Cybercrime, Information Security and Manufacturing

XE Group shifts from credit card skimming to exploiting zero-days

Security Affairs

FEBRUARY 10, 2025

The cybercrime group XE Group exploited a VeraCore zero-day to deploy reverse shells, web shells in recent attacks. A recent investigation by researchers from Intezer and Solis Security shed light on the recent operations of the XE Group. ” reads the analysis published by Intezer. ” reads the analysis published by Intezer.

Manufacturing

Manufacturing Cybercrime Authentication Hacking

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Security Affairs

APRIL 16, 2025

Doctor Web warns that the attackers gained access to the supply chain of a number of Chinese manufacturers of Android-based smartphones. A third of the models listed below are manufactured under the SHOWJI brand.“ The kits analyzed by the company are commercialized by many manufacturers including Huawei, Lenovo and Xiaomi.

Malware

Malware Manufacturing Mobile Spyware

Law enforcement operations seized BlackSuit ransomware gang’s darknet sites

Security Affairs

JULY 26, 2025

BlackSuit is believed to be a rebrand of Royal ransomware , which the FBI and CISA linked to the Conti cybercrime group, a major player in Russian cybercrime. The BlackSuit ransomware targeted various critical infrastructure sectors, including commercial facilities, healthcare, government, and manufacturing.

Ransomware

Ransomware Cybercrime Manufacturing Healthcare

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Security Affairs

MAY 1, 2025

A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6. Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware.

Malware

Malware Phishing Telecommunications Antivirus

Authorities released free decryptor for Phobos and 8base ransomware

Security Affairs

JULY 18, 2025

The group has been active since March 2022, it focused on small and medium-sized businesses in multiple industries, including finance, manufacturing, business services, and IT.

Ransomware

Ransomware Encryption Malware Cybercrime

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Security Boulevard

FEBRUARY 14, 2025

Meanwhile, an informal Tenable poll looks at cloud security challenges. And get the latest on ransomware trends and on cybercrime legislation and prevention! government is urging software makers to adopt secure application-development practices that help prevent buffer overflow attacks.

Banking

Banking Cybercrime Cybersecurity Ransomware

BadBox 2.0 botnet infects millions of IoT devices worldwide, FBI warns

Security Affairs

JUNE 9, 2025

These compromised devices are used for criminal activity after attackers gain unauthorized access through security flaws. “Most of the infected devices were manufactured in China. The FBI published a Public Service Announcement (PSA) to warn that cybercriminals are using the BADBOX 2.0 ” BADBOX 2.0

IoT

IoT Internet Internet Advertising

Sarcoma ransomware gang claims the theft of sensitive data from PCB maker Unimicron

Security Affairs

FEBRUARY 12, 2025

The Sarcoma ransomware group announced a breach of the Taiwanese printed circuit board (PCB) manufacturing giant Unimicron. The Sarcoma ransomware group claims to have breached Taiwanese PCB manufacturer Unimicron, leaked sample files, and threatened a full data release if no ransom is paid by Tuesday, February 20, 2025.

Computers and Electronics

Computers and Electronics Ransomware Manufacturing Data breaches

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

Security Affairs

DECEMBER 26, 2024

Hardware manufacturers do not always issue patches for retired devices, and the manufacturer itself may sometimes be defunct. Therefore, in circumstances in which security patches are unavailable and unlikely to come, we recommend upgrading vulnerable devices to a newer model.” ” concludes the report.

Manufacturing

Manufacturing Malware Firmware IoT

Enhanced capabilities sustain the rapid growth of Vo1d botnet

Security Affairs

FEBRUARY 28, 2025

Unfortunately, manufacturers often sell older OS versions as newer ones. Users may also mistakenly believe TV boxes are more secure than smartphones and are less likely to install antivirus software, increasing their risk when downloading third-party apps or unofficial firmware. .

