Security Affairs

NOVEMBER 24, 2022

RansomExx operation has been active since 2018, the list of its victims includes government agencies, the computer manufacturer and distributor GIGABYTE , and the Italian luxury brand Zegna. ” reads the analysis published by IBM Security X-Force. ” concludes the report.

Ransomware 98

Ransomware Encryption Malware Manufacturing 98

Security Affairs

SEPTEMBER 13, 2021

Lile other ransomware operations, BlackMatter also set up its leak sitewhere it will publish data exfiltrated from the victims before encrypting their system. Japan-headquartered Olympus manufactures optical and digital reprography technology for the medical and life sciences industries.

Technology 116

Technology Ransomware Computers and Electronics Cybercrime 116

Security Affairs

MAY 16, 2023

French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack. The French electronics manufacturer Lacroix Group shut down three facilities in France, Germany, and Tunisia in response to a cyber attack. ” reported Yahoo Finance.

Manufacturing 83

Manufacturing Ransomware Cyber Attacks Backups 83

Security Affairs

AUGUST 29, 2021

The name of the sportswear manufacturer Puma appeared on the dark web marketplace of stolen data Marketo, threat actors claim to have stolen 1 GB of data from the company. The ad on Marketo claims to have about 1GB of data stolen from the company that are now auctioned to the highest bidder. .

Manufacturing 124

Manufacturing Data breaches Encryption Hacking 124

Security Affairs

JANUARY 8, 2024

“According to this and other leaked documents, the Department of Defence purchased technology for the Air Force’s encrypted communications. . “The leaked documents include a contract between the Swiss Department of Defence and the US company for almost $5 million (CHF 4.28 ” reported the SwissInfo website.

Hacking 111

Hacking Data breaches Ransomware Manufacturing 111

Security Affairs

MARCH 3, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. The Royal ransomware can either fully or partially encrypt a file depending on its size and the ‘-ep’ parameter.

Ransomware 89

Ransomware Healthcare Antivirus Encryption 89

Security Affairs

DECEMBER 27, 2021

The attackers first create a user in the administrator group, then use it to encrypt the content of the NAS. The ransomware, tracked by Intezer as “ QNAPCrypt ” and “ eCh0raix ” by Anomali, is written in the Go programming language and uses AES encryption to encrypt files. TXTT” extension. 024 ($1,200) up to.06

Ransomware 124

Ransomware Encryption Manufacturing Hacking 124

Security Affairs

JULY 2, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime 85

Cybercrime Hacking Ransomware Malware 85

Security Affairs

OCTOBER 27, 2022

DEV-0950 group used Clop ransomware to encrypt the network of organizations previously infected with the Raspberry Robin worm. The experts noticed that threat actors tracked as DEV-0950 used Clop ransomware to encrypt the network of organizations previously infected with the worm.

Ransomware 95

Ransomware Malware Data collection Encryption 95

Security Affairs

DECEMBER 4, 2021

. “The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors.”

Ransomware 137

Ransomware Hacking Malware Encryption 137

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. Focus on cyber security awareness and training.

Ransomware 97

Ransomware DDOS Passwords Backups 97

Security Affairs

JUNE 3, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. The Royal ransomware is written in C++, it infected Windows systems and deletes all Volume Shadow Copies to prevent data recovery.

Ransomware 93

Ransomware Healthcare Encryption Manufacturing 93

Security Affairs

JUNE 28, 2023

The group has been active since March 2022, it focused on small and medium-size businesses in multiple industries, including finance, manufacturing, business services, and IT. ” Security experts attributed 67 attacks to the group in May 2023, most of the victims are in the U.S. and Brazil.

Ransomware 85

Ransomware Encryption Manufacturing Business Services 85

Security Affairs

JULY 5, 2023

Once inside the system, this malicious variant stealthily extracts sensitive information and proceeds to encrypt the compromised files.” Threat actors used reputable LinkedIn pages to target victims, including the Philippines Industrial Machinery Manufacturing Company and multiple organizations in Brazil.

Energy and Utilities 81

Energy and Utilities Ransomware Backups Malware 81

Security Affairs

JUNE 11, 2021

Good news for the victims of the Avaddon ransomware gang , the cybercrime group has shut down its operations and provided the decryption keys to BleepingComputer website. The security company already develop a free decryptor for the victims of the Avaddon ransomware. ” states Emsisoft.

Ransomware 138

Ransomware Passwords Manufacturing Healthcare 138

Security Affairs

AUGUST 10, 2021

NAS servers are a privileged target for hackers because they normally store large amounts of data.The ransomware was targeting poorly protected or vulnerable NAS servers manufactured by QNAP, threat actors exploited known vulnerabilities or carried out brute-force attacks.

Ransomware 130

Ransomware Encryption Firmware Passwords 130

Security Affairs

FEBRUARY 21, 2024

The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free. The NCA will reach out to victims based in the UK in the coming days and weeks, providing support to help them recover encrypted data. reads the press release published by DoJ.

Energy and Utilities 91

Energy and Utilities Ransomware Manufacturing Financial Services 91

CyberSecurity Insiders

MAY 22, 2021

a world leader in memory products and technology solutions, is proud to announce it has won the following Global InfoSec Awards for its encrypted USB solutions family from Cyber Defense Magazine (CDM), the industry’s leading electronic information magazine: Data Loss Prevention Market Leader. Encryption Market Leader.

InfoSec 40

InfoSec Technology Encryption B2C 40

Security Affairs

AUGUST 13, 2022

The ransomware was involved in attacks aimed at technology and healthcare, defense contractors, educational institutions, manufacturers, companies across Europe, the United States, and Canada. To each encrypted file, it appends a randomized nine-digit hexadecimal number as an extension. ” reads the joint advisory. “The

Ransomware 85

Ransomware Encryption Firmware Backups 85

Security Affairs

JANUARY 12, 2020

The Maze ransomware gang has released 14GB of files that they claim were stolen from one of its victims, the Southwire cable manufacturer. The victims of the Maze Ransomware are facing another risk, after having their data encrypted now crooks are threatening to publish their data online. Pierluigi Paganini.

