Cyber Attacks, Encryption, Hacking and Information Security

A cyber attack hit Thyssenkrupp Automotive Body Solutions business unit

Security Affairs

FEBRUARY 26, 2024

The company did not disclose details of the attack, however the decision to shut down the IT systems suggests it was the victim of a ransomware attack. This isn’t the first time that the company was the victim of a cyber attack. In 2016, alleged Asian threat actors targeted ThyssenKrupp to steal company secrets.

Cyber Attacks

Cyber Attacks Ransomware Engineering Banking

Cactus ransomware gang claims the Schneider Electric hack

Security Affairs

JANUARY 30, 2024

The attack impacted the services of Schneider Electric’s Resource Advisor cloud platform causing outages. Schneider Electric said that other divisions of the company were not impacted by the cyber attack.

Ransomware

Ransomware Hacking Data breaches Digital transformation

The worst cyber attacks of 2021

Security Affairs

JANUARY 3, 2022

Which are the cyber attacks of 2021 that had the major impact on organizations worldwide in terms of financial losses and disruption of the operations? Federal Bureau of Investigation confirmed that the Colonial Pipeline was shut down due to a cyber attack carried out by the Darkside ransomware gang. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Ransomware Insurance Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

Five months later, Gunnebo disclosed it had suffered a cyber attack targeting its IT systems that forced the shutdown of internal servers. Larsson quotes Gunnebo CEO Stefan Syrén saying the company never considered paying the ransom the attackers demanded in exchange for not publishing its internal documents. ”

Hacking

Hacking Ransomware Banking Accountability

China Says NSA Is Hacking Top Military Research University

SecureWorld News

SEPTEMBER 12, 2022

China's National Computer Virus Emergency Response Center (CVERC) recently made a statement accusing the United States National Security Agency (NSA) of repeatedly hacking the Northwestern Polytechnical University, a key public military research university located in Xi'an, China. TAO is a tactical implementation unit of the U.S.

Hacking

Hacking Cyber Attacks Government Internet

LockBit published data stolen from Simone Veil hospital in Cannes

Security Affairs

MAY 3, 2024

In April, a cyber attack hit the Hospital Simone Veil in Cannes (CHC-SV), impacting medical procedures and forcing personnel to return to pen and paper. Non-urgent surgical procedures and consultations scheduled at the time of the attack were postponed. ” In the past, other French hospitals were victims of cyber attacks.

Cyber Attacks

Cyber Attacks Ransomware Healthcare Media

NASA warns of a significant increase in cyber attacks during Coronavirus outbreak

Security Affairs

APRIL 8, 2020

According to the advisory issued by NASA, the number of phishing attempts doubled in the past few days, at the same time the number of malware attacks on its systems has grown exponentially. During the past few weeks, NASA’s Security Operations Center (SOC) mitigation tools have prevented success of these attempts.”

Cyber Attacks

Cyber Attacks Computers and Electronics VPN Phishing

Morgan Stanley discloses data breach after the hack of a third-party vendor

Security Affairs

JULY 8, 2021

The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. The hack of the FTA server took place in March, but the hacker had access to the data of Morgan Stanley customers in May. ” reads the letter.

Data breaches

Data breaches Hacking Banking Financial Services

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Although most people think of ransomware as a dodgy application that encrypts data and holds it for ransom, the concept is much more heterogeneous than that. File encryption 2013 – 2015. It emerged in September 2013 and paved the way for hundreds of file-encrypting menaces that have splashed onto the scene ever since.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

Security Affairs

FEBRUARY 19, 2024

Schneider Electric said that other divisions of the company were not impacted by the cyber attack. The gang also published several pictures of passports and company documents as proof of the hack. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware)

Ransomware

Ransomware Digital transformation Retail Antivirus

Asian media firm E27 hacked, attackers asked for a “donation”

Security Affairs

JUNE 28, 2020

Asian media firm E27 suffered a security breach and hackers asked for a “donation” to provide information on the flaws they exploited in the attack. If you use the legacy email and password login, your passwords are encrypted, but we highly encourage that you change it. SecurityAffairs – hacking, E27).