Antivirus

Antivirus Firmware Encryption Manufacturing

Texas oilfield supplier Newpark Resources suffered a ransomware attack

Security Affairs

NOVEMBER 8, 2024

. “The incident has caused disruptions and limitation of access to certain of the Company’s information systems and business applications supporting aspects of the Company’s operations and corporate functions, including financial and operating reporting systems.”

Ransomware

Ransomware Manufacturing Malware Hacking

Ransomware attack hit Indian multinational Tata Technologies

Security Affairs

FEBRUARY 1, 2025

The company, which is engaged in product engineering, provides services to automotive and aerospace original equipment manufacturers as well as industrial machinery companies. Indian multinational Tata Technologies , a Tata Motors subsidiary, suspended some IT services following a ransomware attack.

Technology

Technology Ransomware Manufacturing Engineering

Cartier disclosed a data breach following a cyber attack

Security Affairs

JUNE 4, 2025

Cartier ( @Cartier ) has confirmed unauthorized access to its systems, compromising sensitive customer information. Cartier designs, manufactures, distributes, and sells jewelry, watches, leather goods, and accessories. Due to the data involved, the company warns customers to stay alert for unsolicited or suspicious communications.

Data breaches

Data breaches Cyber Attacks Manufacturing Banking

Rhysida Ransomware gang claims the hack of the Government of Peru

Security Affairs

MAY 3, 2025

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. According to the gangs Tor leak site, at least 182 companies are victims of the operation. The victims of the group are targets of opportunity.

Government

Government Hacking Ransomware Manufacturing

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

The group has extended its operations to countries in Asia and targets various sectors, including healthcare, real estate, construction, IT, food, and manufacturing.” . “Cloak primarily targets small to medium-sized businesses in Europe, with Germany as a key focus. ” reads a report published by Halcyon.

Ransomware

Ransomware Hacking Social Engineering Manufacturing

Port of Seattle ‘s August data breach impacted 90,000 people

Security Affairs

APRIL 5, 2025

The ransomware gang hit organizations in multiple industries, including education, healthcare, manufacturing, information technology, and government sectors. In September 2024, Port of Seattle confirmed that the Rhysida ransomware group was behind the cyberattack. The Rhysida ransomware group has been active since May 2023.

Data breaches

Data breaches Ransomware Cyber Attacks Manufacturing

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Security Affairs

MARCH 5, 2025

The company, which is engaged in product engineering, provides services to automotive and aerospace original equipment manufacturers as well as industrial machinery companies. The ransomware attack took place in January as per a regulatory filing with the Indian National Stock Exchange. ” reads the filing.

Technology

Technology Ransomware Engineering Manufacturing

U.S. CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

NOVEMBER 5, 2024

The vulnerabilities impact NDI-enabled pan-tilt-zoom (PTZ) cameras from multiple manufacturers. used in PTZOptics, Multicam Systems SAS, and SMTAV Corporation devices based on Hisilicon Hi3516A V600 SoC V60, V61, and V63 should take immediate action to patch the discovered vulnerabilities and secure their systems. concludes the report.

Firmware

Firmware Manufacturing Authentication IoT

New Ballista Botnet spreads using TP-Link flaw. Is it an Italian job?

Security Affairs

MARCH 12, 2025

Named after the ancient Roman weapon, Ballista targets TP-Link Archer routers and has affected manufacturing, healthcare, services, and tech sectors in the U.S., Cato links the Ballista botnet to an Italian-based threat actor, the attribution is based on an Italian IP address and strings in Italian in the code. Australia, China, and Mexico.

IoT

IoT Malware Encryption DDOS

Operation Phobos Aetor: Police dismantled 8Base ransomware gang

Security Affairs

FEBRUARY 11, 2025

The 8Base ransomware group has been active since March 2022, it focused on small and medium-size businesses in multiple industries, including finance, manufacturing, business services, and IT. Source Nation Thailand The gang compromised at least 17 Swiss companies using the Phobos ransomware between April 2023 and October 2024.

