Hot for Security

JUNE 2, 2021

In the early days of ransomware things were fairly simple: malware would infect your company’s infrastructure, encrypting your valuable data with a secret key that was only known to your attackers. If you had shown the foresight of making secure backups in advance, you could get back up and running again.

Encryption 138

Encryption Ransomware Backups Hacking 138

eSecurity Planet

MARCH 17, 2025

Since its emergence in 2021, Medusa has targeted over 300 victims across various critical infrastructure sectors, including medical, education, legal, insurance, technology, and manufacturing. Attackers employ a double extortion strategy, encrypting victim data and threatening to publicly release it if the ransom is unpaid.

Ransomware 75

Ransomware Backups Firmware Insurance 75

Krebs on Security

OCTOBER 28, 2020

Ransomware attackers often spend weeks or months inside of a target’s network before attempting to deploy malware across the network that encrypts servers and desktop systems unless and until a ransom demand is met. He declined to comment on the particulars of the extortion incident.

Hacking 357

Hacking Ransomware Banking Accountability 357

CyberSecurity Insiders

SEPTEMBER 12, 2021

Japan -based camera and binocular manufacturer Olympus that is also into the manufacturing of medical devices has revealed in an official statement that its servers were targeted by BlackMatter Ransomware group that could have disrupted the computers systems in network operating in Middle East, Europe and Africa.

Ransomware 128

Ransomware Manufacturing Backups Encryption 128

CyberSecurity Insiders

APRIL 9, 2021

European Enterprises mainly involved in manufacturing are being targeted by a new strain of Ransomware dubbed as Cring and confirmed sources say that the malware is being spread by exploitation of Fortinet VPN Vulnerability.

Ransomware 140

Ransomware VPN Manufacturing Backups 140

Security Affairs

MAY 11, 2021

The Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) are warning of an ongoing Avaddon ransomware campaign targeting organizations worldwide in multiple industries, including government, finance, energy, manufacturing, and healthcare. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Ransomware 138

Ransomware Backups Antivirus DDOS 138

Security Affairs

MARCH 13, 2025

As of February 2025, Medusa developers and affiliates have impacted over 300 victims from a variety of critical infrastructure sectors with affected industries including medical, education, legal, insurance, technology, and manufacturing.” The attackers are also spotted manually disabling and encrypting virtual machines.

Ransomware 68

Ransomware Encryption Cryptocurrency Insurance 68

Security Affairs

NOVEMBER 19, 2023

Phobos variants are usually distributed by the SmokeLoader , but in 8Base campaigns, it has the ransomware component embedded in its encrypted payloads. The group has been active since March 2022, it focused on small and medium-size businesses in multiple industries, including finance, manufacturing, business services, and IT.

Ransomware 140

Ransomware Encryption Backups Malware 140

Security Affairs

AUGUST 9, 2021

In addition to the encryption of data, victims have received threats that data stolen during the incidents will be published.” Most of the attacks have been reported in July, the organizations hit by the ransomware gang operate in professional services, construction, manufacturing, retail, and food industries. ransomware.

Ransomware 120

Ransomware Retail Manufacturing Encryption 120

Security Affairs

JANUARY 16, 2022

The ransomware known as Qlocker exploits CVE-2021-28799 to attack QNAP NAS running certain versions of HBS 3 (Hybrid Backup Sync).” Then it also deletes snapshots to prevent restoring of data from the backups and drops a ransom note (named !!!READ_ME.txt) The malicious code appends.encrypt extension to filenames of encrypted files.

Ransomware 139

Ransomware Encryption Backups Firmware 139

Security Affairs

MARCH 26, 2021

The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. Mamba ransomware is one of the first malware that encrypted hard drives rather than files that was detected in public attacks. ” reads the alert published by the FBI.

Ransomware 145

Ransomware Encryption Passwords Malware 145

Malwarebytes

JULY 26, 2022

Part 1: Your data has been encrypted! Part 1: Your data has been encrypted! As you can see, our files have in fact been encrypted by the ransomware across multiple directories with the “ encrypt ” extension. encrypted versions of the same file. . The post Demo: Your data has been encrypted!

