Security Affairs

DECEMBER 4, 2021

. “The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors.” SecurityAffairs – hacking, ransomware).

Ransomware 137

Ransomware Hacking Malware Encryption 137

Security Affairs

NOVEMBER 1, 2021

Researchers demonstrated how crooks could hack Diebold Nixdorf’s Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash. The vulnerabilities discovered by the security duo impacts the Wincor Cineo ATMs with the RM3 and CMD-V5 dispensers. Wincor is currently owned by ATM manufacturer giant Diebold Nixdorf.

Hacking 115

Hacking Firmware Encryption Manufacturing 115

Security Affairs

NOVEMBER 19, 2023

Phobos variants are usually distributed by the SmokeLoader , but in 8Base campaigns, it has the ransomware component embedded in its encrypted payloads. The group has been active since March 2022, it focused on small and medium-size businesses in multiple industries, including finance, manufacturing, business services, and IT.

Ransomware 125

Ransomware Encryption Backups Manufacturing 125

Security Affairs

FEBRUARY 26, 2020

A high-severity hardware vulnerability, dubbed Kr00k , in Wi-Fi chips manufactured by Broadcom and Cypress expose over a billion devices to hack. Cybersecurity researchers from ESET have discovered a new high-severity hardware vulnerability, dubbed Kr00k , that affects Wi-Fi chips manufactured by Broadcom and Cypress.

Encryption 74

Encryption Wireless Manufacturing Advertising 74

Security Affairs

MARCH 25, 2024

The campaign targeted organizations in many sectors, including the high-tech, finance, legal services and manufacturing industries. “The JScript file then drops a Base64-encrypted file and a batch file. . “The JScript file then drops a Base64-encrypted file and a batch file. ” concludes the report.

Malware 101

Malware Encryption Manufacturing Phishing 101

Security Affairs

JANUARY 6, 2024

It is one of the largest pharmaceutical companies globally, engaged in the research, development, manufacturing, and marketing of a wide range of healthcare products. Follow me on Twitter: @securityaffairs and Faceboo and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, NotPetya) Merck & Co., Merck filed a $1.4

Insurance 110

Insurance Manufacturing Ransomware Healthcare 110

Security Affairs

NOVEMBER 24, 2022

RansomExx operation has been active since 2018, the list of its victims includes government agencies, the computer manufacturer and distributor GIGABYTE , and the Italian luxury brand Zegna. ” reads the analysis published by IBM Security X-Force. SecurityAffairs – hacking, RansomExx ransomware). Pierluigi Paganini.

Ransomware 98

Ransomware Encryption Malware Manufacturing 98

Security Affairs

AUGUST 27, 2021

Braun ‘s Infusomat Space Large Volume Pump and SpaceStation that could be remotely hacked. The flaws were privately reported to the medical manufacturer on January 11 that addressed in B. SecurityAffairs – hacking, B. Braun Infusomat pumps could be hacked to alter medication doses appeared first on Security Affairs.

Hacking 105

Hacking Authentication Internet Internet 105

Security Affairs

AUGUST 29, 2021

The name of the sportswear manufacturer Puma appeared on the dark web marketplace of stolen data Marketo, threat actors claim to have stolen 1 GB of data from the company. SecurityAffairs – hacking, FIN8). The post 1 GB of data belonging to Puma available on Marketo appeared first on Security Affairs. Pierluigi Paganini.

Manufacturing 124

Manufacturing Data breaches Encryption Hacking 124

Security Affairs

DECEMBER 19, 2022

The Qilin ransomware-as-a-service (RaaS) group uses a double-extortion model, with most of the victims in the manufacturing and IT industries. The Rust variant has also been seen using intermittent encryption, one of the emerging tactics that threat actors use today for faster encryption and detection evasion.”

Ransomware 125

Ransomware Encryption Healthcare Education 125

Security Affairs

MAY 16, 2023

French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack. The French electronics manufacturer Lacroix Group shut down three facilities in France, Germany, and Tunisia in response to a cyber attack. ” reported Yahoo Finance.

Manufacturing 83

Manufacturing Ransomware Cyber Attacks Backups 83

Security Affairs

DECEMBER 27, 2021

At this time, it is not clear how threat actors compromised the QNAP devices, some users claim that attackers exploited a flaw in the Photo Station software to hack them. The attackers first create a user in the administrator group, then use it to encrypt the content of the NAS. SecurityAffairs – hacking, ech0raix).