Ransomware

Ransomware Encryption Backups Malware

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

Security Affairs

MARCH 13, 2025

As of February 2025, Medusa developers and affiliates have impacted over 300 victims from a variety of critical infrastructure sectors with affected industries including medical, education, legal, insurance, technology, and manufacturing.” ” reads the joint advisory.

Ransomware

Ransomware Encryption Cryptocurrency Insurance

New PumaBot targets Linux IoT surveillance devices

Security Affairs

MAY 28, 2025

“Notably, the malware checks for the presence of the string Pumatronix, a manufacturer of surveillance and traffic camera systems, suggesting potential IoT targeting or an effort to evade specific devices.” ” states the report.

Surveillance

Surveillance IoT Malware Manufacturing

A ransomware attack pushed the German napkin firm Fasana into insolvency

Security Affairs

JUNE 20, 2025

. “A cyberattack has potentially serious consequences for the approximately 240 employees of the Euskirchen-based company Fasana : The attack caused so much damage to the paper napkin manufacturer that it has now filed for insolvency.” ” states the insolvency administrator Maike Krebber.

Ransomware

Ransomware Encryption Manufacturing Hacking

Airplane manufacturer Bombardier has disclosed a security breach, data leaked online

Security Affairs

FEBRUARY 24, 2021

Hackers posted data stolen from manufacturer of business jets Bombardier on Clop ransomware leak site following alleged FTA hack. Security experts from FireEye linked the cyber attacks to the cybercrime group UNC2546, aka FIN11. Bombardier pointed out that manufacturing and customer support operations have not been impacted.

Manufacturing

Manufacturing Ransomware Cybercrime Hacking

Power semiconductor component manufacturer Semikron suffered a ransomware attack

Security Affairs

AUGUST 3, 2022

Semikron, a German-based independent manufacturer of power semiconductor components, suffered a ransomware cyberattck. The company is investigating the security breach with the help of external cyber security and forensic experts. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Manufacturing

Manufacturing Ransomware Encryption Data breaches

Threat actor claims to have hacked European manufacturer of missiles MBDA

Security Affairs

JULY 31, 2022

Threat actors that go online with the moniker Adrastea claim to have hacked the multinational manufacturer of missiles MBDA. The post Threat actor claims to have hacked European manufacturer of missiles MBDA appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Manufacturing

Manufacturing Hacking Passwords Cybersecurity

BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider

Security Affairs

OCTOBER 30, 2022

The BlackByte ransomware group claims to have compromised Asahi Group Holdings, a precision metal manufacturing and metal solution provider. The post BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider appeared first on Security Affairs. Asahi Group Holdings, Ltd.

Manufacturing

Manufacturing Ransomware Hacking Data breaches

Experts link Raspberry Robin Malware to Evil Corp cybercrime gang

Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Cybercrime

Cybercrime Malware Backups Manufacturing

Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches

Data breaches Cybercrime Financial Services Hacking

A cyber attack forced the wind turbine manufacturer Nordex Group to shut down some of IT systems

Security Affairs

APRIL 6, 2022

Nordex Group, one of the largest manufacturers of wind turbines, was hit by a cyberattack that forced the company to shut down part of its infrastructure. Nordex Group, one of the world’s largest manufacturers of wind turbines, was the victim of a cyberattack that forced the company to take down multiple systems. Pierluigi Paganini.

Manufacturing

Manufacturing Cyber Attacks Ransomware Hacking

US agricultural machinery manufacturer AGCO suffered a ransomware attack

Security Affairs

MAY 8, 2022

The American agricultural machinery manufacturer AGCO announced that has suffered a ransomware attack that impacted its production facilities. AGCO, one of the most important agricultural machinery manufacturers, announced that a ransomware attack impacted some of its production facilities. To nominate, please visit:?

