Maze ransomware operators stole data from US military contractor Westech

Security Affairs

Hackers have stolen confidential documents from the US military contractor Westech, which provides critical support for US Minuteman III nuclear deterrent. MAZE ransomware operators have stolen sensitive data from Westech, a company that supports the US Minuteman III nuclear deterrent. Then the attackers started leaking the files online to force the victim into paying the ransomware. SecurityAffairs – Maze Ransomware, hacking).

U.S. Nuclear Contractor Hit with Maze Ransomware, Data Leaked

Threatpost

Westech International provides maintenance for the Minuteman III nuclear-missile program and runs programs for multiple branches of the military. Government Hacks Malware cyberattack data leak employee information icbm intercontinental ballistic missile maze ransomware military contractor military secrets minuteman iii northrup grubman nuclear arsenal westech international

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Malware Linked to Ryuk Targets Financial & Military Data

Dark Reading

A newly discovered campaign, packing traces of Ryuk ransomware, aims to steal confidential information

A new piece of Ryuk Stealer targets government, military and finance sectors

Security Affairs

A new piece of the Ryuk malware has been improved to steal confidential files related to the military, government, financial statements, and banking. Security experts from MalwareHunterTeam have discovered a new version of the Ryuk Stealer malware that has been enhanced to allow its operators to steal a greater amount of confidential files related to the military, government, financial statements, and banking.

Maze Ransomware operators hacked the Xerox Corporation

Security Affairs

Xerox Corporation is the last victim of the Maze ransomware operators, hackers have encrypted its files and threaten of releasing them. Maze ransomware operators have breached the systems of the Xerox Corporation and stolen files before encrypting them. The company did not disclose the cyberattack, but the Maze ransomware operators published some screenshots that show that a Xerox domain has been encrypted. SecurityAffairs – hacking, Maze Ransomware operators).

Maze Ransomware operators published data from LG and Xerox

Security Affairs

Maze ransomware operators published internal data from LG and Xerox after the company did not pay the ransom. Maze ransomware operators published 50.2 As usual, the Maze ransomware operators threaten the victims to pay the ransom to avoid their data being leaked online.

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

Security Affairs

Experts uncovered a new cyber-espionage campaign, dubbed “ Operation In(ter)receptio n,” aimed at aerospace and military organizations in Europe and the Middle East. Security experts from ESET uncovered a new sophisticated cyber-espionage campaign, dubbed “ Operation In(ter)recepti on ,” aimed at aerospace and military organizations in Europe and the Middle East.

Texas Government Agencies Hit by Ransomware

Adam Levin

The local governments and agencies from twenty-three Texas towns were hit by a coordinated ransomware campaign last week. . The Texas Department of Information Resources (DIR) became aware of the ransomware campaign after being contacted by the municipal governments of several towns that were unable to access critical files. Although the DIR has released few details about the ransomware campaign, they did confirm that it originated from a single “threat actor.”

Did Maze ransomware operators steal 10 GB of data from Canon?

Security Affairs

An internal memo confirms that the prolonged outage suffered by Canon last week was caused by a ransomware infection, Maze operators took credit for it. Maze ransomware operators recently published internal data from LG and Xerox after the company did not pay the ransom.

Maze ransomware gang hacked M&A firm Threadstone Advisors LLP

Security Affairs

Maze ransomware operators hit Threadstone Advisors LLP, a US corporate advisory firm specialising in mergers ‘n’ acquisitions. Threadstone Advisors LLP, a corporate advisory firm specialising in mergers ‘n’ acquisitions, is the last victim of the Maze ransomware operators. MAZE ransomware operators have stolen the data of the company before encrypting its systems and threaten to leak it in case the victim will not pay the ransom.

Maze ransomware operators claim to have breached LG Electronics

Security Affairs

Maze ransomware operators claims to have breached the South Korean multinational electronics company LG Electronics. Researchers at Cyble discovered a data leak of LG Electronics published by Maze ransomware operators. “As part of our regular darkweb monitoring, our researchers came across the data leak of LG Electronics been published by the Maze ransomware operators. Previous victims of the ransomware gang include IT services firms Cognizant and Conduent.

Military documents about MQ-9 Reaper drone leaked on dark web

The Security Ledger

Hackers have put up for sale on the dark web sensitive military documents, some associated with the U.S. military’s MQ-9 Reaper drone aircraft, one of its most lethal and technologically advanced drones, security research firm Recorded Future recently discovered. » Related Stories Fitness apps: Good for your health, not so much for military security Evasive new botnet can take over enterprise devices to steal data, spread ransomware U.S.

