FBI and CISA warn of attacks by Rhysida ransomware gang

Manufacturing Sees Rising Ransomware Threat

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

New Linux Ransomware BlackSuit is similar to Royal ransomware

US pharmacy outage caused by Blackcat ransomware attack on Optum Solutions

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Holy Ghost ransomware operation is linked to North Korea

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Cybersecurity agencies published a joint LockBit ransomware advisory

Manufacturing needs to adopt a Zero Trust approach to mitigate increased cyber threats

The U.S. CISA and FBI warn of Royal ransomware operation

Ransomware at IT Services Provider Synoptek

Best Ransomware Removal and Recovery Services

Cuba ransomware gang hacked 49 US critical infrastructure organizations

City of Dallas shut down IT services after ransomware attack

FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Hive Ransomware Tor leak site apparently seized by law enforcement

A Russian national charged for committing LockBit Ransomware attacks

FBI published a flash alert on Mamba Ransomware attacks

Operation Cronos: law enforcement disrupted the LockBit operation

Cuba Ransomware received over $60M in Ransom payments as of August 2022

Avaddon ransomware gang shuts down their operations and releases decryption keys

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Connecting the Bots – Hancitor fuels Cuba Ransomware Operations

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

US gov offers a reward of up to $10M for info on ALPHV/Blackcat gang leaders

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Hades ransomware gang targets big organizations in the US

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

More details about Operation Cronos that disrupted Lockbit operation

US Treasury warns of ransomware attacks on COVID-19 vaccine research

A new piece of Snake Ransomware targets ICS processes

At least 31 US Businesses targeted with WastedLocker Ransomware

US CISA and FBI publish joint alert on DarkSide ransomware

Ransomware Group Ragnar Locker Threatens Data Leaks if Law Enforcement Contacted

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Security Affairs newsletter Round 377

Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days

Stay Connected