Manufacturing

Manufacturing Ransomware Hacking Risk

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

Security Affairs

JULY 1, 2023

The LockBit ransomware gang claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC). The LockBit ransomware group this week claimed to have hacked the Taiwan Semiconductor Manufacturing Company ( TSMC ) and $70 million ransom. In August 2018, a malware infected systems at several Taiwan Semiconductor Manufacturing Co.

Manufacturing

Manufacturing Ransomware Hacking Security Awareness

Cleaning Products manufacturer Clorox Company took some systems offline after a cyberattack

Security Affairs

AUGUST 17, 2023

Cleaning products manufacturer Clorox Company announced that it has taken some systems offline in response to a cyberattack. The Clorox Company is a multinational consumer goods company that specializes in the production and marketing of various household and professional cleaning, health, and personal care products.

Manufacturing

Manufacturing Cyber Attacks Marketing Hacking

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

Security Affairs

JANUARY 26, 2023

The company is a globally recognised industrial explosives manufacturer, it provides complete blasting solutions, including packaged, bulk explosives and initiating systems to meet its customer needs across the globe. .” The BlackCat Ransomware gang added SOLAR INDUSTRIES INDIA to the list of victims published on its Tor leak site.

Manufacturing

Manufacturing Ransomware Engineering Hacking

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

Security Affairs

APRIL 10, 2020

Visser Precision is a parts maker for many companies in several industries, including aerospace, automotive, industrial and manufacturing. an antenna in an anti-mortar defense system), billing and payment forms, supplier information, data analysis reports, and legal paperwork. ” reads the statement published by El Reg.

Manufacturing

Manufacturing Ransomware Advertising Cybercrime

Law enforcement arrested 31 suspects for stealing cars by hacking key fobs

Security Affairs

OCTOBER 18, 2022

An international law enforcement operation led by Europol disrupted a cybercrime ring focused on hacking wireless key fobs to steal cars. The crooks targeted keyless vehicles manufactured by two French car manufacturers. The new software allows the door to open and the ignition to be started without the actual key fob. .

Hacking

Hacking Cybercrime Manufacturing Wireless

New ATM Malware family emerged in the threat landscape

Security Affairs

MAY 27, 2024

Experts warn of a new ATM malware family that is advertised in the cybercrime underground, it was developed to target Europe. According to the announcement, the ATM malware can target machines manufactured by multiple leading vendors, including Diebold Nixdorf, Hyosung, Oki, Bank of America, NCR, GRG, and Hitachi.

Malware

Malware Banking Cybercrime Advertising

New RedLine malware version distributed as fake Omicron stat counter

Security Affairs

JANUARY 12, 2022

The new RedLine variant searches for the following strings to locate relevant folders for data exfiltration: wallet.dat (information related to cryptocurrency) wallet (information related to cryptocurrency) Login Data Web Data Cookies Opera GX Stable Opera GX. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Malware

Malware Manufacturing Cryptocurrency Cybercrime

Boeing confirmed its services division suffered a cyberattack

Security Affairs

NOVEMBER 2, 2023

The Boeing Company, commonly known as Boeing, is one of the world’s largest aerospace manufacturers and defense contractors. At this time the cybercrime gang has yet to publish the alleged stolen data. In 2022, Boeing recorded $66.61 billion in sales, the aerospace giant has 156,000 (2022).

Manufacturing

Manufacturing Ransomware Cybercrime Hacking

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs

OCTOBER 19, 2023

This is an important achievement in the fight against cybercrime. Law enforcement from the US, Europe, Germany, France, Italy, Japan, Spain, Netherlands, Czech Republic, and Latvia conducted a joint operation that led to the seizure of the Ragnar Locker ransomware’s infrastructure. Both FBI and Europol declined to comment on the events.

Financial Services

Financial Services Ransomware Cybercrime Manufacturing

A cyberattack disrupted operations of US chipmaker Microchip Technology

Security Affairs

AUGUST 22, 2024

Semiconductor manufacturer Microchip Technology announced that its operations were disrupted by a cyberattack. chipmaker Microchip Technology suffered a cyberattack that disrupted operations at several of its manufacturing plants. ” reads the FORM 8-K report filed with Securities and Exchange Commission (SEC).