Media

Media Hacking Passwords Data breaches

Energy giant Shell discloses data breach caused by Accellion FTA hack

Security Affairs

MARCH 23, 2021

According to a data breach notification published by the company on its website, the cyber attack did not affect its network, but it only impacted an Accellion FTA server. “Shell has been impacted by a data security incident involving Accellion’s File Transfer Appliance. .” SecurityAffairs – hacking, Shell).

Data breaches

Data breaches Hacking Cybercrime Cyber Attacks

New Cyber Attack Campaign Leverages the COVID-19 Infodemic

Security Affairs

FEBRUARY 26, 2020

The file downloaded from this censorship free file hosting is actually a chunk of 125KB random looking bytes, suggesting it would likely be some binary payload protected with strong encryption. Figure 4: Piece of the encrypted file downloaded from “share.]dmca.]gripe”. New Cyber Attack Campaign Leverages the COVID-19 Infodemic.

Cyber Attacks

Cyber Attacks Malware Social Engineering Advertising

The Lorenz ransomware group hit Texas-based Cogdell Memorial Hospital

Security Affairs

NOVEMBER 12, 2023

Like other ransomware gangs, Lorenz operators also implement double-extortion model by stealing data before encrypting it and threatening them if the victim doesn’t pay the ransom. In mid-October, the ALPHV/BlackCat ransomware group claimed to have hacked the Morrison Community Hospital and added it to its dark web Tor leak site.

Ransomware

Ransomware Healthcare Encryption Cyber Attacks

The Alphv ransomware gang stole 5TB of data from the Morrison Community Hospital

Security Affairs

OCTOBER 15, 2023

The ALPHV/BlackCat ransomware group claims to have hacked the Morrison Community Hospital and added it to its dark web Tor leak site. The group claims to have stolen 5TB of patients’ and employee’s information, backups, PII documents, and more. Other ransomware attacks recently hit US hospitals.

Ransomware

Ransomware Healthcare Data breaches Cyber Attacks

Lockbit ransomware attack interrupted medical emergencies gang at a German hospital network

Security Affairs

DECEMBER 28, 2023

The ransomware gang hit the KHO on Christmas Eve and gained access to specifically encrypted data, the organization revealed in a statement published on its website. “Unknown persons gained access to the hospitals’ IT infrastructure systems and specifically encrypted data. the timeline for which cannot yet be predicted.

Ransomware

Ransomware Encryption Cyber Attacks Hacking

Lockbit ransomware gang hit the Carthage Area Hospital and the Clayton-Hepburn Medical Center in New York

Security Affairs

SEPTEMBER 14, 2023

The Lockbit ransomware group claims to have hacked two major hospitals, the Carthage Area Hospital and Claxton-Hepburn Medical Center. At this time the group has yet to publish any samples of the alleged stolen data as a proof of the hack. Other ransomware attacks recently hit US hospitals.

Ransomware

Ransomware Healthcare Cyber Attacks Hacking

Entercom Radio Network hit by a second cyber attack in a few months

Security Affairs

DECEMBER 25, 2019

A new cyber attack hit the radio network Entercom, this is the second time the company has suffered a similar security incident in a few months. A cyber attack hit the radio network Entercom, the incident has impacted the back-office functions and in some cases, the stations were apparently forced to run recorded programs.

Cyber Attacks

Cyber Attacks Advertising Marketing Encryption

LockBit ransomware gang claims the attack on Capital Health

Security Affairs

JANUARY 9, 2024

The LockBit ransomware gang claimed responsibility for the cyber attack on the Capital Health hospital network. The cybercriminal group clarified that its attacks do not disrupt patient care but are confined to data theft when targeting hospitals. Capital Health Regional Medical Center is a member of Capital Health System.

Ransomware

Ransomware Healthcare Encryption Cyber Attacks

Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV

Security Affairs

OCTOBER 3, 2023

Like all ransomware, this is a type of malware that, once introduced into an organization, encrypts the data and then requires the victim to pay a ransom in order to decrypt it. Black attack analyzed by TG Soft ‘s CRAM researchers, showed that access by cyber criminals was via exposed RDP. Black The LockBit 3.0

