Security Affairs

FEBRUARY 11, 2025

Authorities dismantled the 8Base ransomware gang, shutting down its dark web data leak and negotiation sites. An international law enforcement operation, codenamed Operation Phobos Aetor, dismantled the 8Base ransomware gang. The ransomware component is then decrypted and loaded into the SmokeLoader process memory.

Ransomware

Security Affairs

FEBRUARY 12, 2025

The Sarcoma ransomware group announced a breach of the Taiwanese printed circuit board (PCB) manufacturing giant Unimicron. The Sarcoma ransomware group claims to have breached Taiwanese PCB manufacturer Unimicron, leaked sample files, and threatened a full data release if no ransom is paid by Tuesday, February 20, 2025.

Computers and Electronics

Security Affairs

MARCH 13, 2025

The Medusa ransomware operation hit over 300 organizations in critical infrastructure sectors in the United States until February 2025. The FBI, CISA, and MS-ISAC have issued a joint advisory detailing Medusa ransomware tactics, techniques, and indicators of compromise (IOCs) based on FBI investigations as recent as February 2025.

Ransomware

Security Boulevard

FEBRUARY 14, 2025

And get the latest on ransomware trends and on cybercrime legislation and prevention! Thats a key takeaway from Cybercrime: A Multifaceted National Security Threat, a report releaesd this week by Googles Threat Intelligence Group. Plus, Europol offers best practices for banks to adopt quantum-resistant cryptography.

Banking

Security Affairs

MARCH 5, 2025

Ransomware group Hunters International claims to have hacked Tata Technologies, threatening to leak 1.4 The Hunters International ransomware group claimed to have breached the Indian multinational technology company Tata Technologies, a Tata Motors subsidiary. TB of stolen data. The group claims the theft of 1.4

Technology

Hacker's King

DECEMBER 24, 2024

In 2025, insurers will refine their policies to cover new threats such as ransomware and supply chain attacks, providing businesses with financial safeguards against cyber losses. Expect an increase in regulations requiring manufacturers to implement stronger security features in devices, alongside enhanced monitoring of IoT networks.

Cybersecurity

Security Affairs

APRIL 5, 2025

Port of Seattle is notifying 90,000 people of a data breach after personal data was stolen in a ransomware attack in August 2024. In September 2024, Port of Seattle confirmed that the Rhysida ransomware group was behind the cyberattack. The Rhysida ransomware group has been active since May 2023.

Data breaches

SecureWorld News

JUNE 6, 2025

This year's report is a must-read for practitioners defending OT-heavy sectors like manufacturing, energy, logistics, and critical infrastructure. With geopolitical tensions, ransomware-as-a-service, and nation-state threat actors increasingly targeting critical infrastructure, 2025 will likely set new records for OT-targeted attacks.

Media

Security Affairs

NOVEMBER 5, 2024

The vulnerabilities impact NDI-enabled pan-tilt-zoom (PTZ) cameras from multiple manufacturers. Attackers can also trigger flaws to extract network details to infiltrate connected systems, increasing the risk of data breaches and ransomware attacks. The manufacturer released firmware updates addressing these flaws.”

Firmware

Security Affairs

JUNE 20, 2025

. “A cyberattack has potentially serious consequences for the approximately 240 employees of the Euskirchen-based company Fasana : The attack caused so much damage to the paper napkin manufacturer that it has now filed for insolvency.” According to the news outlet WDR, the company suffered a ransomware attack.

Ransomware

SecureWorld News

JULY 17, 2025

Fortinet warns that nation-state and ransomware actors remain highly active, with manufacturing once again the most targeted sector. Alarmingly, AI-powered cybercrime is accelerating, with adversaries using it to scale phishing and evade detection. Despite the gains, the threat landscape is escalating.

CISO

SecureWorld News

JULY 10, 2025

Manufacturing and logistics firms, increasingly digitized and AI-driven, are acutely at risk: state-aligned hackers are "infiltrating the digital arteries of commerce" from ports to payment systems. The World Economic Forum warns that AI-powered cybercrime is among the top concerns shaping the 2025 threat landscape.

Manufacturing

Digital Shadows

NOVEMBER 26, 2024

Despite a slowdown in “LockBit” ransomware activity due to law enforcement actions and a loss of affiliate trust, it remains a key player. Meanwhile, “RansomHub” is rising rapidly due to its attractive ransomware-as-a-service (RaaS) model. Despite the importance of employee training, sometimes it just isn’t enough.

Cyber Attacks

Webroot

MARCH 12, 2025

But if your hard drive crashes, your laptop gets stolen, or you fall victim to cybercrime, the loss can be devastating. Many hard drives fail in less than three years , and its been found that the newer drives have shorter lifespans than those manufactured before 2015. Its a nightmare scenario that happens more often than you think.

Backups

Penetration Testing

JUNE 9, 2025

ShadowPad, a privately sold modular malware platform, was used in a global campaign spanning June 2024 to March 2025, compromising victims in manufacturing, government, finance, telecom, and research. The cluster included a notable intrusion into a South Asian government IT provider.

Penetration Testing

Jane Frankland

JANUARY 12, 2025

Threat Actors Cybersecurity threats are growing more complex and persistent, driven by the heightened activities of nation-state actors and increasingly sophisticated cybercrime groups. Organised Cybercrime Groups Up Their Game Cybercriminals arent resting on old tactics with cybercrime expected to hit $12 trillion in 2025.

Cybersecurity

SecureWorld News

MAY 8, 2025

The advisory also emphasizes the importance of regular communication with third-party managed service providers, system integrators, and system manufacturers to secure OT systems effectively. Practice reverting to manual controls to quickly restore operations in the event of an incident.

