Cybercrime, Manufacturing and VPN - Cyber Security Informer

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

A cyberattack on the Virginia Attorney Generals Office forced officials to shut down IT systems, including email and VPN, and revert to paper filings. The group has extended its operations to countries in Asia and targets various sectors, including healthcare, real estate, construction, IT, food, and manufacturing.”

Ransomware

Ransomware Hacking Social Engineering VPN

Why you need to trust your VPN: Lock and Code S02E05

Malwarebytes

MARCH 29, 2021

In addition, we speak to Malwarebytes senior security researcher JP Taggart about the importance of trusting your VPN. But obscuring your Internet activity—including the websites you visit, the searches you make, the files you download—doesn’t mean that a VPN magically disappears those things. Source: ComputerWeekly).

VPN

VPN Internet Internet Manufacturing

Who’s Behind the GandCrab Ransomware?

Krebs on Security

JULY 8, 2019

“In one year, people who worked with us have earned over US $2 billion,” read the farewell post by the eponymous GandCrab identity on the cybercrime forum Exploit[.]in That email address and nickname had been used since 2009 to register multiple identities on more than a half dozen cybercrime forums. Vpn-service[.]us

Ransomware

Ransomware Accountability Cybercrime Passwords

New RedLine malware version distributed as fake Omicron stat counter

Security Affairs

JANUARY 12, 2022

The RedLine malware allows operators to steal several information, including credentials, credit card data, cookies, autocomplete information stored in browsers, cryptocurrency wallets, credentials stored in VPN clients and FTP clients. The malicious code can also act as a first-stage malware. Pierluigi Paganini.

Malware

Malware Manufacturing Cryptocurrency Cybercrime

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

This email address is also connected to accounts on several Russian cybercrime forums, including “ __edman__ ,” who had a history of selling “logs” — large amounts of data stolen from many bot-infected computers — as well as giving away access to hacked Internet of Things (IoT) devices.

Scams

Scams DDOS Cryptocurrency Accountability

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

The Iranian hacker group has been attacking corporate VPNs over the past months, they have been hacking VPN servers to plant backdoors in companies around the world targeting Pulse Secure , Fortinet , Palo Alto Networks , and Citrix VPNs. ” reads the report published by Crowdstrike.

Hacking

Hacking VPN Advertising Government

Security Affairs newsletter Round 377

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4

Spyware

Spyware Manufacturing Small Business Surveillance

Avaddon ransomware campaign prompts warnings from FBI, ACSC

Malwarebytes

MAY 11, 2021

Both the Australian Cyber Security Centre (ACSC) and the US Federal Bureau of Investigation (FBI) have issued warnings about an ongoing cybercrime campaign that is using Avaddon ransomware. In a separate advisory (pdf) , the ACSC says it is also aware of an ongoing ransomware campaign using the Avaddon Ransomware malware. Additional threats.

Ransomware

Ransomware VPN Encryption Cybercrime

French authorities arrested a Russian national for his role in the Hive ransomware operation

Security Affairs

DECEMBER 14, 2023

anti-cybercrime (Ofac).” The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware Cryptocurrency Cybercrime VPN

Rhysida ransomware gang claimed China Energy hack

Security Affairs

NOVEMBER 25, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The group relied on compromised credentials to authenticate to internal VPN access points.

Ransomware

Ransomware Hacking Engineering Manufacturing

Security Affairs newsletter Round 326

Security Affairs

AUGUST 8, 2021

Ivanti fixed a critical code execution issue in Pulse Connect Secure VPN RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna VMware addresses critical flaws in its products CVE-2021-20090 actively exploited to target millions of IoT devices worldwide RansomEXX ransomware hit computer manufacturer and distributor GIGABYTE.

VPN

VPN Ransomware Manufacturing IoT

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

NOVEMBER 29, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The group relied on compromised credentials to authenticate to internal VPN access points.

