Information Security, Malware, Manufacturing and Technology

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

Security Affairs

JULY 1, 2023

The LockBit ransomware gang claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC). The LockBit ransomware group this week claimed to have hacked the Taiwan Semiconductor Manufacturing Company ( TSMC ) and $70 million ransom. In August 2018, a malware infected systems at several Taiwan Semiconductor Manufacturing Co.

Manufacturing

Manufacturing Ransomware Hacking Security Awareness

Space and defense tech maker Exail Technologies exposes database access

Security Affairs

SEPTEMBER 21, 2023

Exail Technologies, a high-tech manufacturer whose clients include the US Coast Guard, exposed sensitive company data that could’ve enabled attackers to access its databases. Additionally, an exposed web server with known OS flavors could become a target for automated scanning tools, malware, and botnets.

Technology

Technology Internet Internet Manufacturing

Sierra Wireless halted production at its manufacturing sites due to ransomware attack

Security Affairs

MARCH 23, 2021

Sierra Wireless is a Canadian multinational wireless communications equipment designer and manufacturer headquartered in Richmond, British Columbia, Canada. Sierra Wireless announced it has halted its production at manufacturing facilities due to the ransomware attack, it is currently working to restart the production “soon.”.

Wireless

Wireless Manufacturing Ransomware Mobile

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

TinyNuke banking malware targets French organizations

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. Proofpoint researchers uncovered a campaign exclusively targeting French entities and organizations with operations in France with the banking malware TinyNuke.

Banking

Banking Malware Manufacturing Business Services

BlackMatter ransomware gang hit Technology giant Olympus

Security Affairs

SEPTEMBER 13, 2021

Technology giant Olympus announced it was the victim of a ransomware attack and is currently investigating the extent of the incident. Japan-headquartered Olympus manufactures optical and digital reprography technology for the medical and life sciences industries. Follow me on Twitter: @securityaffairs and Facebook.

Technology

Technology Ransomware Computers and Electronics Cybercrime

Technology giant Konica Minolta hit by a ransomware attack

Security Affairs

AUGUST 17, 2020

A ransomware attack has impacted the services at the business technology giant Konica Minolta for almost a week, the attack took place at the end of July. Konica Minolta is a Japanese multinational technology company headquartered in Marunouchi, Chiyoda, Tokyo, with offices in 49 countries worldwide. Pierluigi Paganini.

Technology

Technology Ransomware Advertising Encryption

Experts link Raspberry Robin Malware to Evil Corp cybercrime gang

Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Cybercrime

Cybercrime Malware Backups Manufacturing

Microsoft experts linked the Raspberry Robin malware to Evil Corp operation

Security Affairs

JULY 29, 2022

Microsoft linked the recently discovered Raspberry Robin Windows malware to the notorious Evil Corp operation. On July 26, 2022, Microsoft researchers discovered that the FakeUpdates malware was being distributed via Raspberry Robin malware. The malware uses TOR exit nodes as a backup C2 infrastructure.

Malware

Malware Backups Manufacturing Accountability

BlackCat claims the hack of the Casepoint legal technology platform used by US agencies

Security Affairs

JUNE 1, 2023

The BlackCat ransomware gang claims to have hacked the Casepoint legal technology platform used US agencies, including SEC and FBI. Casepoint legal technology platform used by the SEC, USDA and US Courts has allegedly been breached by BlackCat. “We have over 2TB of very sensitive data, lawyers, SEC, DoD, FBI, Police and more. .

Technology

Technology Hacking Ransomware Manufacturing

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

“We found samples of the Raspberry Robin malware spreading in telecommunications and government office systems beginning September.” “The main payload itself is packed with more than 10 layers for obfuscation and is capable of delivering a fake payload once it detects sandboxing and security analytics tools.”

Government

Government Malware Telecommunications Cybercrime

Joker malware infected 538,000 Huawei Android devices

Security Affairs

APRIL 11, 2021

More than 500,000 Huawei users have been infected with the Joker malware after downloading apps from the company’s official Android store. More than 500,000 Huawei users were infected with the Joker malware after they have downloaded tainted apps from the company’s official Android store. ” reads the post published by Dr. Web.

Malware

Malware Spyware Mobile Antivirus

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Security Affairs

APRIL 16, 2024

Nexperia is a semiconductor manufacturer headquartered in Nijmegen, the Netherlands. It is a subsidiary of the partially state-owned Chinese company Wingtech Technology. The Dark Angels (Dunghill) ransomware group claims responsibility for hacking chipmaker Nexperia and stealing 1 TB of the company’s data.

