Backups, Cybercrime, Information Security and Manufacturing

Experts link Raspberry Robin Malware to Evil Corp cybercrime gang

Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Cybercrime

Cybercrime Malware Backups Manufacturing

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

Security Affairs

JANUARY 26, 2023

The company is a globally recognised industrial explosives manufacturer, it provides complete blasting solutions, including packaged, bulk explosives and initiating systems to meet its customer needs across the globe. .” The BlackCat Ransomware gang added SOLAR INDUSTRIES INDIA to the list of victims published on its Tor leak site.

Manufacturing

Manufacturing Ransomware Engineering Hacking

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

MAY 12, 2024

Most of the victims are in the manufacturing, engineering and construction, and retail sectors. Recommendations provided in the report include installing updates promptly, using phishing-resistant multi-factor authentication (MFA), securing remote access software, making backups, and applying mitigations from the #StopRansomware Guide.

Ransomware

Ransomware Hacking Healthcare Retail

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

8Base ransomware operators use a new variant of the Phobos ransomware

Security Affairs

NOVEMBER 19, 2023

The group has been active since March 2022, it focused on small and medium-size businesses in multiple industries, including finance, manufacturing, business services, and IT. Security experts attributed 67 attacks to the group in May 2023, most of the victims are in the U.S. and Brazil.

Ransomware

Ransomware Encryption Backups Manufacturing

Security Affairs newsletter Round 392

Security Affairs

NOVEMBER 6, 2022

Cisco addressed several high-severity flaws in its products LockBit ransomware gang claims the hack of Continental automotive group 250+ U.S. Cisco addressed several high-severity flaws in its products LockBit ransomware gang claims the hack of Continental automotive group 250+ U.S. Follow me on Twitter: @securityaffairs and Facebook.

Hacking

Hacking Ransomware Cybercrime Backups

Lacroix Group shut down three facilities after a ‘targeted cyberattack’

Security Affairs

MAY 16, 2023

French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack. The French electronics manufacturer Lacroix Group shut down three facilities in France, Germany, and Tunisia in response to a cyber attack. ” reported Yahoo Finance.

Manufacturing

Manufacturing Ransomware Cyber Attacks Backups

FBI confirmed that JBS was hit by the REvil ransomware gang

Security Affairs

JUNE 3, 2021

The company’s backup servers were not affected, and it is actively working with an Incident Response firm to restore its systems as soon as possible.” The White House said Tuesday that the cyberattack was likely originating from a cybercrime organization based in Russia. reads the press release published by the company.

Ransomware

Ransomware Cybercrime Backups Manufacturing

Microsoft: Raspberry Robin worm already infected hundreds of networks

Security Affairs

JULY 3, 2022

The malware uses TOR exit nodes as a backup C2 infrastructure. The malware was first spotted in September 2021, the experts observed Raspberry Robin targeting organizations in the technology and manufacturing industries. The malicious code uses Windows Installer to reach out to QNAP-associated domains and download a malicious DLL.

Manufacturing

Manufacturing Malware Backups Technology

LockBit ransomware gang leaked data stolen from Boeing

Security Affairs

NOVEMBER 13, 2023

The Boeing Company, commonly known as Boeing, is one of the world’s largest aerospace manufacturers and defense contractors. Bleeping Computer analyzed the leaked data and reported that most of the published data are backups for various systems. In 2022, Boeing recorded $66.61 billion in sales, the aerospace giant has 156,000 (2022).

Ransomware

Ransomware Authentication Backups Manufacturing

Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition

Security Affairs

JULY 2, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Cybercrime Hacking Ransomware Malware

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The malware uses TOR exit nodes as a backup C2 infrastructure. The malware was first spotted in September 2021, the experts observed it targeting organizations in the technology and manufacturing industries. The malicious code uses Windows Installer to reach out to QNAP-associated domains and download a malicious DLL.

Government

Government Malware Telecommunications Cybercrime

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. Focus on cyber security awareness and training.

Ransomware

Ransomware DDOS Passwords Backups

RedEnergy Stealer-as-a-Ransomware employed in attacks in the wild

Security Affairs

JULY 5, 2023

Once inside the system, this malicious variant stealthily extracts sensitive information and proceeds to encrypt the compromised files.” Threat actors used reputable LinkedIn pages to target victims, including the Philippines Industrial Machinery Manufacturing Company and multiple organizations in Brazil.

Energy and Utilities

Energy and Utilities Ransomware Backups Malware

Security Affairs newsletter Round 303

Security Affairs

FEBRUARY 28, 2021

Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com Experts warn of threat actors abusing Google Alerts to deliver unwanted programs FBI warns of the consequences of telephony denial-of-service (TDoS) attacks An attacker was able to siphon audio feeds from multiple Clubhouse rooms Georgetown County has yet to recover from a sophisticated (..)

Spyware

Spyware Backups Manufacturing Data breaches

Raspberry Robin operators are selling initial access to compromised enterprise networks to ransomware gangs

Security Affairs

OCTOBER 27, 2022

In October 2022, the malware was used in post-compromise activity attributed to another actor, DEV-0950 (which overlaps with FIN11 / TA505 cybercrime gang). The malware uses TOR exit nodes as a backup C2 infrastructure. The DEV-0950 attacks led to the deployment of the Cobalt Strike beacon.