Ransomware 69

Ransomware Manufacturing Advertising Encryption 69

Security Affairs

OCTOBER 24, 2020

The ransomware encrypted files and renamed their filenames by adding the “ easy2lock” extension, this extension was previously associated with recent WastedLocker ransomware infections. Most of the victims belong to the manufacturing industry, followed by IT and media and telecommunications sectors.

Ransomware 86

Ransomware Telecommunications Banking Advertising 86

Security Affairs

FEBRUARY 20, 2024

The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free. The NCA will reach out to victims based in the UK in the coming days and weeks, providing support to help them recover encrypted data.

Energy and Utilities 100

Energy and Utilities Ransomware Manufacturing Financial Services 100

Security Affairs

MAY 4, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. The Royal ransomware is written in C++, it infected Windows systems and deletes all Volume Shadow Copies to prevent data recovery.

Ransomware 91

Ransomware Healthcare Education Encryption 91

Security Affairs

SEPTEMBER 23, 2023

The command-and-control beacons allowed Royal to prepare the City’s network resources for the May 03, 2023, ransomware encryption attack.” million to mitigate the May Royal ransomware attack appeared first on Security Affairs. ” continues the report.

Ransomware 104

Ransomware Surveillance Healthcare Accountability 104

Security Affairs

JANUARY 29, 2023

Copycat Criminals mimicking Lockbit gang in northern Europe Sandworm APT targets Ukraine with new SwiftSlicer wiper ISC fixed high-severity flaws in DNS software suite BIND Patch management is crucial to protect Exchange servers, Microsoft warns Hacker accused of having stolen personal data of all Austrians and more CVE-2023-23560 flaw exposes 100 (..)

DNS 84

DNS Data breaches Hacking Backups 84

Security Affairs

AUGUST 21, 2021

.” The victims of the Lockfile ransomware gang are in the manufacturing, financial services, engineering, legal, business services, and travel and tourism sectors. Once encrypted the files, the ransomware will append the .lockfile lockfile extension to the encrypted file’s names.

Ransomware 138

Ransomware Financial Services Hacking Encryption 138

Security Affairs

DECEMBER 2, 2022

Like other ransomware gangs, Cuba used ‘double extortion’ techniques which means that it exfiltrates data from the target systems before encrypting them and demanding a ransom payment, threatening to publicly release it if payment is not made. “FBI has identified a sharp increase in the both the number of compromised U.S.

Ransomware 82

Ransomware Financial Services Manufacturing Healthcare 82

Security Affairs

JUNE 26, 2022

based media organization with offices in China and Hong Kong, electronic component designers and manufacturers in Lithuania and Japan, a law firm in the U.S., The HUI Loader is used to decrypt and load a third file containing an encrypted payload that is also deployed to the infected host.

Ransomware 80

Ransomware Manufacturing Cybercrime Malware 80

Security Affairs

FEBRUARY 12, 2024

Cybersecurity researchers from Kookmin University and the Korea Internet and Security Agency (KISA) discovered an implementation vulnerability in the source code of the Rhysida ransomware. Rhysida ransomware employed a secure random number generator to generate the encryption key and subsequently encrypt the data.

Ransomware 116

Ransomware Encryption VPN Manufacturing 116

Security Affairs

JANUARY 5, 2024

Researchers from cybersecurity firm KELA reported that a threat actor announced on a cybercrime forum the sale of the source code and a cracked version of the Zeppelin ransomware builder for $500. To each encrypted file, it appends a randomized nine-digit hexadecimal number as an extension.

Ransomware 105

Ransomware Hacking Encryption Malware 105

NopSec

DECEMBER 7, 2016

Modern variants of ransomware, called crypto ransomware, entomb the files stored on a hard drive using strong encryption. SCADA Access As A Service (SAaaS) Cybercrime is a business. It gives the example of Hacking Team, based in Italy, and Vupen Security, based in France. One is called SCADA Access as a Service, or SAaaS.

Cyber threats 40

Cyber threats Cyber Attacks Ransomware Manufacturing 40

SecureList

MAY 12, 2021

To ensure that their ability to restore encrypted files would never be questioned, they cultivated an online presence, wrote press releases and generally made sure their name would be known to all potential victims. But it is worth pointing out that not all members of this ecosystem originate from the cybercrime underworld.

Ransomware 123

Ransomware Encryption Malware Cybercrime 123

Security Affairs

SEPTEMBER 9, 2023

The cybercrime group claims to have stolen 1 TB of data from the hospital and threatens to leak it. The message published by the gang on its leak site emphasizes that they didn’t encrypt data to avoid causing malfunctions to the hospital’s medical equipment.

Ransomware 116

Ransomware Financial Services Cybercrime Encryption 116

SC Magazine

MARCH 10, 2021

granting them access to live and archived video feeds across multiple organizations, including manufacturing facilities, hospitals, schools, police departments and prisons. This makes it more difficult to hack, as no one knows the password and it will be encrypted in a deeply secured vault.”.

Surveillance 129

Surveillance IoT Accountability Passwords 129

Security Affairs

NOVEMBER 25, 2020

In the report, the company examines key shifts in the cybercrime world internationally between H2 2019 and H1 2020 and gives forecasts for the coming year. The past year — a harrowing period for the world economy — culminated in the spike of cybercrime. Ransomware operators buy access and then encrypt devices on the network.

Banking 131

Banking Ransomware Phishing Marketing 131