Security Affairs

MAY 15, 2023

Compromised organizations operate in different business verticals, including manufacturing, wealth management, insurance providers, and pharmaceuticals. The ransomware supports intermittent encryption to speed up the encryption process. This process encrypts only a certain part of the source file’s contents, not the entire file.”

Ransomware 95

Ransomware Encryption Cybercrime Insurance 95

Security Affairs

JULY 2, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Hacking 96

Hacking Cybercrime Ransomware Malware 96

Security Affairs

AUGUST 8, 2024

The BlackSuit ransomware has targeted various critical infrastructure sectors, including commercial facilities, healthcare, government, and manufacturing. They are open to negotiating payment amounts, which are not specified in the initial ransom note but are discussed via a.onion URL provided after encryption.

Ransomware 112

Ransomware VPN Manufacturing Healthcare 112

Security Affairs

AUGUST 28, 2024

The experts observed the threat actors using a new version of their encryptor that adds the “blackbytent_h” file extension to encrypted files, drops four vulnerable driver files, and uses victim Active Directory credentials to spread. “Talos observed some differences in the recent BlackByte attacks.

Ransomware 113

Ransomware Authentication Encryption VPN 113

Security Affairs

MAY 16, 2023

French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack. The French electronics manufacturer Lacroix Group shut down three facilities in France, Germany, and Tunisia in response to a cyber attack. ” reported Yahoo Finance.

Manufacturing 95

Manufacturing Ransomware Cyber Attacks Backups 95

Security Affairs

SEPTEMBER 13, 2021

Lile other ransomware operations, BlackMatter also set up its leak sitewhere it will publish data exfiltrated from the victims before encrypting their system. Japan-headquartered Olympus manufactures optical and digital reprography technology for the medical and life sciences industries. SecurityAffairs – hacking, Olympus).

Technology 127

Technology Ransomware Computers and Electronics Cybercrime 127

Security Affairs

AUGUST 29, 2021

The name of the sportswear manufacturer Puma appeared on the dark web marketplace of stolen data Marketo, threat actors claim to have stolen 1 GB of data from the company. SecurityAffairs – hacking, FIN8). The ad on Marketo claims to have about 1GB of data stolen from the company that are now auctioned to the highest bidder. .

Manufacturing 127

Manufacturing Data breaches Encryption Hacking 127

Security Affairs

NOVEMBER 24, 2022

RansomExx operation has been active since 2018, the list of its victims includes government agencies, the computer manufacturer and distributor GIGABYTE , and the Italian luxury brand Zegna. The ransomware iterates through the specified directories, enumerating and encrypting files. SecurityAffairs – hacking, RansomExx ransomware).

Ransomware 99

Ransomware Encryption Malware Manufacturing 99

Security Affairs

MAY 24, 2024

509 [2] certificates) and encrypted, authenticated connections (TLS [3] and its precursor, SSL [4] ). For instance, suppose firewall manufacturer ACME Inc. It also integrates an ACME client for automatic certificate generation via Let’s Encrypt [8]. When combined with an ACME client that automatically generates an X.509

DNS 126

DNS Manufacturing Firewall Internet 126

Security Affairs

DECEMBER 27, 2021

At this time, it is not clear how threat actors compromised the QNAP devices, some users claim that attackers exploited a flaw in the Photo Station software to hack them. The attackers first create a user in the administrator group, then use it to encrypt the content of the NAS. SecurityAffairs – hacking, ech0raix).

Ransomware 135

Ransomware Encryption Manufacturing Hacking 135

Security Affairs

JANUARY 28, 2022

Taiwanese electronics manufacturing company Delta Electronics was hit by the Conti ransomware that took place this week. According to CTWANT , which cited an undisclosed information security company, Delta Electronics was hit by Conti ransomware that asked Delta to pay a $15 million ransom to restore encrypted files and avoid their leak.

Computers and Electronics 102

Computers and Electronics Ransomware Manufacturing Malware 102

Security Affairs

MARCH 3, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. The Royal ransomware can either fully or partially encrypt a file depending on its size and the ‘-ep’ parameter.

Ransomware 97

Ransomware Healthcare Encryption Antivirus 97

Security Affairs

JUNE 11, 2021

Good news for the victims of the Avaddon ransomware gang , the cybercrime group has shut down its operations and provided the decryption keys to BleepingComputer website. The group has also shut down its servers and deleted profiles on hacking forums, they also shut down their leak site. SecurityAffairs – hacking, ransomware).

