SecureList

NOVEMBER 29, 2024

The campaign, which we dubbed EastWind , used phishing emails with malicious shortcuts attached to deliver malware to target computers. The attack starts with phishing emails purporting to be a court order or summons from an institution in Colombia’s judicial system.

Energy and Utilities

SecureWorld News

APRIL 23, 2025

As the report starkly states: "The three primary ways in which attackers access an organization are stolen credentials, phishing and exploitation of vulnerabilitiesacross every single industry." Phishing accounted for nearly 25% of all breaches. Public Sector: DoS attacks and ransomware remain major concerns. Speed matters.

CISO

Centraleyes

DECEMBER 16, 2024

Ransomware Still Reigns Supreme Ransomware attacks continue to plague organizations globally, and 2024 will be no different. Attackers are becoming more organized, with ransomware-as-a-service (RaaS) operations providing easy access to malicious tools for even novice cybercriminals.

Cybersecurity

Hacker's King

DECEMBER 24, 2024

AI-powered malware and phishing schemes can adapt to defenses in real time, making them harder to detect and counter. In 2025, insurers will refine their policies to cover new threats such as ransomware and supply chain attacks, providing businesses with financial safeguards against cyber losses.

Cybersecurity

SecureWorld News

MAY 14, 2025

Top cybercrime categories: Phishing/spoofing: 193,407 complaints Extortion: 86,415 complaints Personal data breaches: 64,882 complaints Cryptocurrency-related scams: Nearly 150,000 complaints involved cryptocurrency, accounting for $9.3 Other critical sectors, including manufacturing and government facilities, also faced significant threats.

Cybercrime

Digital Shadows

MARCH 17, 2025

This bypasses security barriers entirely, giving adversaries a direct path to infiltrate networks, steal data, and deploy ransomware undetected. Notably, 64% of VPN vulnerabilities are directly linked to ransomware campaigns, demonstrating how cybercriminals quickly monetize stolen credentials for profit.

VPN

Digital Shadows

NOVEMBER 26, 2024

Key Points Phishing incidents rose during the reporting period (August 1 to October 31, 2024), accounting for 46% of all customer incidents. This increase is likely driven by high employee turnover and easy access to phishing kits. Meanwhile, “RansomHub” is rising rapidly due to its attractive ransomware-as-a-service (RaaS) model.

Cyber Attacks

Security Boulevard

MARCH 21, 2025

NCSC) FBI Warns of Increasing Threat of Cyber Criminals Utilizing Artificial Intelligence (FBI) 4 - Groups call for IoT end-of-life disclosure law Manufacturers of internet-of-things (IoT) devices should be required by law to disclose the products theyre no longer supporting, so that customers are aware of the security risks those products pose.

Risk

SecureWorld News

JULY 17, 2025

Fortinet warns that nation-state and ransomware actors remain highly active, with manufacturing once again the most targeted sector. Alarmingly, AI-powered cybercrime is accelerating, with adversaries using it to scale phishing and evade detection. Despite the gains, the threat landscape is escalating.

CISO

SecureWorld News

JULY 10, 2025

Manufacturing and logistics firms, increasingly digitized and AI-driven, are acutely at risk: state-aligned hackers are "infiltrating the digital arteries of commerce" from ports to payment systems. Nation-state actors have experimented with implanting backdoors on hardware components during manufacturing—a nightmare scenario for detection.

Manufacturing

SecureList

NOVEMBER 28, 2024

Based on limited telemetry, we believe with medium to low confidence that some of the initial infections were spear-phishing emails. Most of the infections were still at financial institutions in Vietnam, with one victim active in the manufacturing industry. In terms of victimology, there was little change.

Malware

SecureList

MARCH 13, 2025

Initial Access While previous Head Mare attacks relied solely on phishing emails with malicious attachments, they now also infiltrate victims’ infrastructure through compromised contractors with access to business automation platforms and RDP connections. 360nvidia[.]com; com; 45.156.27[.]115

Energy and Utilities

Digital Shadows

DECEMBER 5, 2024

One private equity CISO reported a 400% increase in phishing attempts on acquired companies post-M&A deal announcements. Responses suggested exploiting the information for insider trading, with one forum member comparing the potential profits to those from ransomware. Totaling an impressive $2.5 Another user recommended blackmail.

Cybersecurity

SecureWorld News

JULY 22, 2025

Nation-state actors are leveraging advanced AI and large language models (LLMs) to craft highly adaptive phishing campaigns, generate sophisticated malware, and conduct targeted ransomware attacks. As one expert noted, "The maritime industry's digital transformation has heightened the risk of cyberattacks."

Surveillance

Jane Frankland

JANUARY 12, 2025

Ransomware remains a prominent threat, but the methods have evolved. Double extortion ransomware is now a preferred techniquea devastating one-two punch where attackers not only encrypt a companys data but also steal sensitive information.

Cybersecurity

SecureList

DECEMBER 27, 2024

Percentage of ICS computers on which malicious objects were blocked in selected industries In the third quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased across most industries, with the exception of the biometrics and manufacturing sectors. pp) and 1.97% (by 0.01 pp), respectively.

Malware

Webroot

OCTOBER 31, 2024

This year has seen ransomware groups adapt and innovate, pushing the boundaries of their malicious capabilities and evasiveness from law enforcement. The ransomware sector, in particular, has witnessed the emergence of “business models,” with ransomware-as-a-service (RaaS) dominating the scene.

