2022, Education and Manufacturing - Information Management Today

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

e-Discovery

e-Discovery Communications Ransomware Government

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

Security Affairs

FEBRUARY 11, 2022

FritzFrog P2P botnet is back and is targeting servers belonging to entities in the healthcare, education, and government sectors. The bot is written in Golang and implements wormable capabilities, experts reported attacks against entities in the government, education, and finance sectors. ” reads the report published by Akamai.

Education

Education Government Libraries Mining

The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector

Security Affairs

SEPTEMBER 20, 2024

The threat actor has been active since July 2022, it was observed targeting organizations in the education, healthcare, IT, and manufacturing sectors. Microsoft observed the financially motivated threat actor tracked as Vanilla Tempest using INC ransomware for the first time to target the healthcare sector in the United States.

Ransomware

Ransomware Manufacturing Education IT

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Microsoft seized 41 domains used by Iran-linked Bohrium APT

Security Affairs

JUNE 6, 2022

The IT giant has seized the domains used by the threat actors employed in its attacks aimed at organizations in tech, transportation, government, and education sectors located in the U.S., The court filings can be found here: [link] — Amy Hogan-Burney (@CyberAmyHB) June 2, 2022. Middle East, and India.

Phishing

Phishing Manufacturing Education Cybersecurity

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. The experts tracked the cluster as CL-STA-0046, the malicious activity spanned over six months between 2022-2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government.

Government

Government Manufacturing Education Access

China-linked APT Volt Typhoon linked to KV-Botnet

Security Affairs

DECEMBER 13, 2023

The botnet is comprised of two complementary activity clusters, the experts believe it has been active since at least February 2022. In early July and August of 2022, the researchers noticed several Cisco RV320s , DrayTek Vigor routers , and NETGEAR ProSAFEs that were part of the botnet.

Communications

Communications Manufacturing Education Government

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. Lockbit ransomware group administrative staff has confirmed with us their websites have been seized. According to a joint report published by US authorities and international peers, the total of U.S. on January 5, 2020.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Security Affairs

APRIL 5, 2023

A series of vulnerabilities in multiple smart devices manufactured by Nexx can be exploited to remotely open garage doors, and take control of alarms and plugs. Below is a video demo published by the researcher that shows how to exploit the flaw CVE-2023–1748 to obtain users’ info.

Manufacturing

Manufacturing Cybersecurity Education Authentication

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Communications Military Access

Money Message ransomware group claims to have hacked IT giant MSI

Security Affairs

APRIL 6, 2023

Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards for customers in the United States, Canada, and internationally. Ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). MSI is headquartered in Taipei, Taiwan.

Ransomware

Ransomware IT Manufacturing Education

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

Help us #StopRansomware by visiting [link] pic.twitter.com/G5jpxtB0Fw — Cybersecurity and Infrastructure Security Agency (@CISAgov) June 14, 2023 The LockBit ransomware operation was the most active in 2022 and according to the researchers it is one of the most prolific RaaS in 2023. law enforcement).

Ransomware

Ransomware Cybersecurity Agriculture Education

The source code of Zeppelin Ransomware sold on a hacking forum

Security Affairs

JANUARY 5, 2024

The ransomware was involved in attacks aimed at technology and healthcare, defense contractors, educational institutions, manufacturers, companies across Europe, the United States, and Canada. reads the joint advisory.

Ransomware

Ransomware Sales Encryption Cybersecurity

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

“As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” Since September 2022, Moobot botnet was spotted targeting vulnerable D-Link routers. ” reads the joint report.

Energy and Utilities

Energy and Utilities Military Government Phishing

A Russian national charged for committing LockBit Ransomware attacks

Security Affairs

JUNE 16, 2023

In November 2022, the U.S. On or about May 27, 2022, the man and his Hive coconspirators allegedly hit a nonprofit behavioral healthcare organization in New Jersey. The LockBit ransomware operation was the most active in 2022 and according to the researchers it is one of the most prolific RaaS in 2023. law enforcement).

Ransomware

Ransomware Agriculture Education Government

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Security Affairs

JUNE 6, 2024

According to the UK agency, data retrieved from the systems belonging to the ransomware gang revealed that from June 2022 to February 2024, the criminals gave orchestrated over 7,000 attacks. In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. continues the NCA. on January 5, 2020.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Encryption

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Security Affairs

APRIL 9, 2023

manufacturers on behalf of Russian end-users, including defense contractors and other Russian government agencies. electronics manufacturers and distributors between approximately October 2012 and January 2022. Most of these items would have been unavailable to Russian end-users if ordered directly for shipment to Russia.”