Encryption 86

Encryption Ransomware Backups Firewall 86

Security Affairs

AUGUST 15, 2020

Based in Louisville, Kentucky, it manufactures several well-known brands throughout the world, including Jack Daniel’s, Early Times, Old Forester, Woodford Reserve, GlenDronach, BenRiach, Glenglassaugh, Finlandia, Herradura, Korbel, and Chambord. “Brown-Forman was the victim of a cybersecurity attack.

Ransomware 144

Ransomware Advertising Hacking Encryption 144

eSecurity Planet

OCTOBER 5, 2021

Data backup. The first is high-integrity, air-gapped data backups , which is the quickest and cheapest way to recover from an attack. The focus is on recovering deleted and encrypted files as quickly as possible. Also offers virtual disk repair, database repair, backup file repair, deleted file recovery. Proven Data.

Ransomware 139

Ransomware Backups Encryption Insurance 139

Herjavec Group

SEPTEMBER 24, 2021

Olympus A manufacturer of optics, endoscopy, and reprography products. Citrocasa GmbH A machining manufacturer. Manufacturing Austria. Pramer Baustoffe GmbH A construction material and tool supplier Manufacturing Austria. Recent targets include: . Name Descirption Industry Country. Health Care Equipment Japan.

Ransomware 109

Ransomware Manufacturing Encryption Energy and Utilities 109

CyberSecurity Insiders

SEPTEMBER 20, 2021

Encryption and data backup. Data encryption is a protection strategy that renders data useless even when an intruder accesses it. Encrypting all your company’s sensitive data and private information ensures that it’s protected from data breaches.

Cybersecurity 121

Cybersecurity Insurance Passwords Encryption 121

CyberSecurity Insiders

FEBRUARY 2, 2023

To those new to QNAP, the company is into the manufacturing of network attacks storage devices and has been constantly facing issued regarding security for the past 2 years. So, such appliances can not only serve as simple file servers or backup nodes, but can also serve as computing servers for basic needs. S SSD support.

Ransomware 119

Ransomware Backups Manufacturing Encryption 119

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. ” reads the report published by the company.

Ransomware 118

Ransomware DDOS Passwords Backups 118

Hacker Combat

JUNE 2, 2022

The factory specializes in manufacturing, consumer electronics, medical devices, and industrial operations. Based in Tijuana, Mexico, near the California border, the facility is an electronics manufacturing giant employing 5,000 people. To detect attacks, scan all emails and conduct regular data backups. using the LockBit 2.0

Ransomware 132

Ransomware Manufacturing Antivirus Cyber Risk 132

Security Affairs

MAY 16, 2023

French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack. The French electronics manufacturer Lacroix Group shut down three facilities in France, Germany, and Tunisia in response to a cyber attack. ” reported Yahoo Finance.

Manufacturing 98

Manufacturing Ransomware Cyber Attacks Backups 98

eSecurity Planet

APRIL 6, 2023

Ransomware is a type of malicious program, or malware, that encrypts files, documents and images on a computer or server so that users cannot access the data. These keys are available to the attacker, and the encryption can only be decrypted using a private key. How Does Ransomware Work?

Ransomware 98

Ransomware Backups Encryption Malware 98

Malwarebytes

AUGUST 16, 2022

While anyone can fall victim to these threat actors, the FBI noted that this malware has been used to target a wide range of businesses and critical infrastructure organizations, including defense contractors, educational institutions, manufacturers, technology companies, and especially organizations in the healthcare and medical industries.

Ransomware 97

Ransomware Backups Passwords Authentication 97

Security Affairs

OCTOBER 13, 2020

As an example, we could use communications between systems that are not properly encrypted. Improper encryption. Hackers or other malicious sources can intercept poorly encrypted communications on the web. The Flaws in Manufacturing Process. Before the device applies the update, it sends a backup to the servers.

IoT 142

IoT Cybersecurity Manufacturing Internet 142

CyberSecurity Insiders

JULY 6, 2022

What’s surprising in this finding is that the said file-encrypting malware is being spread since May 2021 and was being targeted mainly at healthcare and public healthcare organizations.

Ransomware 88

Ransomware Healthcare Encryption Backups 88

Malwarebytes

MAY 11, 2021

The FBI states that is has received notifications of unidentified cyber actors using Avaddon ransomware against US and foreign private sector companies, manufacturing organizations, and healthcare agencies. Avaddon ransomware performs an encryption in offline mode using AES-256 + RSA-2048 to encrypt files. Free decryptor.