Ransomware

Ransomware Manufacturing Hacking Insurance

Android mobile devices from top vendors in China have pre-installed malware

Security Affairs

FEBRUARY 9, 2023

Researchers reported that the top-of-the-line Android mobile devices sold in China are shipped with malware. Chinese manufacturers have yet to comment on the research. ” reads the paper published by the experts. could easily lead to the persistent tracking of users and the easy unmasking of their identities.

Mobile

Mobile Malware Surveillance Spyware

Microsoft: Raspberry Robin worm already infected hundreds of networks

Security Affairs

JULY 3, 2022

Raspberry Robin is a Windows worm discovered by cybersecurity researchers from Red Canary, the malware propagates through removable USB devices. The malware uses TOR exit nodes as a backup C2 infrastructure. SecurityAffairs – hacking, malware). Initial access is typically through infected removable drives, often USB devices.

Manufacturing

Manufacturing Malware Backups Technology

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

“We found samples of the Raspberry Robin malware spreading in telecommunications and government office systems beginning September.” “The main payload itself is packed with more than 10 layers for obfuscation and is capable of delivering a fake payload once it detects sandboxing and security analytics tools.”

Government

Government Malware Telecommunications Cybercrime

Lockbit ransomware gang claims to have stolen data from Boeing

Security Affairs

OCTOBER 27, 2023

The Lockbit ransomware gang claims to have hacked the aerospace manufacturer and defense contractor Boeing and threatened to leak the stolen data. The Boeing Company, commonly known as Boeing, is one of the world’s largest aerospace manufacturers and defense contractors. In 2022, Boeing recorded $66.61

Ransomware

Ransomware Manufacturing InfoSec Hacking

Raspberry Robin spotted using two new 1-day LPE exploits

Security Affairs

FEBRUARY 11, 2024

Raspberry Robin is a Windows worm discovered by cybersecurity researchers from Red Canary, the malware propagates through removable USB devices. The malware uses TOR exit nodes as a backup C2 infrastructure. The experts believe that the operators have access to an exploit seller or the malware authors have developed the exploits.

Malware

Malware Backups Manufacturing Hacking

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

The Last Watchdog

JANUARY 8, 2023

And when malware, ransomware, or other cyber threats get in the way, the focus shifts from forward progress to focused co-operation. A security strategy should clear obstacles and enable every part of a business operation to run smoothly. Smarter security is the rising tide that lifts all ships.

Risk

Risk Cybersecurity Technology CISO

Ransomware attacks break records in 2023: the number of victims rose by 128%

Security Affairs

JANUARY 19, 2024

Other economically and technologically advanced countries consistently maintaining a presence in the top ten include Italy, Australia, and Spain. This group primarily focused its attacks on the construction, manufacturing/industrial, and retail industries. The data shows a shift in ransomware targets over the past three years.

Ransomware

Ransomware Manufacturing Retail Insurance

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Security Affairs

DECEMBER 11, 2020

Facebook has suspended some accounts linked to APT32 that were involved in cyber espionage campaigns to spread malware. Facebook has suspended several accounts linked to the APT32 cyberespionage that abused the platform to spread malware. APT32 also carried out watering hole attacks through compromised websites or their own sites.

Retail

Retail Malware Mobile Accountability

China-linked APT Volt Typhoon linked to KV-Botnet

Security Affairs

DECEMBER 13, 2023

The Black Lotus Labs team at Lumen Technologies linked a small office/home office (SOHO) router botnet, tracked as KV-Botnet to the operations of China-linked threat actor Volt Typhoon. ” reads the report published by Lumen Technologies. ” concludes the report.

Small Business

Small Business Technology VPN Manufacturing

Ongoing Raspberry Robin campaign leverages compromised QNAP devices

Security Affairs

JULY 9, 2022

Cybereason researchers are warning of a wave of attacks spreading the wormable Windows malware Raspberry Robin. Raspberry Robin is a Windows worm discovered by cybersecurity researchers from Red Canary, the malware propagates through removable USB devices. The malware uses TOR exit nodes as a backup C2 infrastructure.

Malware

Malware Manufacturing Backups Technology

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices. The malware was employed in cryptocurrency mining campaigns and to launch denial-of-service (DDoS) attacks.

IoT

IoT DDOS Architecture Internet

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Security Affairs

DECEMBER 4, 2021

. “The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors.” ” states the alert.

Ransomware

Ransomware Hacking Malware Encryption

China-linked APT41 group targets Hong Kong with Spyder Loader

Security Affairs

OCTOBER 18, 2022

The attacks detailed by Cybereason targeted technology and manufacturing companies primarily located in East Asia, Western Europe, and North America. Symantec observed the attackers deploying a custom malware called Spyder Loader on the target networks. exe for the execution of the malware loader.

