This site uses cookies to improve your experience. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country, we will assume you are from the United States. Select your Cookie Settings or view our Privacy Policy and Terms of Use.
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Used for the proper function of the website
Used for monitoring website traffic and interactions
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Strictly Necessary: Used for the proper function of the website
Performance/Analytics: Used for monitoring website traffic and interactions
Attackers infiltrated the supply chain, embedding malware in pre-installed apps. Doctor Web warns that the attackers gained access to the supply chain of a number of Chinese manufacturers of Android-based smartphones. The experts found malware-laced applications pre-installed on the phone. ” continues the report.
The discovery raises fears China may have installed covert malware in critical energy infrastructure across the US and Europe, enabling remote attacks during conflicts. experts who strip down equipment hooked up to grids to check for security issues, the two people said.” ” reported Reuters.
Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware. A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6.
Trend Micro spotted an allegedly China-linked threat actor, tracked TIDRONE, targeting drone manufacturers in Taiwan. The group, which was previously undocumented, uses enterprise resource planning (ERP) software and remote desktops to deploy advanced malware, including CXCLNT and CLNTEND. ” concludes the report.
The Taiwanese electronics manufacture Compal suffered a ransomware attack over the weekend, media blames the DoppelPaymer ransomware gang. It is the second-largest contract laptop manufacturer in the world behind Quanta Computer. Acer, Lenovo, Dell, Toshiba, Hewlett-Packard and Fujitsu. It also licenses brands of its clients.
Funso Richard , InformationSecurity Officer at Ensemble , highlighted the gravity of these threats. These include ransomware targeting backend servers, distributed denial of service (DDoS) attacks, destructive malware, and even weaponizing charging stations to deploy malware.
Indian COVID-19 vaccine manufacturer Dr. Reddy’s Laboratories was hit with a cyber attack that forced it to shut down its plants in Brazil, India, Russia, the U.K., In response to the security breach, the COVID-19 vaccine manufacturer has isolated all data center services. “In and the U.S. Pierluigi Paganini.
In November 2024, the Akamai Security Intelligence Research Team (SIRT) observed increased activity targeting the URI /cgi-bin/cgi_main.cgi , linked to a Mirai-based malware campaign exploiting an unassigned RCE vulnerability in DVR devices, including DigiEver DS-2105 Pro. ” reads the analysis published by Akamai. in newer ones.
Hackers posted data stolen from manufacturer of business jets Bombardier on Clop ransomware leak site following alleged FTA hack. Bombardier pointed out that manufacturing and customer support operations have not been impacted. If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
. “The incident has caused disruptions and limitation of access to certain of the Company’s information systems and business applications supporting aspects of the Company’s operations and corporate functions, including financial and operating reporting systems.” The company will update disclosures if circumstances change.
Sierra Wireless is a Canadian multinational wireless communications equipment designer and manufacturer headquartered in Richmond, British Columbia, Canada. Sierra Wireless announced it has halted its production at manufacturing facilities due to the ransomware attack, it is currently working to restart the production “soon.”.
The BlackByte ransomware group claims to have compromised Asahi Group Holdings, a precision metal manufacturing and metal solution provider. The post BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider appeared first on Security Affairs. Asahi Group Holdings, Ltd.
Experts warn of a new ATM malware family that is advertised in the cybercrime underground, it was developed to target Europe. A threat actor is advertising a new ATM malware family that claims to be able of compromised 99% of devices in Europe. “The malware is fully automated, simplifying its deployment and operation.”
Experts warn of a new variant of the RedLine malware that is distributed via emails as fake COVID-19 Omicron stat counter app as a lure. The malicious code can also act as a first-stage malware. SecurityAffairs – hacking, RedLine malware). This variant uses 207[.]32.217.89 as its C2 server through port 14588. 154.167.91
Researchers uncovered an Android malware, dubbed Vo1d, that has already infected nearly 1.3 Doctor Web researchers uncovered a malware, tracked as Vo1d , that infected nearly 1.3 Unfortunately, often manufacturers sell older OS versions as newer ones. million Android devices in 197 countries.
The Sarcoma ransomware group announced a breach of the Taiwanese printed circuit board (PCB) manufacturing giant Unimicron. The Sarcoma ransomware group claims to have breached Taiwanese PCB manufacturer Unimicron, leaked sample files, and threatened a full data release if no ransom is paid by Tuesday, February 20, 2025.
The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. Proofpoint researchers uncovered a campaign exclusively targeting French entities and organizations with operations in France with the banking malware TinyNuke.
Researchers from Malwarebytes have found yet another phone with pre-installed malware via the Lifeline Assistance program sold in the United States. Researchers at Malwarebytes have found malware pre-installed on smartphones sold in the United States, this is the second time as documented in a report published in January.
The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. According to the gangs Tor leak site, at least 182 companies are victims of the operation. The victims of the group are targets of opportunity.
US and UK cybersecurity agencies issued a joint advisory about the spread of QSnatch Data-Stealing Malware that already infected over 62,000 QNAP NAS devices. The malicious code specifically targets QNAP NAS devices manufactured by Taiwanese company QNAP, it already infected over 62,000 QNAP NAS devices.
More than 500,000 Huawei users have been infected with the Joker malware after downloading apps from the company’s official Android store. More than 500,000 Huawei users were infected with the Joker malware after they have downloaded tainted apps from the company’s official Android store. ” reads the post published by Dr. Web.
