Remove Manufacturing Remove Ransomware Remove VPN
article thumbnail

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Digital Shadows

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. How AI and automation are amplifying the scale and sophistication of VPN attacks.

VPN 133
article thumbnail

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney Generals Office that occurred in February. The ransomware group Cloak has claimed responsibility for a February cyberattack on the Virginia Attorney General Office. Chief Deputy AG Steven Popps called it a sophisticated attack.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Who’s Behind the GandCrab Ransomware?

Krebs on Security

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. Image: Malwarebytes. The GandCrab identity on Exploit[.]in

article thumbnail

Cring Ransomware spreading because of Fortinet vulnerability

CyberSecurity Insiders

European Enterprises mainly involved in manufacturing are being targeted by a new strain of Ransomware dubbed as Cring and confirmed sources say that the malware is being spread by exploitation of Fortinet VPN Vulnerability.

article thumbnail

China’s Volt Typhoon botnet has re-emerged

Security Affairs

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

VPN 121
article thumbnail

Rhysida ransomware gang claimed China Energy hack

Security Affairs

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The Rhysida ransomware gang added the China Energy Engineering Corporation to the list of victims on its Tor leak site. The Rhysida ransomware operators plan to sell the stolen data to a single buyer.

article thumbnail

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. The Rhysida ransomware group claimed to have breached the Abdali Hospital in Jordan and added it to the list of victims on its Tor leak site. The Rhysida ransomware group has been active since May 2023.

Hacking 138