Ransomware

Ransomware Encryption Technology Backups

Bitdefender released a free decryptor for the MegaCortex ransomware

Security Affairs

JANUARY 6, 2023

In December 2019, the FBI issued a warning to the private industry of cyber attacks involving the LockerGoga and MegaCortex Ransomware. The decryptor also supports the “Scan Entire System” mode which allows users to search for all encrypted files. For encryption with MegaCortex V1 (the encrypted files have the “.aes128ctr”

Ransomware

Ransomware Antivirus Encryption Backups

Ransomware drama: Law enforcement seized Lockbit group’s website again

Security Affairs

MAY 5, 2024

The NCA will reach out to victims based in the UK in the coming days and weeks, providing support to help them recover encrypted data. However a few days later, the LockBit gang relaunched its RaaS operation, the group set up a new infrastructure and threatened to carry out cyber attacks on the government sector.

Ransomware

Ransomware Cybercrime Cyber Attacks Encryption

RansomEXX ransomware hit computer manufacturer and distributor GIGABYTE

Security Affairs

AUGUST 6, 2021

“GIGABYTE released a major message stating that the information security team has cooperated with technical experts from a number of external information security companies to jointly handle this cyber attack on a small number of servers of GIGABYTE, and has notified the abnormal network conditions it has detected.”

Manufacturing

Manufacturing Ransomware Information Security Security Defenses

Security Affairs newsletter Round 399 by Pierluigi Paganini

Security Affairs

DECEMBER 25, 2022

Expert found Backdoor credentials in ZyXEL LTE3301 M209 Raspberry Robin malware used in attacks against Telecom and Governments TikTok parent company ByteDance revealed the use of TikTok data to track journalists BetMGM discloses security breach impacting 1.5 SecurityAffairs – hacking, newsletter). Pierluigi Paganini.

Ransomware

Ransomware Hacking Malware Encryption

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches

Data breaches Cybercrime Firewall Artificial Intelligence

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Security Affairs

JANUARY 6, 2024

Unlike other ransomware, Petya does not encrypt files on the infected systems but targets the hard drive’s master file table (MFT) and renders the master boot record (MBR) inoperable. Merck had not taken out specific insurance to cover cyber attacks, it only had insurance coverage against general risks.

Insurance

Insurance Manufacturing Ransomware Healthcare

Power semiconductor component manufacturer Semikron suffered a ransomware attack

Security Affairs

AUGUST 3, 2022

“The SEMIKRON Group has become a victim of a cyber-attack by a professional hacker group. As part of this attack, the perpetrators have claimed to have exfiltrated data from our system. The attackers have infiltrated data from the company systems before encrypting a portion of the internal network.

Manufacturing

Manufacturing Ransomware Encryption Data breaches

Is the LockBit gang resuming its operation?

Security Affairs

FEBRUARY 29, 2024

The NCA will reach out to victims based in the UK in the coming days and weeks, providing support to help them recover encrypted data. Now the LockBit gang is attempting to relaunch its RaaS operation, the group has set up a new infrastructure and is threatening to carry out cyber attacks on the government sector.

Ransomware

Ransomware Hacking Cyber Attacks Encryption

Clop ransomware gang leaks data allegedly stolen from cybersecurity firm Qualys

Security Affairs

MARCH 3, 2021

Cybersecurity firm Qualys is the latest victim of a cyber attack, the company was likely hacked by threat actors that exploited a zero-day vulnerability in their Accellion FTA server. In response to the wave of attacks, the vendor has released multiple security patches to address the vulnerabilities exploited by the hackers.

Ransomware

Ransomware Cybersecurity Cyber Attacks Data breaches

Understanding Features and Vulnerabilities of The Decentralized Finance Attack Surface is Key to Protecting Against Cyber Attacks

Security Boulevard

MARCH 17, 2022

Decentralized Finance and the information security protocols protecting it remain in their early stages of development, as does the adaptation of new cyberattack techniques. Blockchain-based cryptocurrency is an encrypted list arranged in chronological order providing a record of all addresses that hold assets. link] [link].

Cyber Attacks

Cyber Attacks Cryptocurrency Marketing Software

French hospital cancels operations after a ransomware attack

Security Affairs

DECEMBER 5, 2022

A French hospital near Paris canceled operations and transfer some patients due to a cyber attack suffered over the weekend. France’s health ministry announced that the Hospital Centre of Versailles was hit by a cyber attack over the weekend. SecurityAffairs – hacking, ransomware). Pierluigi Paganini.