” The research targeted a CMU unit manufactured by Visteon, with software initially developed by Johnson Controls Inc. This quick compromise allows vehicles to be targeted during valet service, ride-sharing, or through USB malware. x) may also be vulnerable. ” concludes the report.
. “XE Group transitioned from credit card skimming to targeted information theft, marking a significant shift in their operational priorities.Their attacks now target supply chains in the manufacturing and distribution sectors, leveraging new vulnerabilities and advanced tactics.”
The LockBit ransomware gang claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC). The LockBit ransomware group this week claimed to have hacked the Taiwan Semiconductor Manufacturing Company ( TSMC ) and $70 million ransom. In August 2018, a malware infected systems at several Taiwan Semiconductor Manufacturing Co.
Security researcher ValdikSS found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores. A Russian security researcher that goes online with the name of ValdikSS has found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores.
In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.
Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.
Researchers devised a series of attacks against SSDs that could allow to implant malware in a location that is not monitored by security solutions. Korean researchers devised a series of attacks against solid-state drives (SSDs) that could allow to implant malware in specific memory locations bypassing security solutions.
Ransomware attackers often spend weeks or months inside of a target’s network before attempting to deploy malware across the network that encrypts servers and desktop systems unless and until a ransom demand is met. In some cases, this allows the intruders to profit even if their malware somehow fails to do its job.
Cisco Talos researchers tracked the campaign as Operation Blacksmith, the nation-state actors are employing at least three new DLang -based malware families. Two of these malware strains are remote access trojans (RATs), respectively tracked as NineRAT and “DLRAT” The former relies on Telegram bots and channels for C2 communications.
Microsoft linked the recently discovered Raspberry Robin Windows malware to the notorious Evil Corp operation. On July 26, 2022, Microsoft researchers discovered that the FakeUpdates malware was being distributed via Raspberry Robin malware. The malware uses TOR exit nodes as a backup C2 infrastructure.
PumaBot targets Linux IoT devices, using SSH brute-force attacks to steal credentials, spread malware, and mine crypto. Darktrace researchers discovered a new botnet called PumaBot targets Linux-based IoT devices, using SSH brute-force attacks to steal credentials, spread malware, and mine cryptocurrency. ” states the report.
The authors signed Bootkitty with a self-signed certificate, thus the malware cannot run on systems with UEFI Secure Boot enabled unless the attackers’ certificates have been installed. Bootkitty bypasses UEFI Secure Boot by patching integrity verification functions in memory, allowing seamless Linux kernel booting.
The company is a globally recognised industrial explosives manufacturer, it provides complete blasting solutions, including packaged, bulk explosives and initiating systems to meet its customer needs across the globe. .” The BlackCat Ransomware gang added SOLAR INDUSTRIES INDIA to the list of victims published on its Tor leak site.
A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a Grandoreiro banking malware campaign targeting organizations in the Spanish-speaking nations of Mexico and Spain. ” reads the post published by Zscaler. Pierluigi Paganini.
A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. that was significantly improved. ” concludes the report.
“The botnet exploits this vulnerability by injecting a payload that downloads and executes a cleartext shell dropper named dropbpb.sh, responsible for downloading the malware binaries and executing them on the compromised device.” 70) via HTTP on port 81. It processes encrypted data over a RAW socket, limiting further analysis.
The company, which is engaged in product engineering, provides services to automotive and aerospace original equipment manufacturers as well as industrial machinery companies. Indian multinational Tata Technologies , a Tata Motors subsidiary, suspended some IT services following a ransomware attack.
North Korea-linked APT Kimsuky has been linked to a cyberattack on Diehl Defence, a German manufacturer of advanced military systems. KG is a German weapon manufacturer headquartered in Überlingen. By clicking on a malicious PDF, victims would unknowingly download malware, allowing the hackers to spy on their systems.”
Oomiya is focused on designing and manufacturing microelectronics and facility system equipment. The business of Omiya Kasei is divided into four major areas, manufacturing and designing chemical and industrial products, designing electronic materials, pharmaceutical development, and factory manufacturing.
“They allegedly used the Phobos malware to encrypt information on the networks, blocking the companies from accessing the data unless a ransom was paid and a decryption key was provided by the gang. ” reported the website Nation Thailand.
Every week the best security articles from Security Affairs free for you in your email box. Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% If you want to also receive for free the newsletter with the international press subscribe here.
The group has extended its operations to countries in Asia and targets various sectors, including healthcare, real estate, construction, IT, food, and manufacturing.” . “Cloak primarily targets small to medium-sized businesses in Europe, with Germany as a key focus. ” reads a report published by Halcyon.
“We found samples of the Raspberry Robin malware spreading in telecommunications and government office systems beginning September.” “The main payload itself is packed with more than 10 layers for obfuscation and is capable of delivering a fake payload once it detects sandboxing and security analytics tools.”
We organize all of the trending information in your field so you don't have to. Join 28,000+ users and stay up to date on the latest articles your peers are reading.
You know about us, now we want to get to know you!
Let's personalize your content
Let's get even more personalized
We recognize your account from another site in our network, please click 'Send Email' below to continue with verifying your account and setting a password.
Let's personalize your content