Business Services, Hacking and Malware - Cyber Security Informer

Orange Business Services hit by Nefilim ransomware operators

Security Affairs

JULY 17, 2020

According to Cyble, the hackers claim to have compromised the Orange Business Solutions , a subsidiary of Orange S.A, Orange confirmed to BleepingComputer that the Orange Business Services division was victim of a ransomware attack on the night of Saturday, July 4th, 2020, into July 5th. Pierluigi Paganini.

Business Services

Business Services Ransomware Mobile Telecommunications

Government contractor Conduent disclosed a data breach

Security Affairs

APRIL 16, 2025

The business services provider Conduent told the SEC a January cyberattack exposed personal data, including names and Social Security numbers. The business services provider Conduent revealed that personal information, including names and Social Security numbers, was stolen in a January cyberattack.

Data breaches

Data breaches Government Cyber Insurance Business Services

TinyNuke banking malware targets French organizations

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. Proofpoint researchers uncovered a campaign exclusively targeting French entities and organizations with operations in France with the banking malware TinyNuke.

Banking

Banking Malware Manufacturing Business Services

Business Services industry targeted across the country for backdoor access

Malwarebytes

AUGUST 18, 2022

The presence of so many hacking tools in the detections for the Business Services industry tells a story about these organizations being targeted for not only infection, but to establish backdoors and likely gain access to customers of the organizations through the victim’s network.

Business Services

Business Services Insurance Hacking Ransomware

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

MAY 5, 2021

A new cybercrime gang, tracked as UNC2529 , has targeted many organizations in the US and other countries using new sophisticated malware. A new financially motivated threat actor, tracked by FireEye Experts as UNC2529, has targeted many organizations in the United States and other countries using several new pieces of malware.

Cybercrime

Cybercrime Malware Manufacturing Phishing

AkiraBot: AI-Powered spam bot evades CAPTCHA to target 80,000+ websites

Security Affairs

APRIL 10, 2025

. “These technologies are primarily used by small- to medium-sized businesses for their ease in enabling website development with integrations for eCommerce, website content management, and business service offerings.”

eCommerce

eCommerce Technology DNS Business Services

Operation Phobos Aetor: Police dismantled 8Base ransomware gang

Security Affairs

FEBRUARY 11, 2025

“They allegedly used the Phobos malware to encrypt information on the networks, blocking the companies from accessing the data unless a ransom was paid and a decryption key was provided by the gang. ” reported the website Nation Thailand.

Ransomware

Ransomware Encryption Backups Malware

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. The software was delivered through fraudulent updates, drive-by downloads, malware loaders (i.e.

Education

Education Government Business Services Software

Balikbayan Foxes group spoofs Philippine gov to spread RATs

Security Affairs

NOVEMBER 1, 2021

Experts uncovered a new threat actor, tracked as Balikbayan Foxes, that is impersonating the Philippine government to spread malware. . The group focuses on Shipping/Logistics, Manufacturing, Business Services, Pharmaceutical, and Energy entities, among others. SecurityAffairs – hacking, Balikbayan Foxes).

Government

Government Malware Surveillance Phishing

8Base ransomware operators use a new variant of the Phobos ransomware

Security Affairs

NOVEMBER 19, 2023

The group has been active since March 2022, it focused on small and medium-size businesses in multiple industries, including finance, manufacturing, business services, and IT. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware) and Brazil.

Ransomware

Ransomware Encryption Backups Manufacturing

New LockFile ransomware gang uses ProxyShell and PetitPotam exploits

Security Affairs

AUGUST 21, 2021

The vulnerabilities are exploited remotely through Microsoft Exchange’s Client Access Service (CAS) running on port 443 in IIS. The vulnerabilities were discovered by security Researcher Tsai orange from Devcore, the issues were awarded $ 200,000 during the April 2021 Pwn2Own hacking contest. — 0patch (@0patch) August 19, 2021.

Ransomware

Ransomware Hacking Financial Services Encryption

Ransomware infected systems at Xchanging, a DXC subsidiary

Security Affairs

JULY 6, 2020

Global IT services and solutions provider DXC Technology disclosed a ransomware attack that infected systems at its Xchanging subsidiary. Xchanging is a business process and technology services provider and integrator, which provides technology-enabled business services to the commercial insurance industry.

Ransomware

Ransomware Insurance Financial Services Technology

LockFile Ransomware uses a new intermittent encryption technique

Security Affairs

AUGUST 31, 2021

ransomware: The victims of the Lockfile ransomware gang are in the manufacturing, financial services, engineering, legal, business services, and travel and tourism sectors. SecurityAffairs – hacking, Lockfile ransomware). The HTA ransom note used by LockFile closely resembles the one used by LockBit 2.0

Encryption

Encryption Ransomware Financial Services Antivirus

Port of San Diego hit by a cyber attack a few days after the attack on the Port of Barcelona

Security Affairs

SEPTEMBER 28, 2018

Port employees are currently at work but have limited functionality, which may have temporary impacts on service to the public, especially in the areas of park permits, public records requests, and business services. Security Affairs – Pangu iOS 12 jailbreak, hacking). Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Advertising Ransomware Business Services

Experts warn of a spike in May and June of 8Base ransomware attacks

Security Affairs

JUNE 28, 2023

The group has been active since March 2022, it focused on small and medium-size businesses in multiple industries, including finance, manufacturing, business services, and IT. The experts observed a massive spike in activity associated with this threat actor between May and June 2023. and Brazil.

Ransomware

Ransomware Encryption Manufacturing Business Services

Security Affairs newsletter Round 273

Security Affairs

JULY 19, 2020

SecurityAffairs – hacking, newsletter). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

DNS

DNS Surveillance Advertising Malware

Cyber Security Informer

Orange Business Services hit by Nefilim ransomware operators

Government contractor Conduent disclosed a data breach

Trending Sources

TinyNuke banking malware targets French organizations

Business Services industry targeted across the country for backdoor access

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

AkiraBot: AI-Powered spam bot evades CAPTCHA to target 80,000+ websites

Operation Phobos Aetor: Police dismantled 8Base ransomware gang

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Balikbayan Foxes group spoofs Philippine gov to spread RATs

8Base ransomware operators use a new variant of the Phobos ransomware

New LockFile ransomware gang uses ProxyShell and PetitPotam exploits

Ransomware infected systems at Xchanging, a DXC subsidiary

LockFile Ransomware uses a new intermittent encryption technique

Port of San Diego hit by a cyber attack a few days after the attack on the Port of Barcelona

Experts warn of a spike in May and June of 8Base ransomware attacks

Security Affairs newsletter Round 273

Stay Connected