Ransomware

Ransomware Healthcare Cyber Attacks Hacking

Lacroix Group shut down three facilities after a ‘targeted cyberattack’

Security Affairs

MAY 16, 2023

French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack. The French electronics manufacturer Lacroix Group shut down three facilities in France, Germany, and Tunisia in response to a cyber attack.

Manufacturing

Manufacturing Ransomware Cyber Attacks Backups

Wannacry, the hybrid malware that brought the world to its knees

Security Affairs

OCTOBER 31, 2022

Reflecting on the Wannacry ransomware attack, which is the lesson learnt e why most organizations are still ignoring it. The cryptolocker had the task of encrypting the data of the affected system; The exploit was to infect the victim’s local network, if not properly updated, through the SMB protocol vulnerability.

Malware

Malware Computers and Electronics Encryption Ransomware

The Impacts of Data Loss on Your Organization

Security Affairs

JULY 3, 2023

In an era where data has become the cornerstone of business operations, the loss of vital information can result in severe setbacks and irreparable damage. Whether it’s due to accidental deletion, hardware failure, cyber-attacks, or natural disasters, the loss of valuable data can have devastating impacts on an organization.

Unstructured Data

Unstructured Data Cyber Attacks Backups Encryption

The Analyst Prompt #15: Network Environment-Focused Conversations Needed in Approaches to Cyber Security

Security Boulevard

AUGUST 18, 2022

Third-party attacks, or supply chain attacks, occur when a trusted software, vendor, or other external company property or personnel is the victim of a cyber-attack that may directly impact the partnered organization ( 1 ). Exploit Tools and Targets: Enhance Third-Party Risk Management to Mitigate Multi-Targeted Approach.

Encryption

Encryption Cyber Attacks Software Risk

Security Affairs newsletter Round 404 by Pierluigi Paganini

Security Affairs

JANUARY 29, 2023

Copycat Criminals mimicking Lockbit gang in northern Europe Sandworm APT targets Ukraine with new SwiftSlicer wiper ISC fixed high-severity flaws in DNS software suite BIND Patch management is crucial to protect Exchange servers, Microsoft warns Hacker accused of having stolen personal data of all Austrians and more CVE-2023-23560 flaw exposes 100 (..)

DNS

DNS Data breaches Hacking Backups

Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition

Security Affairs

JULY 2, 2023

WordPress sites using the Ultimate Member plugin are under attack LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC Avast released a free decryptor for the Windows version of the Akira ransomware Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor miniOrange’s WordPress Social Login and Register plugin (..)

Cybercrime

Cybercrime Hacking Ransomware Malware

Iranian hackers access unsecured HMI at Israeli Water Facility

Security Affairs

DECEMBER 4, 2020

A group of Iranian hackers gained access to a un unprotected ICS at an Israeli Water Facility and posted a video as proof of the hack. The threat actors accessed a human-machine interface (HMI) system that was left unsecured online and published a video hack. An attacker could easily interact with the system via Modbus.

Cyber Attacks

Cyber Attacks Hacking Authentication Education

Russia-linked APT28 used new malware in a recent phishing campaign

Security Affairs

DECEMBER 29, 2023

The malware communicated with C2 infrastructure via TCP, it use the AES-128-CBC algorithm to encrypt the traffic. At the same time, it is obvious that the malicious plan also involves taking measures to develop a cyber attack on the entire information and communication system of the organization.

Phishing

Phishing Malware Computers and Electronics Internet

German industrial giant ThyssenKrupp targeted in a new cyberattack

Security Affairs

DECEMBER 21, 2022

. “At the present time, no damage has been done, nor are there any indications that data has been stolen or modified,” This isn’t the first attack suffered by the company, in 2012, the company was targeted by another cyber attack that was classified as “heavy” and of “exceptional quality.”. Pierluigi Paganini.

Engineering

Engineering Data breaches Ransomware Banking

A ransomware attack forced publishing giant Macmillan to shuts down its systems

Security Affairs

JULY 1, 2022

A cyber attack forced the American publishing giant Macmillan to shut down its IT systems. The company spokesman Erin Coffey told different media outlets that attackers have encrypted certain files on the Macmillan network. The attack took place on June 25, the security breach also impacted the U.K.