Ransomware 124

Ransomware Encryption Manufacturing Hacking 124

Security Affairs

SEPTEMBER 20, 2020

manufacturer of high-performance fiber lasers for diverse applications and industries was hit by a ransomware attack that disrupted its operations. IPG Photonics manufactures high-performance fiber lasers, amplifiers, and laser systems for diverse applications and industries. SecurityAffairs – hacking, IPG Photonics).

Ransomware 113

Ransomware Manufacturing Advertising Encryption 113

Security Affairs

AUGUST 9, 2021

In addition to the encryption of data, victims have received threats that data stolen during the incidents will be published.” Most of the attacks have been reported in July, the organizations hit by the ransomware gang operate in professional services, construction, manufacturing, retail, and food industries. ransomware.

Ransomware 112

Ransomware Retail Manufacturing Encryption 112

Security Affairs

DECEMBER 7, 2020

Electronics contract manufacturer Foxconn is the last victim of the DoppelPaymer ransomware operators that hit a Mexican facility. The hackers also claim to have stolen unencrypted files before encrypting the targeted systems. The hackers also claim to have stolen unencrypted files before encrypting the targeted systems.

Ransomware 76

Ransomware Manufacturing Encryption Hacking 76

Security Affairs

MARCH 3, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. The Royal ransomware can either fully or partially encrypt a file depending on its size and the ‘-ep’ parameter.

Ransomware 89

Ransomware Healthcare Antivirus Encryption 89

Security Affairs

MAY 15, 2023

Compromised organizations operate in different business verticals, including manufacturing, wealth management, insurance providers, and pharmaceuticals. The ransomware supports intermittent encryption to speed up the encryption process. This process encrypts only a certain part of the source file’s contents, not the entire file.”

Ransomware 83

Ransomware Encryption Cybercrime Insurance 83

Security Affairs

JANUARY 28, 2022

Taiwanese electronics manufacturing company Delta Electronics was hit by the Conti ransomware that took place this week. According to CTWANT , which cited an undisclosed information security company, Delta Electronics was hit by Conti ransomware that asked Delta to pay a $15 million ransom to restore encrypted files and avoid their leak.

Computers and Electronics 88

Computers and Electronics Ransomware Manufacturing Malware 88

Security Affairs

JANUARY 12, 2022

Upon executing the Omicron Stats.exe, it unpacks resources encrypted with triple DES using ciphermode ECB and padding mode PKCS7. ” Experts speculate RedLine Stealer will continue to take advantage of the ongoing COVID pandemic and the stolen information will continue to fuel underground cybercrime marketplaces. .

Malware 130

Malware Manufacturing Cryptocurrency Cybercrime 130

Security Affairs

JUNE 28, 2023

The group has been active since March 2022, it focused on small and medium-size businesses in multiple industries, including finance, manufacturing, business services, and IT. ” Security experts attributed 67 attacks to the group in May 2023, most of the victims are in the U.S. and Brazil.

Ransomware 85

Ransomware Encryption Manufacturing Business Services 85

Security Affairs

MARCH 26, 2021

The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. Mamba ransomware is one of the first malware that encrypted hard drives rather than files that was detected in public attacks. ” reads the alert published by the FBI.

Ransomware 144

Ransomware Encryption Passwords Malware 144

Security Affairs

JANUARY 29, 2023

Copycat Criminals mimicking Lockbit gang in northern Europe Sandworm APT targets Ukraine with new SwiftSlicer wiper ISC fixed high-severity flaws in DNS software suite BIND Patch management is crucial to protect Exchange servers, Microsoft warns Hacker accused of having stolen personal data of all Austrians and more CVE-2023-23560 flaw exposes 100 (..)

DNS 84

DNS Data breaches Hacking Backups 84

Security Affairs

JUNE 3, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. The Royal ransomware is written in C++, it infected Windows systems and deletes all Volume Shadow Copies to prevent data recovery.

Ransomware 93

Ransomware Healthcare Encryption Manufacturing 93

Security Affairs

MAY 11, 2021

The Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) are warning of an ongoing Avaddon ransomware campaign targeting organizations worldwide in multiple industries, including government, finance, energy, manufacturing, and healthcare. SecurityAffairs – hacking, Avaddon). Pierluigi Paganini.

Ransomware 129

Ransomware Backups Antivirus DDOS 129

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. Focus on cyber security awareness and training.