Technology

Technology Manufacturing Hacking Cybersecurity

BlackMatter ransomware gang hit Technology giant Olympus

Security Affairs

SEPTEMBER 13, 2021

The birth of the BlackMatter ransomware was first spotted by researchers at Recorded Future who also reported that the gang is setting up a network of affiliates using ads posted on two cybercrime forums, such as Exploit and XSS. In August, the gang has implemented a Linux encryptor to targets VMware ESXi virtual machine platform. .

Technology

Technology Ransomware Computers and Electronics Cybercrime

A cyberattack halted operations at Varta production plants

Security Affairs

FEBRUARY 15, 2024

On February 12, 2023, a cyber attack halted operations at five production plants of German battery manufacturer Varta. On February 13, German battery manufacturer Varta announced that a cyber attack forced the company to shut down IT systems. The attack disrupted operations at five production plants and the administration.

Manufacturing

Manufacturing Cyber Attacks Ransomware Hacking

Volvo Cars suffers a data breach. Is it a ransomware attack?

Security Affairs

DECEMBER 10, 2021

Swedish automotive manufacturer Volvo Cars revealed that has suffered a cyberattack that resulted in the theft of R&D data. Swedish automotive manufacturer Volvo Cars revealed that threat actors have stolen R&D data from its systems. Snatch ransomware operators already leaked 35.9 Pierluigi Paganini.

Data breaches

Data breaches Ransomware Manufacturing Hacking

XE Group shifts from credit card skimming to exploiting zero-days

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Trending Sources

Law enforcement operations seized BlackSuit ransomware gang’s darknet sites

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Authorities released free decryptor for Phobos and 8base ransomware

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

BadBox 2.0 botnet infects millions of IoT devices worldwide, FBI warns

Sarcoma ransomware gang claims the theft of sensitive data from PCB maker Unimicron

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

Enhanced capabilities sustain the rapid growth of Vo1d botnet

Texas oilfield supplier Newpark Resources suffered a ransomware attack

Ransomware attack hit Indian multinational Tata Technologies

Cartier disclosed a data breach following a cyber attack

Rhysida Ransomware gang claims the hack of the Government of Peru

Cloak ransomware group hacked the Virginia Attorney General’s Office

Port of Seattle ‘s August data breach impacted 90,000 people

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

U.S. CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog

New Ballista Botnet spreads using TP-Link flaw. Is it an Italian job?

Operation Phobos Aetor: Police dismantled 8Base ransomware gang

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

New PumaBot targets Linux IoT surveillance devices

A ransomware attack pushed the German napkin firm Fasana into insolvency

Airplane manufacturer Bombardier has disclosed a security breach, data leaked online

Power semiconductor component manufacturer Semikron suffered a ransomware attack

Threat actor claims to have hacked European manufacturer of missiles MBDA

BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider

Experts link Raspberry Robin Malware to Evil Corp cybercrime gang

Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum

A cyber attack forced the wind turbine manufacturer Nordex Group to shut down some of IT systems

US agricultural machinery manufacturer AGCO suffered a ransomware attack

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

Cleaning Products manufacturer Clorox Company took some systems offline after a cyberattack

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

Law enforcement arrested 31 suspects for stealing cars by hacking key fobs

New ATM Malware family emerged in the threat landscape

New RedLine malware version distributed as fake Omicron stat counter

Boeing confirmed its services division suffered a cyberattack

Law enforcement operation seized Ragnar Locker group’s infrastructure

A cyberattack disrupted operations of US chipmaker Microchip Technology

BlackMatter ransomware gang hit Technology giant Olympus

A cyberattack halted operations at Varta production plants

Volvo Cars suffers a data breach. Is it a ransomware attack?

Stay Connected