Ransomware

Ransomware Hacking Manufacturing Healthcare

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

Security Affairs

MARCH 21, 2023

Cryptocurrency ATM manufacturers General Bytes suffered a security incident that resulted in the theft of $1.5M GENERAL BYTES is the world’s largest Bitcoin, Blockchain, and Cryptocurrency ATM manufacturer. “Please keep your CAS behind a firewall and VPN. Terminals should also connect to CAS via VPN.

Cryptocurrency

Cryptocurrency VPN Manufacturing Firewall

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The group relied on compromised credentials to authenticate to internal VPN access points.

Ransomware

Ransomware Hacking Manufacturing Healthcare

Security Affairs newsletter Round 421 by Pierluigi Paganini – International edition

Security Affairs

MAY 27, 2023

New Buhti ransomware operation uses rebranded LockBit and Babuk payloads New PowerExchange Backdoor linked to an Iranian APT group Dark Frost Botnet targets the gaming sector with powerful DDoS New CosmicEnergy ICS malware threatens energy grid assets D-Link fixes two critical flaws in D-View 8 network management suite Zyxel firewall and VPN devices (..)

Cybercrime

Cybercrime Ransomware Malware Hacking

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

Security Affairs

AUGUST 8, 2024

The BlackSuit ransomware has targeted various critical infrastructure sectors, including commercial facilities, healthcare, government, and manufacturing. of incidents), exploiting vulnerabilities in public-facing applications and using initial access provided by access brokers and harvesting VPN credentials from stealer logs.

Ransomware

Ransomware VPN Manufacturing Healthcare

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

Security Affairs

MAY 24, 2024

For instance, suppose firewall manufacturer ACME Inc. For instance, suppose firewall manufacturer ACME Inc. While this service facilitates the setup of VPN systems in the absence of a static IP, it inadvertently encourages the exposure of the appliance’s administrative interface to the Internet.

DNS

DNS Manufacturing Firewall Internet

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The group relied on compromised credentials to authenticate to internal VPN access points.

Ransomware

Ransomware Manufacturing Healthcare Education

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Security Affairs

DECEMBER 16, 2021

of all systems targeted by the PseudoManuscrypt malware are part of industrial control systems (ICS) used by organizations in multiple industries, including Engineering, Building Automation, Energy, Manufacturing, Construction, Utilities, and Water Management. The experts revealed that at least 7.2%

Spyware

Spyware Energy and Utilities Malware Engineering

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Telecommunications Technology Government

Rhysida ransomware gang is auctioning data stolen from the British Library

Security Affairs

NOVEMBER 20, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The group relied on compromised credentials to authenticate to internal VPN access points.

Ransomware

Ransomware Cyber Attacks Technology Manufacturing

Spyware in the IoT – the Biggest Privacy Threat This Year

SiteLock

AUGUST 27, 2021

The consequences of which are not only born by companies who are the primary targets of cybercrime. To help avoid these online risks, it is highly recommended to use a Virtual Private Network (VPN). VPNs are the baseline cybersecurity tool to safeguard internet-enabled devices and a home network. Update, Update, Update.

IoT

IoT Spyware VPN Passwords

Interpol warns that crooks are increasingly targeting hospitals

Security Affairs

APRIL 7, 2020

According to experts from Group-IB, Russian-speaking threat actors targeted at least two companies in Western Europe in the pharmaceutical and manufacturing industries. A few days ago, Microsoft warned dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online.

Healthcare

Healthcare Ransomware Backups Advertising

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Security Affairs

MARCH 8, 2022

. “As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors,” reads the FBI’s flash alert.

Ransomware

Ransomware Financial Services Passwords VPN

BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085

Security Affairs

AUGUST 28, 2024

During a recent investigation, Talos IR observed that the threat actor gained initial access to the victim’s organization using valid credentials to log into their VPN. ” The BlackByte’s victimology shows that over 32 percent of known victims are in the manufacturing industry vertical.

Ransomware

Ransomware Authentication Encryption VPN

Researchers released a free decryption tool for the Rhysida Ransomware

Security Affairs

FEBRUARY 12, 2024

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The group relied on compromised credentials to authenticate to internal VPN access points.