Malware

SecureWorld News

MAY 8, 2025

Secure remote access to OT assets using virtual private networks (VPNs) with phishing-resistant multifactor authentication (MFA). The advisory also emphasizes the importance of regular communication with third-party managed service providers, system integrators, and system manufacturers to secure OT systems effectively.

Technology

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. There are multiple examples of ransomware groups doing just that after security researchers crowed about finding vulnerabilities in their ransomware code.

Ransomware

Security Boulevard

JUNE 30, 2021

As automotive supply chains become more complex, automotive manufacturers are increasingly susceptible to a ransomware attack, according to a report from Black Kite. The post Ransomware in Auto Manufacturing Threatens Industry’s Recovery appeared first on Security Boulevard.

Manufacturing

Krebs on Security

DECEMBER 27, 2019

Synoptek , a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. A now-deleted Tweet from Synoptek on Dec. A now-deleted Tweet from Synoptek on Dec.

Ransomware

CSO Magazine

FEBRUARY 24, 2022

Ransomware and phishing were the top cybersecurity issues for businesses in 2021, according to IBM Security’s annual X-Force Threat Intelligence Index. To read this article in full, please click here

Manufacturing

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The Rhysida ransomware gang added the China Energy Engineering Corporation to the list of victims on its Tor leak site. The Rhysida ransomware operators plan to sell the stolen data to a single buyer.

Ransomware

Security Affairs

MAY 11, 2021

The FBI and Australian Australian Cyber Security Centre (ACSC) warn of an ongoing Avaddon ransomware campaign targeting organizations worldwide. “The Australian Cyber Security Centre (ACSC) is aware an ongoing ransomware campaign utilising the Avaddon Ransomware malware. . ” reads the alert published by ACSC.

Ransomware

The Last Watchdog

MAY 1, 2019

Social engineering, especially phishing, continues to trigger the vast majority of breach attempts. Lucy’s’s software allows companies to easily set-up customizable mock attacks to test employees’ readiness to avoid phishing, ransomware and other attacks with a social engineering component. office in Austin, TX.

Social Engineering

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. The Rhysida ransomware group claimed to have breached the Abdali Hospital in Jordan and added it to the list of victims on its Tor leak site. The Rhysida ransomware group has been active since May 2023.

Hacking

CyberSecurity Insiders

DECEMBER 20, 2021

Clop Ransomware Group, a Russian based hacking gang, has published some data belonging to British Police on the dark web and stated that the act was a retaliation for not paying the demanded ransom. Based on the condition of anonymity, a source from Dacoll stated the incident took place in October 2021 via a phishing attack.

Ransomware

CyberSecurity Insiders

SEPTEMBER 12, 2021

Japan -based camera and binocular manufacturer Olympus that is also into the manufacturing of medical devices has revealed in an official statement that its servers were targeted by BlackMatter Ransomware group that could have disrupted the computers systems in network operating in Middle East, Europe and Africa.

Ransomware

Security Affairs

NOVEMBER 29, 2023

The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London. The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London and added it to the list of victims on its Tor leak site. King Edward VII’s Hospital in London has been breached by Rhysida Ransomware.

Ransomware

Security Affairs

AUGUST 8, 2024

FBI and CISA published a joint advisory on the BlackSuit Ransomware group, the document provides TTPs and IOCs as recently as July 2024. CISA, in collaboration with the FBI, has published a joint advisory on the BlackSuit Ransomware group. The update includes new TTPs, IOCs, and detection methods related to BlackSuit ransomware.

Ransomware

Malwarebytes

AUGUST 25, 2022

September 2021 saw a huge spike of exploit detections against the manufacturing industry, with a distributed spread between California, Florida, Ohio, and Missouri. United States manufacturing threat family detections by month. United States manufacturing family threat detections pie chart.

Manufacturing

Security Affairs

DECEMBER 4, 2021

The FBI has revealed that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. A flash alert published by the FBI has reported that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. ” states the alert.

Ransomware

Security Affairs

OCTOBER 26, 2021

The FBI published a flash alert to warn of the activity of the Ranzy Locker ransomware that had already compromised tens of US companies. The FBI published a flash alert to warn of Ranzy Locker ransomware operations that had already compromised at least 30 US companies this year. SecurityAffairs – hacking, Ranzy Locker ransomware).

Ransomware

Security Affairs

MARCH 8, 2020

The City of Durham, North Carolina, was the last victim in order of time of the infamous Ryuk ransomware that infected its systems. The City of Durham, North Carolina was forced to shut down its network after its systems have been infected with the Ryuk Ransomware during the weekend. SecurityAffairs – hacking, Ryuk ransomware).

Ransomware

Security Affairs

NOVEMBER 15, 2023

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks against organizations across multiple industry sectors. ” reads the joint advisory.

Ransomware

SecureWorld News

JULY 1, 2020

Phishing emails are increasingly attempting to launch ransomware attacks against organizations. This includes a newly discovered family, or strain of ransomware, called Avaddon. Proofpoint research: rise in email based ransomware. Throughout June, security researchers noticed an increase in email-based ransomware attacks.

Ransomware

CyberSecurity Insiders

OCTOBER 27, 2022

Microsoft, the technology giant of America, has linked Clop Ransomware gang’s whereabouts to a corporate network that was previously hit by Raspberry Robin worm. BlackCat Ransomware aka ALPHV Ransomware is claiming to have a hands-on the information belonging to soldiers of Ecuadorian Joint Command of the Armed Forces.

Ransomware