Healthcare giant Magellan Health discloses data breach after ransomware attack

Security Affairs

Magellan Health, a for-profit managed health care and insurance firm, was the victim of a ransomware attack. is an American for-profit managed health care company, its customers include health plans and other managed care organizations, employers, labor unions, various military and governmental agencies and third-party administrators. “Magellan was recently the victim of a criminal ransomware attack.

Maze Ransomware gang breached the US chipmaker MaxLinear

Security Affairs

system-on-chip maker MaxLinear disclosed a security incident, Maze ransomware operators infected some of its computing systems in May. system-on-chip maker MaxLinear is the last victim of the Maze ransomware operators, the company revealed that the systems were infected last month, but the threat actors first compromised the company on April 15. Previous victims of the ransomware gang include IT services firms Cognizant and Conduent.

US Govn contractor Electronic Warfare Associates infected with Ryuk ransomware

Security Affairs

The popular US government contractor Electronic Warfare Associates (EWA) has suffered a ransomware attack , the news was reported by ZDNet. L ast week, the US government contractor Electronic Warfare Associates (EWA) has suffered a ransomware attack that also infected its web servers. The encrypted files and ransom note are associated with a Ryuk ransomware infection.

Fitness apps: Good for your health, not so much for military security

The Security Ledger

Fitness apps are proving to be a lot less beneficial to military security than they are for military fitness. That after researchers in the Netherlands discovered that data from the Polar fitness app revealed the homes and habits of those exercising in clandestine locations around the world, including intelligence agencies, military bases, nuclear.

At least 23 Texas local governments targeted by coordinated ransomware attacks

Security Affairs

At least 23 local governments were impacted by a wave of ransomware attacks that according to the experts are the result of a coordinated effort. Texas is the victim of an ongoing wave of ransomware attacks that are targeting local governments. At least 23 local government organizations were impacted by the ransomware attacks, the Department of Information Resources (DIR) is currently investigating them and providing supports to mitigate the attacks.

Report: U.S. Cyber Command Behind Trickbot Tricks

Krebs on Security

A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet , a malware crime machine that has infected millions of computers and is often used to spread ransomware. military’s Cyber Command.

6 Russians Indicted for NotPeyta Campaign, Other Attacks

Data Breach Today

Justice Department unsealed indictments against six Russian military officers on Monday, alleging that they carried out a series of major hacking operations, including deploying NotPetya ransomware - causing over $10 billion in damages - and attacking the 2018 Olympics

Microsoft Uses Trademark Law to Disrupt Trickbot Botnet

Krebs on Security

has executed a coordinated legal sneak attack in a bid to disrupt the malware-as-a-service botnet Trickbot , a global menace that has infected millions of computers and is used to spread ransomware. Ransomware The Coming StormMicrosoft Corp.

Canadian restaurant chain Recipe suffered a network outage, is it a ransomware attack?

Security Affairs

A number of systems have been taken offline, and all the locations infected by the ransomware were isolated from the Internet. ” According to the CBC News, the Recipe was the victim of a ransomware attack, the media also shared a copy of a ransom note that was provided by a worker at one of the affected restaurants. ” Recipe Unlimited denies it was victim of a ransomware attac, because it conducts regular system backups to promptly mitigate such kind of attacks.

'Act of War' Clause Could Nix Cyber Insurance Payouts

Dark Reading

The indictment of six members of the Russian military for the NotPetya ransomware attack places companies on notice that insurance "is not a get-out-of-jail-free card

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

Security Affairs

The gang behind the DoppelPaymer ransomware has stolen internal confidential documents belonging to some of the largest aerospace companies in the world from the industrial contractor Visser Precision. Early March, the company disclosed a ransomware attack that might have exposed data related to multiple business partners, including Tesla, SpaceX, Boeing and Lockheed Martin. SecurityAffairs – DoppelPaymer ransomware, malware).

NotPetya: From Russian Intelligence, With Love

Data Breach Today

CIA Reportedly Believes Russian Military Launched Wiper Disguised as Ransomware The CIA has attributed last year's outbreak of NotPetya wiper malware to Russia's GRU military intelligence unit, The Washington Post reports. Other intelligence agencies and information security experts have reached similar conclusions, warning that Russia's hybrid warfare campaigns are intensifying

Group-IB Hi-Tech Crime Trends 2020/2021 report

Security Affairs

The most severe financial damage has occurred as a result of ransomware activity. Group-IB: The ransomware plague cost the world over $1 billion. Late 2019 and all of 2020 were marked by an unprecedented surge in ransomware attacks.

Cyberattack Downs Pensacola’s City Systems

Threatpost

military base Naval Air Station Pensacola rocked the city. Critical Infrastructure Government Hacks Malware cyberattack malware pensacola pensacola cyberattack ransom ransomwareThe cyberattack comes days after a shooting at U.S.