Ransomware 140

Ransomware Passwords Manufacturing Healthcare 140

Security Affairs

JANUARY 29, 2023

Copycat Criminals mimicking Lockbit gang in northern Europe Sandworm APT targets Ukraine with new SwiftSlicer wiper ISC fixed high-severity flaws in DNS software suite BIND Patch management is crucial to protect Exchange servers, Microsoft warns Hacker accused of having stolen personal data of all Austrians and more CVE-2023-23560 flaw exposes 100 (..)

DNS 96

DNS Data breaches Hacking Backups 96

Security Affairs

SEPTEMBER 15, 2024

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganin ( SecurityAffairs – hacking, Port of Seattle)

Ransomware 115

Ransomware Cyber Attacks Internet Internet 115

Security Affairs

JUNE 28, 2023

The group has been active since March 2022, it focused on small and medium-size businesses in multiple industries, including finance, manufacturing, business services, and IT. The experts observed a massive spike in activity associated with this threat actor between May and June 2023. and Brazil.

Ransomware 96

Ransomware Encryption Manufacturing Business Services 96

Security Affairs

OCTOBER 24, 2020

The ransomware encrypted files and renamed their filenames by adding the “ easy2lock” extension, this extension was previously associated with recent WastedLocker ransomware infections. Most of the victims belong to the manufacturing industry, followed by IT and media and telecommunications sectors. Pierluigi Paganini.

Ransomware 100

Ransomware Telecommunications Banking Advertising 100

Security Affairs

OCTOBER 27, 2022

DEV-0950 group used Clop ransomware to encrypt the network of organizations previously infected with the Raspberry Robin worm. The experts noticed that threat actors tracked as DEV-0950 used Clop ransomware to encrypt the network of organizations previously infected with the worm. SecurityAffairs – hacking, ransomware).

Ransomware 104

Ransomware Malware Data collection Encryption 104

Security Affairs

JULY 5, 2023

Once inside the system, this malicious variant stealthily extracts sensitive information and proceeds to encrypt the compromised files.” Threat actors used reputable LinkedIn pages to target victims, including the Philippines Industrial Machinery Manufacturing Company and multiple organizations in Brazil.

Energy and Utilities 94

Energy and Utilities Ransomware Backups Malware 94

Security Affairs

JUNE 3, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. The Royal ransomware is written in C++, it infected Windows systems and deletes all Volume Shadow Copies to prevent data recovery.

Ransomware 98

Ransomware Healthcare Encryption Manufacturing 98

Security Affairs

AUGUST 21, 2021

The vulnerabilities were discovered by security Researcher Tsai orange from Devcore, the issues were awarded $ 200,000 during the April 2021 Pwn2Own hacking contest. ” The victims of the Lockfile ransomware gang are in the manufacturing, financial services, engineering, legal, business services, and travel and tourism sectors.

Ransomware 139

Ransomware Hacking Financial Services Encryption 139

Security Affairs

AUGUST 13, 2022

The ransomware was involved in attacks aimed at technology and healthcare, defense contractors, educational institutions, manufacturers, companies across Europe, the United States, and Canada. To each encrypted file, it appends a randomized nine-digit hexadecimal number as an extension. SecurityAffairs – hacking, Zeppelin ransomware).

Ransomware 96

Ransomware Encryption Firmware Backups 96

Security Affairs

JANUARY 12, 2020

The Maze ransomware gang has released 14GB of files that they claim were stolen from one of its victims, the Southwire cable manufacturer. The victims of the Maze Ransomware are facing another risk, after having their data encrypted now crooks are threatening to publish their data online. Pierluigi Paganini.

Ransomware 82

Ransomware Manufacturing Advertising Encryption 82

Security Affairs

AUGUST 10, 2021

NAS servers are a privileged target for hackers because they normally store large amounts of data.The ransomware was targeting poorly protected or vulnerable NAS servers manufactured by QNAP, threat actors exploited known vulnerabilities or carried out brute-force attacks. SecurityAffairs – hacking, NAS). Pierluigi Paganini.

Ransomware 130

Ransomware Encryption Firmware Passwords 130

Security Affairs

FEBRUARY 20, 2024

The NCA will reach out to victims based in the UK in the coming days and weeks, providing support to help them recover encrypted data. Through our close collaboration, we have hacked the hackers; taken control of their infrastructure, seized their source code, and obtained keys that will help victims decrypt their systems.”