Malware

Malware Encryption Manufacturing Hacking

FBI warns of ransomware threat to food and agriculture

Malwarebytes

SEPTEMBER 3, 2021

The state of IoT is poor enough as it is, security wise. But manufacturers of agricultural equipment have spent the last few years locked in an automation arms race, and the side effects of this race are starting to show. Rise in malware. Install and regularly update anti-virus and anti-malware software on all hosts.

Ransomware

Ransomware Manufacturing Passwords Internet

APT29 is targeting Ministries of Foreign Affairs of NATO-aligned countries

Security Affairs

AUGUST 17, 2023

One of the PDFs delivered a variant of the Duke malware that has been linked to the Russian cyberespionage group APT29 (aka SVR group , BlueBravo , Cozy Bear , Nobelium , Midnight Blizzard , and The Dukes ). The experts detected two PDF files masqueraded as coming from the German embassy and that contained two diplomatic invitation lures.

Phishing

Phishing Small Business Malware Government

KmsdBot, a new evasive bot for cryptomining activity and DDoS attacks

Security Affairs

NOVEMBER 14, 2022

Researchers spotted a new evasive malware, tracked as KmsdBot, that infects systems via an SSH connection that uses weak credentials. Akamai Security Research discovered a new evasive Golang-based malware, tracked as KmsdBot, that infects systems via an SSH connection that uses weak login credentials.

DDOS

DDOS Malware Cryptocurrency Architecture

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. ” U.S.

Energy and Utilities

Energy and Utilities VPN Manufacturing Firewall

Steelcase office furniture giant hit by Ryuk ransomware attack

Security Affairs

OCTOBER 28, 2020

Office furniture company Steelcase was hit by Ryuk ransomware attack that forced it to shut down its network to avoid the malware from spreading. Steelcase is a US-based furniture company that produces office furniture, architectural and technology products for office environments and the education, health care and retail industries.

Ransomware

Ransomware Computers and Electronics Manufacturing Advertising

Raspberry Robin operators are selling initial access to compromised enterprise networks to ransomware gangs

Security Affairs

OCTOBER 27, 2022

In October 2022, the malware was used in post-compromise activity attributed to another actor, DEV-0950 (which overlaps with FIN11 / TA505 cybercrime gang). In some cases, the attackers delivered the Truebot malware between the Raspberry Robin infection and the Cobalt Strike deployment. The final-stage malware was the Clop ransomware.

Ransomware

Ransomware Malware Data collection Encryption

Nefilim ransomware operators leak data stolen from Whirlpool

Security Affairs

DECEMBER 28, 2020

The American multinational manufacturer and marketer of home appliances Whirlpool was hit by the Nefilim ransomware gang. The company has over 77,000 employees at 59 manufacturing & technology research centers worldwide and generated $20 billion in revenue for 2019.

Ransomware

Ransomware Manufacturing Marketing Mobile

Boeing confirmed its services division suffered a cyberattack

Security Affairs

NOVEMBER 2, 2023

The Boeing Company, commonly known as Boeing, is one of the world’s largest aerospace manufacturers and defense contractors. In mid-October, the Lockbit ransomware gang claimed to have hacked the technology services giant CDW. In 2022, Boeing recorded $66.61 billion in sales, the aerospace giant has 156,000 (2022).

Manufacturing

Manufacturing Ransomware Cybercrime Hacking

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Manufacturing Healthcare Education

Lacroix Group shut down three facilities after a ‘targeted cyberattack’

Security Affairs

MAY 16, 2023

French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack. The French electronics manufacturer Lacroix Group shut down three facilities in France, Germany, and Tunisia in response to a cyber attack. We are in the final!

Manufacturing

Manufacturing Ransomware Cyber Attacks Backups

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

Ransomware attackers often spend weeks or months inside of a target’s network before attempting to deploy malware across the network that encrypts servers and desktop systems unless and until a ransom demand is met. In some cases, this allows the intruders to profit even if their malware somehow fails to do its job.

Hacking

Hacking Ransomware Banking Accountability

Trojanized Comm100 Live Chat app installer distributed a JavaScript backdoor

Security Affairs

OCTOBER 4, 2022

The malicious installer was used to infect organizations in multiple sectors, including the industrial, healthcare, technology, manufacturing, insurance and telecommunications sectors in North America and Europe. “Malware is delivered via a signed Comm100 installer that was downloadable from the company’s website.

Telecommunications

Telecommunications Insurance Manufacturing Healthcare

3CX voice and video conferencing software victim of a supply chain attack

Security Affairs

MARCH 30, 2023

The products from multiple cybersecurity vendors started detecting the popular software as malware suggesting that the company has suffered a supply chain attack. The info stealer collects system information and gathers browser information from Chrome, Edge, Brave, and Firefox browsers.

