Business Services, Hacking and Manufacturing

Business Services

Hacking

Manufacturing

Authorities released free decryptor for Phobos and 8base ransomware

Security Affairs

JULY 18, 2025

The group has been active since March 2022, it focused on small and medium-sized businesses in multiple industries, including finance, manufacturing, business services, and IT. Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims.

Ransomware

Ransomware Encryption Malware Cybercrime

Operation Phobos Aetor: Police dismantled 8Base ransomware gang

Security Affairs

FEBRUARY 11, 2025

The 8Base ransomware group has been active since March 2022, it focused on small and medium-size businesses in multiple industries, including finance, manufacturing, business services, and IT. In November 2023, Cisco Talos researchers observed 8Base ransomware operators using a new variant of the Phobos ransomware.

Ransomware

Ransomware Encryption Backups Malware

Join 28,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

Embargo Ransomware nets $34.2M in crypto since April 2024

Security Affairs

AUGUST 9, 2025

million in incoming transaction volume likely associated with the group, with most victims located in the United States (US) in the healthcare, business services, and manufacturing sectors.” The RaaS mainly targeted US healthcare, business services, and manufacturing.

Ransomware

Ransomware Healthcare Manufacturing Business Services

Orange Business Services hit by Nefilim ransomware operators

Security Affairs

JULY 17, 2020

According to Cyble, the hackers claim to have compromised the Orange Business Solutions , a subsidiary of Orange S.A, Orange confirmed to BleepingComputer that the Orange Business Services division was victim of a ransomware attack on the night of Saturday, July 4th, 2020, into July 5th. Pierluigi Paganini.

Business Services

Business Services Ransomware Mobile Telecommunications

TinyNuke banking malware targets French organizations

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. The attackers used invoice-themed lures targeting entities in manufacturing, industry, technology, finance, and other verticals. . .” Pierluigi Paganini.

Banking

Banking Malware Manufacturing Business Services

Ransomware infected systems at Xchanging, a DXC subsidiary

Security Affairs

JULY 6, 2020

Global IT services and solutions provider DXC Technology disclosed a ransomware attack that infected systems at its Xchanging subsidiary. Xchanging is a business process and technology services provider and integrator, which provides technology-enabled business services to the commercial insurance industry.

Ransomware

Ransomware Insurance Financial Services Technology

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

MAY 5, 2021

“For example, UNC2529 used a unique username, masquerading as an account executive for a small California-based electronics manufacturing company, which Mandiant identified through a simple Internet search.” SecurityAffairs – hacking, UNC2529). .” states the analysis published by FireEye. Pierluigi Paganini.

Cybercrime

Cybercrime Malware Manufacturing Phishing

New LockFile ransomware gang uses ProxyShell and PetitPotam exploits

Security Affairs

AUGUST 21, 2021

The vulnerabilities are exploited remotely through Microsoft Exchange’s Client Access Service (CAS) running on port 443 in IIS. The vulnerabilities were discovered by security Researcher Tsai orange from Devcore, the issues were awarded $ 200,000 during the April 2021 Pwn2Own hacking contest. — 0patch (@0patch) August 19, 2021.

Ransomware

Ransomware Hacking Financial Services Encryption

LockFile Ransomware uses a new intermittent encryption technique

Security Affairs

AUGUST 31, 2021

ransomware: The victims of the Lockfile ransomware gang are in the manufacturing, financial services, engineering, legal, business services, and travel and tourism sectors. SecurityAffairs – hacking, Lockfile ransomware). The HTA ransom note used by LockFile closely resembles the one used by LockBit 2.0

Encryption

Encryption Ransomware Financial Services Antivirus

Balikbayan Foxes group spoofs Philippine gov to spread RATs

Security Affairs

NOVEMBER 1, 2021

The group focuses on Shipping/Logistics, Manufacturing, Business Services, Pharmaceutical, and Energy entities, among others. SecurityAffairs – hacking, Balikbayan Foxes). Both Remcos and NanoCore are used for information gathering, data exfiltration, surveillance, and control of the victims’ computers. .

Malware

Malware Government Surveillance Phishing

8Base ransomware operators use a new variant of the Phobos ransomware

Security Affairs

NOVEMBER 19, 2023

The group has been active since March 2022, it focused on small and medium-size businesses in multiple industries, including finance, manufacturing, business services, and IT. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware) and Brazil.

Ransomware

Ransomware Encryption Backups Manufacturing

Experts warn of a spike in May and June of 8Base ransomware attacks

Security Affairs

JUNE 28, 2023

The group has been active since March 2022, it focused on small and medium-size businesses in multiple industries, including finance, manufacturing, business services, and IT. The experts observed a massive spike in activity associated with this threat actor between May and June 2023. and Brazil.

Ransomware

Ransomware Encryption Manufacturing Business Services

The people problem: Large businesses shift resources to address risks tied to new and disgruntled employees

SC Magazine

MARCH 11, 2021

Threats increased between Q3 and Q4 at more than half (54%) of the organizations surveyed, with financial services (61%) and high-tech/business services (57%) reporting the highest rate of increase. Vulnerabilities associated with remote work continue to drive security training and management.

Risk

Risk Financial Services Technology Manufacturing

Cyber Security Informer

Authorities released free decryptor for Phobos and 8base ransomware

Operation Phobos Aetor: Police dismantled 8Base ransomware gang

Trending Sources

Embargo Ransomware nets $34.2M in crypto since April 2024

Orange Business Services hit by Nefilim ransomware operators

TinyNuke banking malware targets French organizations

Ransomware infected systems at Xchanging, a DXC subsidiary

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

New LockFile ransomware gang uses ProxyShell and PetitPotam exploits

LockFile Ransomware uses a new intermittent encryption technique

Balikbayan Foxes group spoofs Philippine gov to spread RATs

8Base ransomware operators use a new variant of the Phobos ransomware

Experts warn of a spike in May and June of 8Base ransomware attacks

The people problem: Large businesses shift resources to address risks tied to new and disgruntled employees

Stay Connected