Ransomware 128

Ransomware VPN Encryption Cybercrime 128

Malwarebytes

OCTOBER 27, 2023

ALPHV was the third most used RaaS between October 2022 - September 2023 ALPHV is a typical RaaS group where several criminal organizations work together to extort victims for data theft and/or encryption of important files. Stop malicious encryption. Create offsite, offline backups.

Social Engineering 122

Social Engineering Engineering Ransomware Backups 122

Security Affairs

JULY 11, 2019

The ransomware targets poorly protected or vulnerable NAS servers manufactured by Taiwan-based QNAP Systems, attackers exploits known vulnerabilities or carry out brute-force attacks. encrypt extension to filenames of encrypted files. encrypt extension to filenames of encrypted files. The malicious code appends.

Ransomware 111

Ransomware Encryption Malware Advertising 111

Malwarebytes

MAY 24, 2023

Entry for Rheinmetall on BlackBasta leak site Rheinmetall’s main activities are in the automobile industry and weapons manufacturing, and it descibes itself as one of the world’s largest manufacturers of military vehicles and ammunition. After the data is copied, the ransomware encrypts files and gives them the ".basta"

Ransomware 97

Ransomware Backups Manufacturing Encryption 97

Malwarebytes

FEBRUARY 9, 2024

Stop malicious encryption. Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Use EDR or MDR to detect unusual activity before an attack occurs.

Software 145

Software Ransomware Backups Manufacturing 145

Security Affairs

SEPTEMBER 3, 2021

Small farms, large producers, processors and manufacturers, and markets and restaurants are particularly exposed to ransomware attacks. The good news is in the latter attack the victims restored its backups. The most clamorous attack against the sector was orchestrated by the REvil gang against JBS Foods disrupting its operations.

Ransomware 118

Ransomware Passwords Backups Firmware 118

Security Affairs

MAY 25, 2021

The audio equipment manufacturer Bose Corporation said it was the victim of a ransomware attack that took place earlier this year, on March 7. The audio maker confirmed that it did not pay any ransom and recovered the encrypted files from its backups with the support of third-party cybersecurity experts.

Ransomware 137

Ransomware Malware Cyber Attacks Backups 137

Security Affairs

JULY 5, 2023

Once inside the system, this malicious variant stealthily extracts sensitive information and proceeds to encrypt the compromised files.” Threat actors used reputable LinkedIn pages to target victims, including the Philippines Industrial Machinery Manufacturing Company and multiple organizations in Brazil.

Energy and Utilities 98

Energy and Utilities Ransomware Backups Malware 98

Hacker Combat

APRIL 1, 2021

Ransomware is malicious software used by hackers to access and encrypt computers and computer networks. As the owner of the device or computer network, the encryption locks you out until you pay the demanded ransom. Once the links in the email are clicked, the ransomware downloads and encrypts the device, locking the user out.

Ransomware 90

Ransomware Backups Social Engineering Passwords 90

SecureList

MAY 25, 2021

Several versions were released as part of each “rebranded” variant that altered different aspects of the code, renamed file extensions, cryptographic schemes and encryption keys. In addition, it deletes all system backups, shadow copies, disables the system recovery mode, and clears event logs. Encryption flaws.

Ransomware 140

Ransomware Encryption Malware Energy and Utilities 140

CyberSecurity Insiders

JUNE 29, 2023

Granules, the Indian Pharmaceutical company that manufactures Paracetamol has released an official statement that a ransomware attack that targeted its servers last month has resulted in substantial loss of revenue and profitability.

Ransomware 83

Ransomware Backups Encryption Manufacturing 83

SecureList

APRIL 25, 2025

Neither payload is encrypted. Loading the configuration All field values within the configuration are encrypted using AES-128 in ECB mode and then encoded with Base64. If errors occur, it uses durl2 and durl3 as backup links. Before being sent, the data is encrypted using AES-128 in CBC mode and then encoded with Base64.

Malware 84

Malware Cryptocurrency Firmware Accountability 84

Malwarebytes

FEBRUARY 19, 2023

Applied Materials, one of the world’s leading suppliers of equipment, services, and software for the manufacture of semiconductors, has warned that its second-quarter sales are likely to be hurt to the tune of $250 million due to a cybersecurity attack at one of its suppliers. Stop malicious encryption. MKS Instruments Inc.

Ransomware 98

Ransomware Backups Manufacturing Marketing 98