Ransomware

Ransomware Encryption VPN Manufacturing

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. Consider installing and using a VPN.

Ransomware

Ransomware DDOS Passwords Backups

2023: A Year of Record-Breaking Data Breaches

Identity IQ

DECEMBER 20, 2023

The methods used by cybercriminals in 2023 varied with cyberattacks, physical attacks, and system errors targeting everything from critical infrastructure to manufacturing to healthcare databases. This signals a new era of cybercrime where private data becomes prized currency, putting every email address and credit card number at risk.

Data breaches

Data breaches Identity Theft Cybercrime Social Engineering

Hive Ransomware Tor leak site apparently seized by law enforcement

Security Affairs

JANUARY 26, 2023

The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware VPN Manufacturing Healthcare

Hive Ransomware extorted over $100M in ransom payments from over 1,300 companies

Security Affairs

NOVEMBER 18, 2022

The authorities reported that from June 2021 through at least November 2022, threat actors employed the Hive ransomware in attacks aimed at a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware VPN Manufacturing Healthcare

Cyber Best Practices for Overseas Asset Security

SecureWorld News

OCTOBER 22, 2023

If you are already familiar with the evolving cyber threat landscape in your home country, you’ll know that humans are often the most exploited attack vector for cybercrime, and how frequently small businesses are breached. So, how exactly are these challenges exacerbated when moving your operations beyond borders?

Penetration Testing

Penetration Testing Risk Cyber threats Marketing

Understanding CVSS: Applications of The Common Vulnerability Scoring System

CyberSecurity Insiders

AUGUST 13, 2022

Vulnerability threat management is critical because cybercrime is a constant and global risk. While developers should test their products, assess for vulnerabilities, and fix them before release, end users should also have a robust plan for vulnerability threat management to protect themselves from the damaging repercussions of cybercrime.

Software

Software Risk Cybercrime Small Business

Top Cyber Attacker Techniques, August–October 2024

Digital Shadows

NOVEMBER 26, 2024

The US, manufacturing sector, and professional, scientific, and technical services (PSTS) sector are primary targets amidst an overall increase in ransomware attacks. Despite a slowdown in “LockBit” ransomware activity due to law enforcement actions and a loss of affiliate trust, it remains a key player.

Cyber Attacks

Cyber Attacks Phishing Ransomware Cyber Insurance

Ransomware world in 2021: who, how and why

SecureList

MAY 12, 2021

Hackers who are on the lookout for publicly disclosed vulnerabilities (1-days) in internet facing software, such as VPN appliances or email gateways. There is, of course, a documented porosity between the ransomware ecosystem and other cybercrime domains such as carding or point-of-sale (PoS) hacking. Access sellers.

Ransomware

Ransomware Encryption Malware Cybercrime

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

Key Points In October 2024, ReliaQuest responded to an intrusion affecting a manufacturing sector customer. In October 2024, ReliaQuest investigated an intrusion for a customer in the manufacturing sector. Exploiting VPN and ESXi for Undercover Operations At this stage of the attack, visibility was lost as unmanaged devices were used.

Social Engineering

Social Engineering Engineering Accountability Backups

7 Ransomware Predictions for 2025: From AI Threats to New Strategies

Security Boulevard

JANUARY 29, 2025

The ThreatLabz 2024 Ransomware Report revealed that the energy sector saw a 500% year-over-year spike in ransomware, while manufacturing, healthcare, and education were among the top 5 most targeted industriestrends that we expect will persist in the year ahead.

Ransomware

Ransomware Social Engineering Architecture Risk

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

Key Points In October 2024, ReliaQuest responded to an intrusion affecting a manufacturing sector customer. In October 2024, ReliaQuest investigated an intrusion for a customer in the manufacturing sector. Exploiting VPN and ESXi for Undercover Operations At this stage of the attack, visibility was lost as unmanaged devices were used.

