Security Affairs

JANUARY 12, 2022

Experts warn of a new variant of the RedLine malware that is distributed via emails as fake COVID-19 Omicron stat counter app as a lure. The malicious code can also act as a first-stage malware. SecurityAffairs – hacking, RedLine malware). This variant uses 207[.]32.217.89 as its C2 server through port 14588.

Malware 142

Malware Manufacturing Cryptocurrency Cybercrime 142

Security Affairs

OCTOBER 30, 2022

The BlackByte ransomware group claims to have compromised Asahi Group Holdings, a precision metal manufacturing and metal solution provider. The post BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider appeared first on Security Affairs. Asahi Group Holdings, Ltd.

Manufacturing 132

Manufacturing Ransomware Hacking Data breaches 132

Security Affairs

MAY 8, 2022

The American agricultural machinery manufacturer AGCO announced that has suffered a ransomware attack that impacted its production facilities. AGCO, one of the most important agricultural machinery manufacturers, announced that a ransomware attack impacted some of its production facilities. To nominate, please visit:?

Manufacturing 94

Manufacturing Ransomware Hacking Risk 94

Security Affairs

DECEMBER 24, 2022

“We found samples of the Raspberry Robin malware spreading in telecommunications and government office systems beginning September.” ” Raspberry Robin is a Windows worm discovered by cybersecurity researchers from Red Canary, the malware propagates through removable USB devices. .” exe, and rundll32.exe.

Government 97

Government Malware Telecommunications Cybercrime 97

SecureWorld News

APRIL 11, 2024

The Raspberry Robin malware, a heavily obfuscated Windows worm first identified in late 2021, has become one of the most prevalent threats facing enterprises today. Jason Soroko, Senior Vice President of Product at Sectigo, discussed the sophistication of this malware.

Malware 85

Malware IoT Ransomware Manufacturing 85

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. Proofpoint researchers uncovered a campaign exclusively targeting French entities and organizations with operations in France with the banking malware TinyNuke.

Banking 110

Banking Malware Manufacturing Business Services 110

Security Affairs

JANUARY 26, 2023

The company is a globally recognised industrial explosives manufacturer, it provides complete blasting solutions, including packaged, bulk explosives and initiating systems to meet its customer needs across the globe. .” The BlackCat Ransomware gang added SOLAR INDUSTRIES INDIA to the list of victims published on its Tor leak site.

Manufacturing 92

Manufacturing Ransomware Engineering Hacking 92

Malwarebytes

FEBRUARY 16, 2021

Today, we are showing readers just what that evolution looked like, in our State of Malware 2021 report. This report provides our most comprehensive analysis of last year’s malware trends, with breakdowns by malware category, malware type, operating system, region, industry, and more.

Malware 121

Malware Scams Spyware Healthcare 121

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Data breaches 113

Data breaches Computers and Electronics Spyware Cybercrime 113

Security Affairs

SEPTEMBER 26, 2023

A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. that was significantly improved. ” concludes the report.

Malware 119

Malware Banking Phishing Engineering 119

Security Affairs

AUGUST 21, 2022

A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a Grandoreiro banking malware campaign targeting organizations in the Spanish-speaking nations of Mexico and Spain. ” reads the post published by Zscaler. Pierluigi Paganini.

Banking 101

Banking Malware Antivirus Phishing 101

Security Affairs

JULY 29, 2022

Microsoft linked the recently discovered Raspberry Robin Windows malware to the notorious Evil Corp operation. On July 26, 2022, Microsoft researchers discovered that the FakeUpdates malware was being distributed via Raspberry Robin malware. The malware uses TOR exit nodes as a backup C2 infrastructure.

Malware 115

Malware Backups Manufacturing Accountability 115

Security Affairs

JANUARY 31, 2023

TrickGate is a shellcode-based packer offered as a service to malware authors to avoid detection, CheckPoint researchers reported. TrickGate is a shellcode-based packer offered as a service, which is used at least since July 2016, to hide malware from defense programs. ” concludes the report.

Malware 96

Malware Antivirus Manufacturing Healthcare 96

SecureWorld News

AUGUST 29, 2023

The significance of this achievement cannot be overstated, as Qakbot has been responsible for a myriad of cybercrimes, including ransomware attacks and financial fraud, causing massive losses to individuals and businesses for more than a decade. What is Qakbot and why was it shutdown?

