Krebs on Security

FEBRUARY 20, 2024

The government says Russian national Artur Sungatov used LockBit ransomware against victims in manufacturing, logistics, insurance and other companies throughout the United States. ” In a lengthy thread about the LockBit takedown on the Russian-language cybercrime forum XSS, one of the gang’s leaders said the FBI and the U.K.’s

Ransomware 329

Ransomware Cybercrime Encryption Insurance 329

Security Affairs

FEBRUARY 11, 2025

“They allegedly used the Phobos malware to encrypt information on the networks, blocking the companies from accessing the data unless a ransom was paid and a decryption key was provided by the gang. Generation of target list of extensions and folders to encrypt. ” reported the website Nation Thailand.

Ransomware 71

Ransomware Encryption Backups Malware 71

Security Affairs

APRIL 5, 2025

The ransomware gang hit organizations in multiple industries, including education, healthcare, manufacturing, information technology, and government sectors. In September 2024, Port of Seattle confirmed that the Rhysida ransomware group was behind the cyberattack. The Rhysida ransomware group has been active since May 2023.

Data breaches 95

Data breaches Ransomware Cyber Attacks Manufacturing 95

Security Affairs

FEBRUARY 28, 2025

Unfortunately, manufacturers often sell older OS versions as newer ones. Vo1d botnet has enhanced its stealth and resilience with RSA encryption to secure communication, preventing C2 takeover. By sharing our findings, we aim to contribute to the fight against cybercrime and raise awareness of this formidable threat.”

Antivirus 64

Antivirus Firmware Encryption Manufacturing 64

Security Affairs

MARCH 13, 2025

As of February 2025, Medusa developers and affiliates have impacted over 300 victims from a variety of critical infrastructure sectors with affected industries including medical, education, legal, insurance, technology, and manufacturing.” The attackers are also spotted manually disabling and encrypting virtual machines.

Ransomware 69

Ransomware Encryption Cryptocurrency Insurance 69

Hacker's King

DECEMBER 24, 2024

Quantum Computing Threats While quantum computing offers immense potential, it also poses a serious risk to traditional encryption methods. Hackers with access to quantum technology could potentially break existing cryptographic protocols, necessitating the development of quantum-resistant encryption.

Cybersecurity 59

Cybersecurity Cyber Insurance IoT Insurance 59

Webroot

MARCH 12, 2025

But if your hard drive crashes, your laptop gets stolen, or you fall victim to cybercrime, the loss can be devastating. Backing up your data simply means creating copies of your important files and storing them in secure, encrypted locations. Ensures that your valuable data is encrypted, secure, and accessible when you need it.

Backups 77

Backups Encryption Antivirus Data preservation 77

Security Affairs

JANUARY 12, 2022

Upon executing the Omicron Stats.exe, it unpacks resources encrypted with triple DES using ciphermode ECB and padding mode PKCS7. ” Experts speculate RedLine Stealer will continue to take advantage of the ongoing COVID pandemic and the stolen information will continue to fuel underground cybercrime marketplaces. .

Malware 145

Malware Manufacturing Cryptocurrency Cybercrime 145

Security Affairs

MARCH 12, 2025

The malware kills previous instances, deletes itself to evade detection, reads system configuration files, and establishes an encrypted C2 channel on port 82. It processes encrypted data over a RAW socket, limiting further analysis. The shell module enables backdoor access for data exfiltration and persistence.

IoT 72

IoT Malware Encryption DDOS 72

Security Affairs

NOVEMBER 1, 2021

“According to Vladimir Kononovich, some manufacturers rely on security through obscurity, with proprietary protocols that are poorly studied and the goal of making it difficult for attackers to procure equipment to find vulnerabilities in such devices. Wincor is currently owned by ATM manufacturer giant Diebold Nixdorf.

Hacking 136

Hacking Firmware Encryption Manufacturing 136

Krebs on Security

APRIL 4, 2024

Launched in 2008, privnote.com employs technology that encrypts each message so that even Privnote itself cannot read its contents. com is currently selling security cameras made by the Chinese manufacturer Hikvision , via an Internet address based in Hong Kong. The real Privnote, at privnote.com. com include privnode[.]com

Phishing 275

Phishing Cryptocurrency DDOS Internet 275

Security Affairs

NOVEMBER 19, 2023

Phobos variants are usually distributed by the SmokeLoader , but in 8Base campaigns, it has the ransomware component embedded in its encrypted payloads. The group has been active since March 2022, it focused on small and medium-size businesses in multiple industries, including finance, manufacturing, business services, and IT.