Ransomware

Ransomware Data breaches Cyber Attacks Media

UK rail network Merseyrail hit by ransomware gang

Security Affairs

APRIL 28, 2021

UK rail network Merseyrail was hit by a cyberattack, ransomware operators breached the corporate email system to disclose the attack to employees and journalists. UK rail network Merseyrail, which operates rail services across Merseyside, announced it was a victim of a cyber attack. SecurityAffairs – hacking, Merseyrail).

Ransomware

Ransomware Cyber Attacks Accountability Encryption

Security Affairs newsletter Round 399 by Pierluigi Paganini

Security Affairs

DECEMBER 25, 2022

Expert found Backdoor credentials in ZyXEL LTE3301 M209 Raspberry Robin malware used in attacks against Telecom and Governments TikTok parent company ByteDance revealed the use of TikTok data to track journalists BetMGM discloses security breach impacting 1.5 SecurityAffairs – hacking, newsletter). Pierluigi Paganini.

Ransomware

Ransomware Hacking Malware Encryption

Clop ransomware gang paralyzed flavor and fragrance producer Symrise

Security Affairs

DECEMBER 21, 2020

The attack was reported last week by Handelsblatt , the website databreaches.net also reported the news after @Chum1ng0 alerted them. . CyberAttack , #CyberSecurity , #ciberseguridad ; "Cyber attack paralyzes MDax group Symrise" [link] — chum1ng0 (@chum1ng0) December 14, 2020. SecurityAffairs – hacking, BISMUTH).

Ransomware

Ransomware Encryption Malware Cyber Attacks

A cyber attack hit Thyssenkrupp Automotive Body Solutions business unit

Cactus ransomware gang claims the Schneider Electric hack

Webinars

Trending Sources

The worst cyber attacks of 2021

Webinars

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

China Says NSA Is Hacking Top Military Research University

LockBit published data stolen from Simone Veil hospital in Cannes

NASA warns of a significant increase in cyber attacks during Coronavirus outbreak

Morgan Stanley discloses data breach after the hack of a third-party vendor

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

Asian media firm E27 hacked, attackers asked for a “donation”

Energy giant Shell discloses data breach caused by Accellion FTA hack

New Cyber Attack Campaign Leverages the COVID-19 Infodemic

The Lorenz ransomware group hit Texas-based Cogdell Memorial Hospital

The Alphv ransomware gang stole 5TB of data from the Morrison Community Hospital

Lockbit ransomware attack interrupted medical emergencies gang at a German hospital network

Lockbit ransomware gang hit the Carthage Area Hospital and the Clayton-Hepburn Medical Center in New York

Entercom Radio Network hit by a second cyber attack in a few months

LockBit ransomware gang claims the attack on Capital Health

Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV

Bitdefender released a free decryptor for the MegaCortex ransomware

Ransomware drama: Law enforcement seized Lockbit group’s website again

RansomEXX ransomware hit computer manufacturer and distributor GIGABYTE

Security Affairs newsletter Round 399 by Pierluigi Paganini

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Power semiconductor component manufacturer Semikron suffered a ransomware attack

Is the LockBit gang resuming its operation?

Clop ransomware gang leaks data allegedly stolen from cybersecurity firm Qualys

Understanding Features and Vulnerabilities of The Decentralized Finance Attack Surface is Key to Protecting Against Cyber Attacks

French hospital cancels operations after a ransomware attack

Lacroix Group shut down three facilities after a ‘targeted cyberattack’

Wannacry, the hybrid malware that brought the world to its knees

The Impacts of Data Loss on Your Organization

The Analyst Prompt #15: Network Environment-Focused Conversations Needed in Approaches to Cyber Security

Security Affairs newsletter Round 404 by Pierluigi Paganini

Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition

Iranian hackers access unsecured HMI at Israeli Water Facility

Russia-linked APT28 used new malware in a recent phishing campaign

German industrial giant ThyssenKrupp targeted in a new cyberattack

A ransomware attack forced publishing giant Macmillan to shuts down its systems

UK rail network Merseyrail hit by ransomware gang

Security Affairs newsletter Round 399 by Pierluigi Paganini

Clop ransomware gang paralyzed flavor and fragrance producer Symrise

Stay Connected