Computer and Electronics

Computer and Electronics Military Manufacturing Government

NCR was the victim of BlackCat/ALPHV ransomware gang

Security Affairs

APRIL 16, 2023

It manufactures self-service kiosks, point-of-sale terminals, automated teller machines, check processing systems, and barcode scanners. Mandiant researchers first observed this affiliate targeting Veritas issues in the wild on October 22, 2022. the fashion giant Moncler and the Swissport.

Ransomware

Ransomware Sales Manufacturing Cybersecurity

Volvo retailer leaks sensitive files

Security Affairs

APRIL 15, 2023

The Brazilian retail arm of car manufacturing giant Volvo leaked sensitive files, putting its clientele in the vast South American country in peril. Other research by Cybernews has revealed that BMW , a German luxury vehicle manufacturer producing around 2.5 The issue causing the leak has been fixed.

Retail

Retail Manufacturing Communications Passwords

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. Today, additional criminal charges against Kondratyev were unsealed in the Northern District of California related to his deployment in 2020 of ransomware against a victim located in California.” reads the press release published by DoJ.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

MSI confirms security breach after Money Message ransomware attack

Security Affairs

APRIL 7, 2023

Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards for customers in the United States, Canada, and internationally. This week the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International).

Ransomware

Ransomware Security Manufacturing Cybersecurity

New Linux Ransomware BlackSuit is similar to Royal ransomware

Security Affairs

JUNE 3, 2023

Royal ransomware is one of the most notable ransomware families of 2022, it made the headlines in early May 2023 with the attack against the IT systems in Dallas, Texas. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars.

Ransomware

Ransomware Encryption File names Cybersecurity

The U.S. CISA and FBI warn of Royal ransomware operation

Security Affairs

MARCH 3, 2023

The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars. In December 2022, the US Department of Health and Human Services (HHS) warned healthcare organizations of Royal ransomware attacks. ” reads the alert. ” continues the alert.

Ransomware

Ransomware Encryption Cybersecurity Communications

Siemens Metaverse exposes sensitive corporate data

Security Affairs

APRIL 15, 2023

In 2022, it partnered with NVidia, an American multinational technology company, to build the industrial metaverse. Having access, they could exfiltrate a treasure trove of sensitive data, given that Siemens manufactures and maintains a lot of technologies and machines used by critical infrastructure.”

IoT

IoT Manufacturing Authentication Ransomware

City of Dallas shut down IT services after ransomware attack

Security Affairs

MAY 4, 2023

The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars. MILES/CBS NEWS TEXAS The Royal ransomware group is behind the attack and threatens to publish stolen data if the City will not meet its ransom demand. reads the alert.

Ransomware

Ransomware IT Encryption Education

3CX Supply chain attack allowed targeting cryptocurrency companies

Security Affairs

APRIL 4, 2023

SentinelOne is tracking the malicious activity as SmoothOperator, the company speculates that the threat actor behind the attack has set up its infrastructure starting as early as February 2022. The company started distributing digitally signed Trojanized installers to its customers. ” concludes Kaspersky.

Manufacturing

Manufacturing Cybersecurity Education Security

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. Today, additional criminal charges against Kondratyev were unsealed in the Northern District of California related to his deployment in 2020 of ransomware against a victim located in California.” on January 5, 2020.

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

KmsdBot is an evasive Golang-based malware that was first detected by Akamai in November 2022, it infects systems via an SSH connection that uses weak login credentials. The malicious code was used in attacks targeting multiple sectors including the gaming industry, technology industry, and luxury car manufacturers.

IoT

IoT Mining Manufacturing Education

Hyundai suffered a data breach that impacted customers in France and Italy

Security Affairs

APRIL 12, 2023

In December 2019, German media reported that hackers suspected to be members of the Vietnam-linked APT Ocean Lotus ( APT32 ) group breached the networks of the car manufacturers BMW and Hyundai. The intrusion aimed at stealing automotive trade secrets.

Data breaches

Data breaches Manufacturing Cybersecurity Education

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs

MAY 25, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Communications

Communications Manufacturing Access Archiving

Researchers Quietly Cracked Zeppelin Ransomware Keys

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin.

Ransomware

Ransomware Encryption Manufacturing Phishing

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars. The Dallas City Council has approved a budget of $8.5 million to mitigate the ransomware attack. million to mitigate the May Royal ransomware attack appeared first on Security Affairs.

Ransomware

Ransomware Encryption Systems administration Cybersecurity

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

The Last Watchdog

NOVEMBER 12, 2023

This is precisely what the consortium of software companies and device manufacturers, led Google, Amazon and Apple, set out to achieve when Matter was conceived four years ago. Following a successful debut in November 2022, Matter is picking up steam, Nelson told me. Consumer awareness is growing and evolving.