Social Engineering

Social Engineering Engineering Accountability Backups

Top Cyber Attacker Techniques, August–October 2024

Digital Shadows

NOVEMBER 26, 2024

The US, manufacturing sector, and professional, scientific, and technical services (PSTS) sector are primary targets amidst an overall increase in ransomware attacks. Despite a slowdown in “LockBit” ransomware activity due to law enforcement actions and a loss of affiliate trust, it remains a key player.

Cyber Attacks

Cyber Attacks Phishing Ransomware Cyber Insurance

APT trends report Q3 2023

SecureList

OCTOBER 17, 2023

The group’s campaigns target governments, military entities, utilities, financial institutions, manufacturing companies and defense contractors worldwide. These variants go beyond Ligolo’s standard functionality and attempt to emulate VPN solutions from Cisco and Palo Alto.

Malware

Malware Government VPN Manufacturing

Group-IB Hi-Tech Crime Trends 2020/2021 report

Security Affairs

NOVEMBER 25, 2020

In the report, the company examines key shifts in the cybercrime world internationally between H2 2019 and H1 2020 and gives forecasts for the coming year. The past year — a harrowing period for the world economy — culminated in the spike of cybercrime. The most severe financial damage has occurred as a result of ransomware activity.

Banking

Banking Ransomware Phishing Marketing

APT trends report Q1 2021

SecureList

APRIL 27, 2021

We investigated a long-running espionage campaign, dubbed A41APT, targeting multiple industries, including the Japanese manufacturing industry and its overseas bases, which has been active since March 2019. We attribute this activity to APT10 with high confidence.

Malware

Malware Government Spyware Social Engineering

Leaked Black Basta chat logs reveal the gang’s operations

Security Affairs

FEBRUARY 24, 2025

Researchers found they prioritized VPN exploits and maintained a shared victim spreadsheet. Most of the victims are in the manufacturing, engineering and construction, and retail sectors. This leak closely resembles the previous Conti leaks.” One member was identified as a 17-year-old. One member is a 17-year-old.

Social Engineering

Social Engineering Ransomware Scams Engineering

Cloak ransomware group hacked the Virginia Attorney General’s Office

Why you need to trust your VPN: Lock and Code S02E05

Trending Sources

Who’s Behind the GandCrab Ransomware?

New RedLine malware version distributed as fake Omicron stat counter

Interview With a Crypto Scam Investment Spammer

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs newsletter Round 377

Avaddon ransomware campaign prompts warnings from FBI, ACSC

French authorities arrested a Russian national for his role in the Hive ransomware operation

Rhysida ransomware gang claimed China Energy hack

Security Affairs newsletter Round 326

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs newsletter Round 421 by Pierluigi Paganini – International edition

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

FBI and CISA warn of attacks by Rhysida ransomware gang

PseudoManuscrypt, a mysterious massive cyber espionage campaign

FBI chief says China is preparing to attack US critical infrastructure

Rhysida ransomware gang is auctioning data stolen from the British Library

Spyware in the IoT – the Biggest Privacy Threat This Year

Interpol warns that crooks are increasingly targeting hospitals

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085

Researchers released a free decryption tool for the Rhysida Ransomware

Avoslocker ransomware gang targets US critical infrastructure

2023: A Year of Record-Breaking Data Breaches

Hive Ransomware Tor leak site apparently seized by law enforcement

Hive Ransomware extorted over $100M in ransom payments from over 1,300 companies

Cyber Best Practices for Overseas Asset Security

Understanding CVSS: Applications of The Common Vulnerability Scoring System

Top Cyber Attacker Techniques, August–October 2024

Ransomware world in 2021: who, how and why

Scattered Spider x RansomHub: A New Partnership

7 Ransomware Predictions for 2025: From AI Threats to New Strategies

Scattered Spider x RansomHub: A New Partnership

Top Cyber Attacker Techniques, August–October 2024

APT trends report Q3 2023

Group-IB Hi-Tech Crime Trends 2020/2021 report

APT trends report Q1 2021

Leaked Black Basta chat logs reveal the gang’s operations

Stay Connected