Ransomware 140

Ransomware Encryption Backups Malware 140

Security Affairs

JANUARY 5, 2024

Researchers from cybersecurity firm KELA reported that a threat actor announced on a cybercrime forum the sale of the source code and a cracked version of the Zeppelin ransomware builder for $500. To each encrypted file, it appends a randomized nine-digit hexadecimal number as an extension.

Ransomware 132

Ransomware Hacking Encryption Malware 132

Security Affairs

SEPTEMBER 13, 2021

Lile other ransomware operations, BlackMatter also set up its leak sitewhere it will publish data exfiltrated from the victims before encrypting their system. Japan-headquartered Olympus manufactures optical and digital reprography technology for the medical and life sciences industries.

Technology 136

Technology Ransomware Computers and Electronics Cybercrime 136

Security Affairs

AUGUST 29, 2021

The name of the sportswear manufacturer Puma appeared on the dark web marketplace of stolen data Marketo, threat actors claim to have stolen 1 GB of data from the company. The ad on Marketo claims to have about 1GB of data stolen from the company that are now auctioned to the highest bidder. .

Manufacturing 135

Manufacturing Data breaches Encryption Hacking 135

CyberSecurity Insiders

SEPTEMBER 20, 2021

Encryption and data backup. Data encryption is a protection strategy that renders data useless even when an intruder accesses it. Encrypting all your company’s sensitive data and private information ensures that it’s protected from data breaches.

Cybersecurity 121

Cybersecurity Insurance Passwords Encryption 121

Malwarebytes

MAY 11, 2021

Both the Australian Cyber Security Centre (ACSC) and the US Federal Bureau of Investigation (FBI) have issued warnings about an ongoing cybercrime campaign that is using Avaddon ransomware. Avaddon ransomware performs an encryption in offline mode using AES-256 + RSA-2048 to encrypt files. Free decryptor.

Ransomware 121

Ransomware VPN Encryption Cybercrime 121

Security Affairs

DECEMBER 27, 2021

The attackers first create a user in the administrator group, then use it to encrypt the content of the NAS. The ransomware, tracked by Intezer as “ QNAPCrypt ” and “ eCh0raix ” by Anomali, is written in the Go programming language and uses AES encryption to encrypt files. TXTT” extension. 024 ($1,200) up to.06

Ransomware 142

Ransomware Encryption Manufacturing Hacking 142

Security Affairs

FEBRUARY 12, 2024

The experts exploited the vulnerability to reconstruct encryption keys and developed a decryptor that allows victims of the Rhysida ransomware to recover their encrypted data for free. Rhysida ransomware employed a secure random number generator to generate the encryption key and subsequently encrypt the data.

Ransomware 130

Ransomware Encryption VPN Manufacturing 130

Security Affairs

SEPTEMBER 9, 2023

The cybercrime group claims to have stolen 1 TB of data from the hospital and threatens to leak it. The message published by the gang on its leak site emphasizes that they didn’t encrypt data to avoid causing malfunctions to the hospital’s medical equipment.

Ransomware 133

Ransomware Financial Services Encryption Cybercrime 133

SecureWorld News

JANUARY 27, 2023

The United States Department of Justice (DOJ) recently announced that it has successfully taken down the HIVE ransomware network, an international cybercrime ring that had been responsible for stealing and encrypting the data of more than 1,500 companies from 80 different countries. Cybercrime is a constantly evolving threat.

Ransomware 98

Ransomware Cybercrime Cryptocurrency Telecommunications 98

Security Affairs

JANUARY 28, 2022

Taiwanese electronics manufacturing company Delta Electronics was hit by the Conti ransomware that took place this week. According to CTWANT , which cited an undisclosed information security company, Delta Electronics was hit by Conti ransomware that asked Delta to pay a $15 million ransom to restore encrypted files and avoid their leak.

Computers and Electronics 111

Computers and Electronics Ransomware Manufacturing Malware 111

Security Affairs

DECEMBER 4, 2021

. “The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors.”

Ransomware 145

Ransomware Hacking Malware Encryption 145

Security Affairs

OCTOBER 24, 2020

The ransomware encrypted files and renamed their filenames by adding the “ easy2lock” extension, this extension was previously associated with recent WastedLocker ransomware infections. Most of the victims belong to the manufacturing industry, followed by IT and media and telecommunications sectors.

Ransomware 123

Ransomware Telecommunications Banking Advertising 123

Security Affairs

JUNE 11, 2021

Good news for the victims of the Avaddon ransomware gang , the cybercrime group has shut down its operations and provided the decryption keys to BleepingComputer website. “The Avaddon ransomware encrypts victim’s files using AES-256 and RSA-2048, and appends a random extension.” ” states Emsisoft.