Dutch and British Governments Slam Russia for Cyberattacks

Data Breach Today

Officials Attribute BadRabbit Ransomware, WADA Breach to APT28, aka 'Fancy Bear' The British and Dutch governments have issued a strong rebuke to the Russian government over an ongoing series of "Fancy Bear" hack attacks that they say were launched by Russia's military intelligence agency Russian Main Intelligence Directorate, aka the GRU

Security Affairs newsletter Round 286

Security Affairs

million users due to critical vulnerability Nefilim ransomware gang published Luxottica data on its leak site NSA details top 25 flaws exploited by China-linked hackers Pay it safe: Group-IB aids Paxful in repelling a series of web-bot attacks U.S.

Cybersecurity Insurance Not Paying for NotPetya Losses

Schneier on Security

and other governments labeled the NotPetya attack as an action by the Russian military their claim was excluded under the "hostile or warlike action in time of peace or war" exemption. cybersecurity hacking insurance malware ransomware russia warThis will complicate things: To complicate matters, having cyber insurance might not cover everyone's losses. Zurich American Insurance Company refused to pay out a $100 million claim from Mondelez, saying that since the U.S.

List of data breaches and cyber attacks in August 2020 – 36.6 million records breached

IT Governance

Ransomware. British Dental Association records leaked on the dark web (5,524) Australian aged care firm Regis hit by ransomware (unknown) ?Canon

List of data breaches and cyber attacks in July 2020 ­– 77 million records breached

IT Governance

Four military schools in Canada targeted in ‘mysterious’ cyber attack (unknown). Ransomware. CNY Works jobseekers Social Security numbers exposed in suspected ransomware attack (56,000). Turkish doctor’s office hit by ransomware (10,000).

List of data breaches and cyber attacks in March 2020 – 832 million records breached

IT Governance

Ransomware. London-based clinical pharmacology testing firm recovers swiftly from Maze ransomware (unknown). Minnesota-based Community Development Bank struck by ransomware (unknown). Prince Edward Island notifies patients of ransomware attack (unknown). Canada’s Simon Fraser University notifies students, alumni and staff of ransomware attack (unknown). Legal services giant Epiq Global offline after ransomware attack (unknown).

Operation North Star – North-Korea hackers targeted US defense and aerospace companies

Security Affairs

The threat actors’ job postings messages were crafted to target the following specific US defense programs and groups: F-22 Fighter Jet Program Defense, Space and Security (DSS) Photovoltaics for space solar cells Aeronautics Integrated Fighter Group Military aircraft modernization programs.

Security Affairs newsletter Round 271

Security Affairs

Million ransom to decrypt files after Ransomware attack Maze Ransomware operators hacked the Xerox Corporation Microsoft releases emergency security updates to fix Windows codecs New EvilQuest ransomware targets macOS users The U.S. European police infiltrate and dismantled EncroChat chat network Try2Cry ransomware implements wormable capability to infect other Windows systems US Cyber Command urges F5 customers to fix critical flaw in BIG-IP product.

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Security Affairs

military, federal, state, and local government agencies Public universities and schools Hospitals and health care providers Electric utilities Major financial institutions Numerous Fortune 500 companies.

Security Affairs newsletter Round 269

Security Affairs

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

Security Affairs newsletter Round 253

Security Affairs

Reading Municipal Light Department, an electric utility in Massachusetts, hit by ransomware. NRC Health health care company hit with ransomware. Twitter, Facebook, and Instagram blocked in Turkey as Idlib military crisis escalates. Sodinokibi Ransomware gang threatens to disclose data from Kenneth Cole fashion firm. US Railroad firm RailWorks discloses a data breach after a ransomware attack. A new round of the weekly newsletter arrived!

It is time to re-evaluate Cyber-defence solutions

Security Affairs

The Brazilian aerospace giant Embrarer manufactures commercial, executive and military aircraft and are the world’s third largest aircraft manufacturer after Boeing and Airbus.

Security Affairs newsletter Round 277

Security Affairs

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

Q&A: Sophos poll shows how attackers are taking advantage of cloud migration to wreak havoc

The Last Watchdog

Furthermore, 50% encountered ransomware and other malware; 29% reported incidents of data getting exposed; 25% had accounts compromised; and 17% dealt with incidents of crypto-jacking. Digital commerce from day one has revolved around companies bulling forward to take full advantage of wondrous decentralized, anonymous characteristics of the Internet, which began a military-academic experiment. LW: Shifting gears a bit, what’s going on with ransomware?

Cloud 130