Cybercrime 110

Cybercrime Malware Ransomware Manufacturing 110

Security Affairs

AUGUST 20, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime 91

Cybercrime Hacking Malware Phishing 91

Security Affairs

DECEMBER 24, 2022

“We found samples of the Raspberry Robin malware spreading in telecommunications and government office systems beginning September.” ” Raspberry Robin is a Windows worm discovered by cybersecurity researchers from Red Canary, the malware propagates through removable USB devices. .” exe, and rundll32.exe.

Government 52

Government Malware Telecommunications Cybercrime 52

Security Affairs

MAY 12, 2024

Most of the victims are in the manufacturing, engineering and construction, and retail sectors. Some of the victims’ ransom payments were sent by both Conti and Black Basta groups to the gang behind the Qakbot malware. The average ransom payment was $1.2 61,9% of the victims are in the US, 15.8% in Germany, and 5.9%

Ransomware 128

Ransomware Hacking Healthcare Retail 128

Security Affairs

APRIL 25, 2019

The special-purpose vehicle maker Aebi Schmidt was hit by a malware attack that disrupted some of its operations. The Aebi Schmidt Group is a manufacturer of product systems and services for the management, cleaning and clearance of traffic areas as well as for the maintenance of green areas in demanding terrain. Pierluigi Paganini.

Malware 79

Malware Manufacturing Cyber Attacks Ransomware 79

Security Affairs

JULY 2, 2023

Illicit Telegram Communities Dismantling of an encrypted network sends shockwaves through organised crime groups across Europe TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant Malware Trojanized Super Mario Game Installer Spreads SupremeBot Malware Initial research exposing JOKERSPY Who is 8BASE?

Hacking 96

Hacking Cybercrime Ransomware Malware 96

Security Affairs

NOVEMBER 16, 2018

According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. New cybercrime groups are also expected to start operations in Asia and Latin America. Security Affairs – Central Bank of Russia, cybercrime ). Pierluigi Paganini.

Cybercrime 90

Cybercrime Hacking Banking Phishing 90

Security Affairs

NOVEMBER 2, 2023

The Boeing Company, commonly known as Boeing, is one of the world’s largest aerospace manufacturers and defense contractors. At this time the cybercrime gang has yet to publish the alleged stolen data. In 2022, Boeing recorded $66.61 billion in sales, the aerospace giant has 156,000 (2022).

Manufacturing 117

Manufacturing Ransomware Cybercrime Hacking 117

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5%

Spyware 134

Spyware Manufacturing Small Business Surveillance 134

CyberSecurity Insiders

APRIL 5, 2023

North Korea has established a hacking group named APT43 to fund its cybercrime activities, aimed at advancing Pyongyang’s geopolitical interests. Since September 2021, the group of cyber criminals has shifted its focus to the healthcare and pharmaceutical industries.

Hacking 105

Hacking Social Engineering Cryptocurrency Manufacturing 105

Security Affairs

NOVEMBER 6, 2022

Cisco addressed several high-severity flaws in its products LockBit ransomware gang claims the hack of Continental automotive group 250+ U.S. Cisco addressed several high-severity flaws in its products LockBit ransomware gang claims the hack of Continental automotive group 250+ U.S. Follow me on Twitter: @securityaffairs and Facebook.

Hacking 97

Hacking Ransomware Cybercrime Backups 97

Security Affairs

MARCH 7, 2023

Researchers discovered a new info stealer dubbed SYS01 stealer targeting critical government infrastructure and manufacturing firms. The last stage malware is the PHP-based SYS01stealer malware which is able to steal browser cookies and abuse authenticated Facebook sessions to steal information from the victim’s Facebook account.

Government 98

Government Manufacturing Malware Social Engineering 98

Security Affairs

OCTOBER 19, 2023

This is an important achievement in the fight against cybercrime. Law enforcement from the US, Europe, Germany, France, Italy, Japan, Spain, Netherlands, Czech Republic, and Latvia conducted a joint operation that led to the seizure of the Ragnar Locker ransomware’s infrastructure. Both FBI and Europol declined to comment on the events.