Ransomware 144

Ransomware Passwords Manufacturing Healthcare 144

Security Affairs

MAY 15, 2023

Compromised organizations operate in different business verticals, including manufacturing, wealth management, insurance providers, and pharmaceuticals. The ransomware supports intermittent encryption to speed up the encryption process. This process encrypts only a certain part of the source file’s contents, not the entire file.”

Ransomware 98

Ransomware Encryption Cybercrime Insurance 98

Security Affairs

MAY 24, 2024

509 [2] certificates) and encrypted, authenticated connections (TLS [3] and its precursor, SSL [4] ). For instance, suppose firewall manufacturer ACME Inc. It also integrates an ACME client for automatic certificate generation via Let’s Encrypt [8]. When combined with an ACME client that automatically generates an X.509

DNS 136

DNS Manufacturing Firewall Internet 136

Security Affairs

JANUARY 12, 2020

The Maze ransomware gang has released 14GB of files that they claim were stolen from one of its victims, the Southwire cable manufacturer. The victims of the Maze Ransomware are facing another risk, after having their data encrypted now crooks are threatening to publish their data online. Pierluigi Paganini.

Ransomware 98

Ransomware Manufacturing Advertising Encryption 98

Security Affairs

AUGUST 10, 2021

NAS servers are a privileged target for hackers because they normally store large amounts of data.The ransomware was targeting poorly protected or vulnerable NAS servers manufactured by QNAP, threat actors exploited known vulnerabilities or carried out brute-force attacks.

Ransomware 138

Ransomware Encryption Firmware Passwords 138

Security Affairs

NOVEMBER 24, 2022

RansomExx operation has been active since 2018, the list of its victims includes government agencies, the computer manufacturer and distributor GIGABYTE , and the Italian luxury brand Zegna. The ransomware iterates through the specified directories, enumerating and encrypting files. ” concludes the report.

Ransomware 100

Ransomware Encryption Malware Manufacturing 100

SecureList

JULY 20, 2022

The encryption scheme it uses, however, is not so typical, as it involves x25519 and AES, a combination not often encountered in ransomware schemes. Black Basta supports the command line argument “-forcepath” that is used to encrypt only files in a specified directory. Command line options available in Luna. Conclusion.

Ransomware 109

Ransomware Encryption Advertising Malware 109

Security Affairs

JANUARY 8, 2024

“According to this and other leaked documents, the Department of Defence purchased technology for the Air Force’s encrypted communications. . “The leaked documents include a contract between the Swiss Department of Defence and the US company for almost $5 million (CHF 4.28 ” reported the SwissInfo website.

Hacking 144

Hacking Ransomware Data breaches Manufacturing 144

Webroot

JANUARY 7, 2022

The cybercrime marketplace also continued to get more robust while the barrier to entry for malicious actors continued to drop. This has created a perfect breeding ground for aspiring cybercriminals and organized cybercrime groups that support newcomers with venture capitalist-style funding. “As Consumers also remain at risk.

Cybercrime 116

Cybercrime Ransomware Phishing Cryptocurrency 116

Malwarebytes

MAY 24, 2023

Entry for Rheinmetall on BlackBasta leak site Rheinmetall’s main activities are in the automobile industry and weapons manufacturing, and it descibes itself as one of the world’s largest manufacturers of military vehicles and ammunition. After the data is copied, the ransomware encrypts files and gives them the ".basta"

Ransomware 96

Ransomware Backups Manufacturing Encryption 96

Security Affairs

MAY 16, 2023

French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack. The French electronics manufacturer Lacroix Group shut down three facilities in France, Germany, and Tunisia in response to a cyber attack. ” reported Yahoo Finance.

Manufacturing 98

Manufacturing Ransomware Cyber Attacks Backups 98

Security Affairs

AUGUST 21, 2021

.” The victims of the Lockfile ransomware gang are in the manufacturing, financial services, engineering, legal, business services, and travel and tourism sectors. Once encrypted the files, the ransomware will append the .lockfile lockfile extension to the encrypted file’s names.

Ransomware 143

Ransomware Hacking Financial Services Encryption 143

Security Affairs

OCTOBER 27, 2022

DEV-0950 group used Clop ransomware to encrypt the network of organizations previously infected with the Raspberry Robin worm. The experts noticed that threat actors tracked as DEV-0950 used Clop ransomware to encrypt the network of organizations previously infected with the worm.

Ransomware 109

Ransomware Malware Data collection Encryption 109