Ransomware 97

Ransomware DDOS Passwords Backups 97

ForAllSecure

JUNE 8, 2022

Even so, the car manufacturers carved out large groups of codes. Since then, car manufacturers have improved on this. Certainly no one uses 40 bit encryption anymore. Welcome to The Hacker Mind, an original podcast from for all secure. It's about challenging our expectations about the people who hack for a living.

Hacking 52

Hacking Manufacturing Encryption Wireless 52

Security Affairs

JULY 15, 2022

The list of victims includes manufacturing organizations, banks, schools, and event and meeting planning companies. The Holy Ghost ransomware appends the file extension.h0lyenc to filenames of encrypted files. SecurityAffairs – hacking, Holy Ghost ransomware). The threat actors asked victims to pay a ransom from 1.2

Ransomware 131

Ransomware Cryptocurrency Government Small Business 131

Security Affairs

AUGUST 21, 2021

The vulnerabilities were discovered by security Researcher Tsai orange from Devcore, the issues were awarded $ 200,000 during the April 2021 Pwn2Own hacking contest. ” The victims of the Lockfile ransomware gang are in the manufacturing, financial services, engineering, legal, business services, and travel and tourism sectors.

Ransomware 137

Ransomware Financial Services Hacking Encryption 137

Security Affairs

DECEMBER 28, 2021

The ransomware attack compromised parts of its network, including manufacturing and corporate systems. Shutterfly.com, Snapfish, Spoonflower, and TinyPrints websites were not affected by the security breach. The good news is that the security breach did not impact the financial information or social security numbers of the customers.

Ransomware 87

Ransomware Manufacturing Encryption Hacking 87

Security Affairs

JULY 5, 2023

Once inside the system, this malicious variant stealthily extracts sensitive information and proceeds to encrypt the compromised files.” Threat actors used reputable LinkedIn pages to target victims, including the Philippines Industrial Machinery Manufacturing Company and multiple organizations in Brazil.

Energy and Utilities 81

Energy and Utilities Ransomware Backups Malware 81

Security Affairs

FEBRUARY 20, 2024

The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free. The NCA will reach out to victims based in the UK in the coming days and weeks, providing support to help them recover encrypted data. ” “As of today, LockBit are locked out.

Energy and Utilities 100

Energy and Utilities Ransomware Manufacturing Financial Services 100

Security Affairs

MARCH 26, 2021

Experts discovered that threat actors targeted a large US transportation & logistics organization, a large US consumer products organization, and a global manufacturing organization. Then the malware perform a scan in local directories and network shares for content to encrypt. SecurityAffairs – hacking, Hades ransomware).

Ransomware 139

Ransomware Encryption Malware VPN 139

Security Affairs

AUGUST 10, 2021

NAS servers are a privileged target for hackers because they normally store large amounts of data.The ransomware was targeting poorly protected or vulnerable NAS servers manufactured by QNAP, threat actors exploited known vulnerabilities or carried out brute-force attacks. SecurityAffairs – hacking, NAS). Pierluigi Paganini.

Ransomware 129

Ransomware Encryption Firmware Passwords 129

Security Affairs

OCTOBER 18, 2022

The attacks detailed by Cybereason targeted technology and manufacturing companies primarily located in East Asia, Western Europe, and North America. Spyder Loader loads AES-encrypted blobs to create the wlbsctrl.dll which acts as a next-stage loader that executes the content. SecurityAffairs – hacking, APT41).

Malware 108

Malware Encryption Manufacturing Hacking 108

Security Affairs

NOVEMBER 16, 2022

The second stage payload is a heavily obfuscated shellcode, the APT group used an encryption method different for each sample. SecurityAffairs – hacking, APT). The post Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs appeared first on Security Affairs. ” continues the analysis.

Telecommunications 124

Telecommunications Manufacturing Malware Education 124

Security Affairs

AUGUST 15, 2020

Sodinokibi (REvil) ransomware operators announced on Friday to have hacked Brown-Forman, one of the largest U.S. As a proof of the hack, Sodinokibi ransomware operators posted on their leak site multiple screenshots showing directories and files allegedly belonging to the company, and internal conversations between some employees.

Ransomware 112

Ransomware Advertising Encryption Hacking 112

Security Affairs

AUGUST 17, 2020

The company manufactures business and industrial imaging products, including copiers, laser printers, multi-functional peripherals (MFPs) and digital print systems for the production printing market. .” The ransomware encrypted the files and appended the ‘ K0N1M1N0’ extension appended to their filenames.

Technology 135

Technology Ransomware Advertising Encryption 135