Ransomware 121

Ransomware Financial Services Cybercrime Manufacturing 121

Security Affairs

MARCH 11, 2024

The BianLian ransomware emerged in August 2022, the malware was employed in attacks against organizations in various industries, including manufacturing, media and entertainment, and healthcare. GuidePoint Security analyzed the PowerShell script and noticed the use of the function ‘cookies’ with specific parameters.

Ransomware 119

Ransomware Malware Manufacturing Healthcare 119

Security Affairs

APRIL 18, 2024

In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. carmaker with spear-phishing attacks. com”, which is a free online scanner.

Phishing 119

Phishing Cybercrime Manufacturing Hacking 119

Malwarebytes

APRIL 27, 2021

In the latest example of a supply chain attack, cybercriminals delivered malware to customers of the business password manager Passwordstate by breaching its developer’s networks and then deploying a fraudulent update last week, said Passwordstate’s maker, Click Studios.

Password Management 88

Password Management Passwords Malware Retail 88

SecureWorld News

JANUARY 27, 2023

The United States Department of Justice (DOJ) recently announced that it has successfully taken down the HIVE ransomware network, an international cybercrime ring that had been responsible for stealing and encrypting the data of more than 1,500 companies from 80 different countries. Cybercrime is a constantly evolving threat.

Ransomware 86

Ransomware Cybercrime Cryptocurrency Telecommunications 86

Security Affairs

OCTOBER 1, 2023

million newborns and pregnancy care patients Xenomorph malware is back after months of hiatus and expands the list of targets Smishing Triad Stretches Its Tentacles into the United Arab Emirates Crooks stole $200 million worth of assets from Mixin Network A phishing campaign targets Ukrainian military entities with drone manual lures Alert!

Artificial Intelligence 115

Artificial Intelligence Firmware Data breaches Hacking 115

Krebs on Security

FEBRUARY 20, 2024

LockBit operated as a ransomware-as-a-service group, wherein the ransomware gang takes care of everything from the bulletproof hosting and domains to the development and maintenance of the malware. The DOJ today unsealed indictments against two Russian men alleged to be active members of LockBit. Ivan Gennadievich Kondratyev , a.k.a.

Ransomware 276

Ransomware Cybercrime Encryption Insurance 276

Security Affairs

OCTOBER 27, 2022

In October 2022, the malware was used in post-compromise activity attributed to another actor, DEV-0950 (which overlaps with FIN11 / TA505 cybercrime gang). In some cases, the attackers delivered the Truebot malware between the Raspberry Robin infection and the Cobalt Strike deployment.

Ransomware 104

Ransomware Malware Data collection Encryption 104

Security Affairs

JULY 3, 2022

Raspberry Robin is a Windows worm discovered by cybersecurity researchers from Red Canary, the malware propagates through removable USB devices. The malware uses TOR exit nodes as a backup C2 infrastructure. SecurityAffairs – hacking, malware). Initial access is typically through infected removable drives, often USB devices.

Manufacturing 99

Manufacturing Malware Backups Technology 99

Security Affairs

JANUARY 28, 2022

Taiwanese electronics manufacturing company Delta Electronics was hit by the Conti ransomware that took place this week. The company did not reveal details about the attack or the malware family that infected its systems. Experts speculate the operators are members of a Russia-based cybercrime group known as Wizard Spider.

Computers and Electronics 102

Computers and Electronics Ransomware Manufacturing Malware 102

CyberSecurity Insiders

JUNE 28, 2023

According to a report formalized by VMware’s security wing Carbon Black, 8Base Ransom-ware has links to a cyber criminal group dubbed RansomHouse and is into the world of extortion and associated with the hackers linked to another cybercrime group FIN8.

Ransomware 79

Ransomware Manufacturing Threat Detection Cybercrime 79

Security Affairs

AUGUST 15, 2022

Threat actors could use the access through VNC to carry out a broad range of malicious activities, such as deploying ransomware, malware, or spy on the victims. Cyble also reported that threat actors are selling access to systems exposed on the Internet via VNC on cybercrime forums. connected via VNC and exposed over the internet.

Internet 98

Internet Internet Risk Cybercrime 98