Technology

GlobalSign

JULY 16, 2025

The NHS ransomware scare remains a sobering example of how cyber incidents can endanger lives through system paralysis. Armstrong-Smith notes that SMEs, in particular, face a harsh reality: “In reality, 80 to 90 percent of ransomware targets are companies with fewer than 500 employees.”

IoT

Krebs on Security

FEBRUARY 20, 2024

authorities have seized the darknet websites run by LockBit , a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. First surfacing in September 2019, the gang is estimated to have made hundreds of millions of U.S. Ivan Gennadievich Kondratyev , a.k.a.

Ransomware

Krebs on Security

JULY 8, 2019

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. Image: Malwarebytes. The GandCrab identity on Exploit[.]in

Ransomware

Security Affairs

AUGUST 3, 2022

Semikron, a German-based independent manufacturer of power semiconductor components, suffered a ransomware cyberattck. The German manufacturer didn’t share details about the attack or the family of ransomware that infected its systems. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Manufacturing

Security Affairs

OCTOBER 30, 2022

The BlackByte ransomware group claims to have compromised Asahi Group Holdings, a precision metal manufacturing and metal solution provider. The BlackByte ransomware group claims to have stolen gigabytes of documents from Asahi Group Holdings, including financial and sales reports. Asahi Group Holdings, Ltd. Pierluigi Paganini.

Manufacturing

Security Affairs

FEBRUARY 24, 2021

Hackers posted data stolen from manufacturer of business jets Bombardier on Clop ransomware leak site following alleged FTA hack. Hackers exploited vulnerabilities in Accellion FTA file-sharing legacy servers to steal data from the airplane maker Bombardier and leak data on the site operated by the Clop ransomware gang.

Manufacturing

Security Affairs

SEPTEMBER 20, 2024

Microsoft warns that financially motivated threat actor Vanilla Tempest is using INC ransomware in attacks aimed at the healthcare sector in the U.S. Microsoft observed the financially motivated threat actor tracked as Vanilla Tempest using INC ransomware for the first time to target the healthcare sector in the United States.

Healthcare

Security Affairs

MAY 8, 2022

The American agricultural machinery manufacturer AGCO announced that has suffered a ransomware attack that impacted its production facilities. AGCO, one of the most important agricultural machinery manufacturers, announced that a ransomware attack impacted some of its production facilities. ” . .

Manufacturing

SecureWorld News

SEPTEMBER 6, 2023

In a recent cyberattack, the LockBit ransomware group targeted U.K-based based Zaun, a manufacturer of high-security perimeter fencing—revealing critical vulnerabilities in manufacturing networks. LockBit's choice of target reflects a keen understanding of the unique IT and OT challenges faced by manufacturers.

Manufacturing

Security Affairs

APRIL 6, 2022

Nordex Group, one of the largest manufacturers of wind turbines, was hit by a cyberattack that forced the company to shut down part of its infrastructure. Nordex Group, one of the world’s largest manufacturers of wind turbines, was the victim of a cyberattack that forced the company to take down multiple systems. Pierluigi Paganini.

Manufacturing

Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Cybercrime

Security Affairs

SEPTEMBER 13, 2021

Technology giant Olympus announced it was the victim of a ransomware attack and is currently investigating the extent of the incident. Olympus issued a statement to announce that its European, Middle East and Africa computer network was hit by a ransomware attack. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Technology

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches

Security Affairs

MAY 16, 2021

Avaddon ransomware gang has breached the France-based financial consultancy firm Acer Finance. Avaddon ransomware gang made the headlines again, the cybercrime gang has breached the France-based financial consultancy firm Acer Finance. Acer Finance operates as an investment management company. Pierluigi Paganini.

Hacking

Security Affairs

JANUARY 26, 2023

The BlackCat Ransomware group claims to have hacked SOLAR INDUSTRIES INDIA and to have stolen 2TB of “secret military data.” ” The BlackCat Ransomware gang added SOLAR INDUSTRIES INDIA to the list of victims published on its Tor leak site. ” reads the message published on the leak site.

Manufacturing

Security Affairs

OCTOBER 27, 2023

The Lockbit ransomware gang claims to have hacked the aerospace manufacturer and defense contractor Boeing and threatened to leak the stolen data. The Boeing Company, commonly known as Boeing, is one of the world’s largest aerospace manufacturers and defense contractors. ransomware ??????: ” ?????????:

Ransomware

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The Rhysida ransomware gang added the China Energy Engineering Corporation to the list of victims on its Tor leak site. The Rhysida ransomware operators plan to sell the stolen data to a single buyer.

Ransomware

Security Affairs

MAY 12, 2024

Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported. The FBI, CISA, HHS, and MS-ISAC have issued a joint Cybersecurity Advisory (CSA) regarding the Black Basta ransomware activity as part of the StopRansomware initiative. The average ransom payment was $1.2

Ransomware

Security Affairs

JUNE 29, 2020

Tens of organizations in the United States have been targeted with the recently discovered WastedLocker ransomware. Security experts from Symantec reported that at least 31 organizations in the United States have been targeted with the recently discovered WastedLocker ransomware. ” reads the analysis published by Symantec.

Ransomware

Security Affairs

DECEMBER 10, 2021

Swedish automotive manufacturer Volvo Cars revealed that has suffered a cyberattack that resulted in the theft of R&D data. Swedish automotive manufacturer Volvo Cars revealed that threat actors have stolen R&D data from its systems. Snatch ransomware operators already leaked 35.9 Is it a ransomware attack?

Data breaches