Ransomware

Ransomware Malware Data collection Encryption

Security Affairs newsletter Round 404 by Pierluigi Paganini

Security Affairs

JANUARY 29, 2023

Copycat Criminals mimicking Lockbit gang in northern Europe Sandworm APT targets Ukraine with new SwiftSlicer wiper ISC fixed high-severity flaws in DNS software suite BIND Patch management is crucial to protect Exchange servers, Microsoft warns Hacker accused of having stolen personal data of all Austrians and more CVE-2023-23560 flaw exposes 100 (..)

DNS

DNS Data breaches Hacking Backups

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.” ” reads the flash alert.

Ransomware

Ransomware Firmware Antivirus Accountability

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The malware uses TOR exit nodes as a backup C2 infrastructure. The malware was first spotted in September 2021, the experts observed it targeting organizations in the technology and manufacturing industries. The malicious code uses Windows Installer to reach out to QNAP-associated domains and download a malicious DLL.

Government

Government Malware Telecommunications Cybercrime

Microsoft experts linked the Raspberry Robin malware to Evil Corp operation

Security Affairs

JULY 29, 2022

The malware uses TOR exit nodes as a backup C2 infrastructure. The malware was first spotted in September 2021, the experts observed Raspberry Robin targeting organizations in the technology and manufacturing industries. The malicious code uses Windows Installer to reach out to QNAP-associated domains and download a malicious DLL.

Malware

Malware Backups Manufacturing Accountability

Ongoing Raspberry Robin campaign leverages compromised QNAP devices

Security Affairs

JULY 9, 2022

The malware uses TOR exit nodes as a backup C2 infrastructure. The malware was first spotted in September 2021, the experts observed Raspberry Robin targeting organizations in the technology and manufacturing industries. The malicious code uses Windows Installer to reach out to QNAP-associated domains and download a malicious DLL.

Malware

Malware Manufacturing Backups Technology

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Security Affairs

AUGUST 13, 2022

The ransomware was involved in attacks aimed at technology and healthcare, defense contractors, educational institutions, manufacturers, companies across Europe, the United States, and Canada.

Ransomware

Ransomware Encryption Firmware Backups

City of Dallas shut down IT services after ransomware attack

Security Affairs

MAY 4, 2023

“The department had reverted to its backup system, radio, to dispatch officers in response to 911 calls instead of its computer assisted dispatch system. . “We have learned the attack’s biggest impact is likely at the Dallas Police Department.” ” reported the website of Fox4News. reads the alert.

Ransomware

Ransomware Healthcare Education Encryption

Raspberry Robin spreads via removable USB devices

Security Affairs

MAY 7, 2022

The malware uses TOR exit nodes as a backup C2 infrastructure. The malware was first spotted in September 2021, the experts observed Raspberry Robin targeting organizations in the technology and manufacturing industries. Initial access is typically through infected removable drives, often USB devices.

Malware

Malware Backups Manufacturing Hacking

NCR was the victim of BlackCat/ALPHV ransomware gang

Security Affairs

APRIL 16, 2023

It manufactures self-service kiosks, point-of-sale terminals, automated teller machines, check processing systems, and barcode scanners. An affiliate of the ALPHV/BlackCat ransomware gang, tracked as UNC4466, was recently observed exploiting three vulnerabilities in the Veritas Backup solution to gain initial access to the target network.

Ransomware

Ransomware Manufacturing Backups Education

Ransomware world in 2021: who, how and why

SecureList

MAY 12, 2021

There is, of course, a documented porosity between the ransomware ecosystem and other cybercrime domains such as carding or point-of-sale (PoS) hacking. But it is worth pointing out that not all members of this ecosystem originate from the cybercrime underworld. Set up offline backups that intruders cannot tamper with.

Ransomware

Ransomware Encryption Malware Cybercrime

Cyber Security Informer

Experts link Raspberry Robin Malware to Evil Corp cybercrime gang

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

Webinars

Trending Sources

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Webinars

8Base ransomware operators use a new variant of the Phobos ransomware

Security Affairs newsletter Round 392

Lacroix Group shut down three facilities after a ‘targeted cyberattack’

FBI confirmed that JBS was hit by the REvil ransomware gang

Microsoft: Raspberry Robin worm already infected hundreds of networks

LockBit ransomware gang leaked data stolen from Boeing

Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition

Raspberry Robin malware used in attacks against Telecom and Governments

Avoslocker ransomware gang targets US critical infrastructure

RedEnergy Stealer-as-a-Ransomware employed in attacks in the wild

Security Affairs newsletter Round 303

Raspberry Robin operators are selling initial access to compromised enterprise networks to ransomware gangs

Security Affairs newsletter Round 404 by Pierluigi Paganini

Ranzy Locker ransomware hit tens of US companies in 2021

Raspberry Robin malware used in attacks against Telecom and Governments

Microsoft experts linked the Raspberry Robin malware to Evil Corp operation

Ongoing Raspberry Robin campaign leverages compromised QNAP devices

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

City of Dallas shut down IT services after ransomware attack

Raspberry Robin spreads via removable USB devices

NCR was the victim of BlackCat/ALPHV ransomware gang

Ransomware world in 2021: who, how and why

Stay Connected