Energy and Utilities 115

Energy and Utilities Ransomware Manufacturing Financial Services 115

Security Affairs

DECEMBER 2, 2022

Like other ransomware gangs, Cuba used ‘double extortion’ techniques which means that it exfiltrates data from the target systems before encrypting them and demanding a ransom payment, threatening to publicly release it if payment is not made. SecurityAffairs – hacking, CISA). ” reads the report. Pierluigi Paganini.

Ransomware 95

Ransomware Financial Services Manufacturing Healthcare 95

Security Affairs

FEBRUARY 21, 2024

The NCA will reach out to victims based in the UK in the coming days and weeks, providing support to help them recover encrypted data. Follow me on Twitter: @securityaffairs and Facebook Pierluigi Paganini ( SecurityAffairs – hacking, ransomware) reads the press release published by DoJ.

Energy and Utilities 103

Energy and Utilities Ransomware Manufacturing Financial Services 103

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. SecurityAffairs – hacking, AvosLocker ransomware).

Ransomware 110

Ransomware DDOS Passwords Backups 110

Security Affairs

SEPTEMBER 23, 2023

The command-and-control beacons allowed Royal to prepare the City’s network resources for the May 03, 2023, ransomware encryption attack.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, City of Dallas ) The post City of Dallas has set a budget of $8.5

Ransomware 119

Ransomware Surveillance Healthcare Accountability 119

Security Affairs

JUNE 26, 2022

based media organization with offices in China and Hong Kong, electronic component designers and manufacturers in Lithuania and Japan, a law firm in the U.S., The HUI Loader is used to decrypt and load a third file containing an encrypted payload that is also deployed to the infected host. SecurityAffairs – hacking, Bronze Starlight).

Ransomware 93

Ransomware Manufacturing Cybercrime Malware 93

CyberSecurity Insiders

JANUARY 20, 2022

Data destruction and hardware hacking pose a tremendous threat to individuals and organizations alike, and The Insecurity of Everything focuses on the common areas that data impacts in our modern day-to-day lives.

Computers and Electronics 52

Computers and Electronics Manufacturing Hacking Data breaches 52

Security Affairs

MAY 4, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. The Royal ransomware is written in C++, it infected Windows systems and deletes all Volume Shadow Copies to prevent data recovery.

Ransomware 98

Ransomware Healthcare Education Encryption 98

SiteLock

AUGUST 27, 2021

Protect your website from hackers and cybercrime. It’s called FREAK (which stands for Factoring Attack on RSA-EXPORT Key), and works by weakening encrypted connections on SSL and TLS, which in turn allows an attacker to intercept and decipher the “secure” data. Apparently an unauthorized third party got access into Uber’s database.

Cybersecurity 52

Cybersecurity Data breaches Software Manufacturing 52

Security Boulevard

FEBRUARY 24, 2021

Fraud and identity theft are on the rise, with online shopping hacks and COVID-related scams popular among cybercriminals. . Fortunately, emerging trends in the financial technology sector may have the potential to turn the tide of cybercrime and keep our financial data safe. . Blockchain systems.

Cybersecurity 105

Cybersecurity Artificial Intelligence Risk Cybercrime 105

Security Affairs

JANUARY 5, 2024

Researchers from cybersecurity firm KELA reported that a threat actor announced on a cybercrime forum the sale of the source code and a cracked version of the Zeppelin ransomware builder for $500. To each encrypted file, it appends a randomized nine-digit hexadecimal number as an extension.

Ransomware 119

Ransomware Hacking Encryption Malware 119

BH Consulting

OCTOBER 11, 2022

Despite tumultuous market conditions, an increase in serious and sophisticated hacking attempts has caused the change in outlook. It will oblige manufacturers to report vulnerabilities to ENISA within 24 hours of detection and handle them “effectively” for five years or the product’s lifetime.

Ransomware 52

Ransomware Cybersecurity CISO Manufacturing 52

Security Affairs

APRIL 28, 2020

The Outlaw Hacking Group is back, malware researchers from Cybaze-Yoroi ZLab have uncovered a new botnet that is targeting European organizations. The Linux malware is the well-known “ Shellbot ”, it is a crimetool belonging to the arsenal of a threat actor tracked as the “Outlaw Hacking Group. ”. Introduction. Technical Analysis.

Architecture 106

Architecture Malware Hacking DDOS 106