Software

Software Malware Manufacturing Internet

Security Affairs newsletter Round 289

Security Affairs

NOVEMBER 15, 2020

million Texas drivers Biotech research firm Miltenyi Biotec hit by Mount Locker ransomware CISA Chief Chris Krebs expects to be fired by the White House Schneider Electric published a security advisory on Drovorub Linux Malware. The post Security Affairs newsletter Round 289 appeared first on Security Affairs.

Data breaches

Data breaches Hacking Ransomware Malware

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs

OCTOBER 19, 2023

“As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors,” reads the FBI’s flash alert.

Ransomware

Ransomware Financial Services Cybercrime Manufacturing

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

. “These operations have targeted various industries, including Aerospace & Defense, Education, Energy & Utilities, Governments, Hospitality, Manufacturing, Oil & Gas, Retail, Technology, and Transportation. The US government operation blocked access to the routers by Russian cyberspies. .”

Energy and Utilities

Energy and Utilities Government Firewall Malware

China-linked Flax Typhoon APT targets Taiwan

Security Affairs

AUGUST 25, 2023

The researchers observed Flax Typhoon gaining and maintaining long-term access to Taiwanese organizations’ networks with minimal use of malware. Microsoft has not observed The group has been active since mid-2021, it focuses on government agencies and education, critical manufacturing, and information technology organizations in Taiwan.

VPN

VPN Manufacturing Education Hacking

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Security Affairs

NOVEMBER 1, 2021

Positive Technologies researchers Vladimir Kononovich and Alexey Stennikov have discovered security flaws Wincor Cineo ATMs that could be exploited to bypass Black-Box attack protections and withdraw cash. The vulnerabilities discovered by the security duo impacts the Wincor Cineo ATMs with the RM3 and CMD-V5 dispensers.

Hacking

Hacking Firmware Encryption Manufacturing

France will not ban Huawei from its upcoming 5G networks

Security Affairs

SEPTEMBER 1, 2020

However, Macron said that France will favor European providers of 5G technology due to security concerns. It’s normal that … we want a European solution” because of the importance of “the security of our communication,” Macron told reporters. ” reported the Associated Press agency.

Telecommunications

Telecommunications Advertising Technology Manufacturing

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

Space and defense tech maker Exail Technologies exposes database access

Webinars

Trending Sources

Sierra Wireless halted production at its manufacturing sites due to ransomware attack

Webinars

TinyNuke banking malware targets French organizations

BlackMatter ransomware gang hit Technology giant Olympus

Technology giant Konica Minolta hit by a ransomware attack

Experts link Raspberry Robin Malware to Evil Corp cybercrime gang

Microsoft experts linked the Raspberry Robin malware to Evil Corp operation

BlackCat claims the hack of the Casepoint legal technology platform used by US agencies

Raspberry Robin malware used in attacks against Telecom and Governments

Joker malware infected 538,000 Huawei Android devices

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Android mobile devices from top vendors in China have pre-installed malware

Microsoft: Raspberry Robin worm already infected hundreds of networks

Raspberry Robin malware used in attacks against Telecom and Governments

Lockbit ransomware gang claims to have stolen data from Boeing

Raspberry Robin spotted using two new 1-day LPE exploits

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

Ransomware attacks break records in 2023: the number of victims rose by 128%

Facebook links cyberespionage group APT32 to Vietnamese IT firm

China-linked APT Volt Typhoon linked to KV-Botnet

Ongoing Raspberry Robin campaign leverages compromised QNAP devices

Updated Kmsdx botnet targets IoT devices

Cuba ransomware gang hacked 49 US critical infrastructure organizations

China-linked APT41 group targets Hong Kong with Spyder Loader

FBI warns of ransomware threat to food and agriculture

APT29 is targeting Ministries of Foreign Affairs of NATO-aligned countries

KmsdBot, a new evasive bot for cryptomining activity and DDoS attacks

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Steelcase office furniture giant hit by Ryuk ransomware attack

Raspberry Robin operators are selling initial access to compromised enterprise networks to ransomware gangs

Nefilim ransomware operators leak data stolen from Whirlpool

Boeing confirmed its services division suffered a cyberattack

FBI and CISA warn of attacks by Rhysida ransomware gang

Lacroix Group shut down three facilities after a ‘targeted cyberattack’

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Trojanized Comm100 Live Chat app installer distributed a JavaScript backdoor

3CX voice and video conferencing software victim of a supply chain attack

Security Affairs newsletter Round 289

Law enforcement operation seized Ragnar Locker group’s infrastructure

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

China-linked Flax Typhoon APT targets Taiwan

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

France will not ban Huawei from its upcoming 5G networks

Stay Connected