Security

Security Manufacturing Authentication Marketing

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

Security Affairs

JANUARY 17, 2025

The Secure Boot mechanism allows the execution of only software that is trusted by the Original Equipment Manufacturer (OEM). Computer Education System Inc., ESET experts discovered the vulnerability in a UEFI application signed by MicrosoftsMicrosoft Corporation UEFI CA 2011third-party UEFI certificate. SANFONG Inc.,

Security

Security Manufacturing Education IT

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

10, 2022, the relatively new cybercrime forum Breached featured a bombshell new sales thread: The user database for InfraGard, including names and contact information for tens of thousands of InfraGard members.

Energy and Utilities

Energy and Utilities Sales Communications Data breaches

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

2022 will go down as the year where some semblance of normality returned. In total, we have so far reported more than 1,000 data breaches in 2022, with almost half a billion breached records. Google , Clearview AI , and Meta all receives hefty penalties in 2022, demonstrating the continued important of effective information security.

Security

Security Data breaches Ransomware Military

Hackers can hack organizations using data found on their discarded enterprise network equipment

Security Affairs

APRIL 24, 2023

This allowed ESET researchers to identify devices previously used in a data center/ cloud computing business (specifically, a router provisioning a university’s virtualized assets), a nationwide US law firm, manufacturing and tech companies, a creative firm, and a major Silicon Valleybased software developer, among others.”

Authentication

Authentication Marketing Cloud Manufacturing

Multinational ICICI Bank leaks passports and credit card numbers

Security Affairs

APRIL 20, 2023

In 2022, the ICICI Bank’s resources were named a “critical information infrastructure” by the Indian government – any harm to it can impact national security. Last year, with a total share of 18% of all cyberattacks, it was the second most targeted industry, following manufacturing.

Personal data

Personal data Phishing Risk Communications

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

IT Governance

MARCH 1, 2022

In the midst of all this, organisations across Europe have reported delays as a result of alleged state-sponsored attacks – including Toyota’s Japanese plants and a kettle manufacturer in the Isle of Man. Meanwhile, you can find the full list of cyber attacks and data breaches for February 2022 below. Cyber attacks. Ransomware.

Data breaches

Data breaches Ransomware Government Blockchain

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

e-Discovery

e-Discovery Communications Ransomware Government

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

Security Affairs

APRIL 26, 2023

” The German interior ministry is making a census of components manufactured by Chinese suppliers that are used by national network operators. . “We have not been informed about a risk related to an energy management component by any authority,” Patrick Berger, Huawei’s head of media affairs told POLITICO.

Government

Government Communications Risk Cybersecurity

The IoT Cybersecurity Act of 2020: Implications for Devices

eSecurity Planet

JANUARY 22, 2021

For any IoT device vendors currently contracted by the government, this is what we know so far from the National Institute of Standards and Technology (NIST): Required reading for IoT manufacturers: foundational guidelines about IoT vulnerabilities ( 8259 ) and a core baseline of necessary cybersecurity components ( 8259A ). Data protection.

IoT

IoT Cybersecurity Manufacturing Government

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

The Last Watchdog

JULY 13, 2023

Companies with an annual revenue of US$250,000 to US$999,999 report feeling less prepared to deal with cyber risks in 2023 (76%) than they did in 2022 (70%). Beazley manages seven Lloyd’s syndicates and, in 2022, underwrote gross premiums worldwide of $5,268.7m. About Beazley. Beazley plc (BEZ.L) Beazley plc (BEZ.L)

Risk

Risk Insurance Energy and Utilities Marketing

The Week in Cyber Security and Data Privacy: 27 November – 3 December 2023

IT Governance

DECEMBER 5, 2023

35 TB of data exfiltrated from Henry Schein, plus ALPHV/BlackCat re-encrypted the newly restored files As we first reported last month , the US healthcare solutions provider Henry Schein announced on 15 October that it had suffered a cyber attack that caused disruption to its manufacturing and distribution businesses.

Data Privacy

Data Privacy Privacy Manufacturing Security

GUEST ESSAY: Too many SMBs continue to pay ransomware crooks — exacerbating the problem

The Last Watchdog

FEBRUARY 20, 2023

One report showed ransomware attacks increased by 80 percent in 2022, with manufacturing being one of the most targeted industries. The Glenn County Office of Education in California suffered an attack limiting access to its own network. It’s best to stay away from paying out any funds in cryptocurrency or otherwise.

Ransomware

Ransomware Cleanup Education Manufacturing

China’s Volt Typhoon botnet has re-emerged

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

Webinars

Trending Sources

The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector

Webinars

Microsoft seized 41 domains used by Iran-linked Bohrium APT

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

China-linked APT Volt Typhoon linked to KV-Botnet

Operation Cronos: law enforcement disrupted the LockBit operation

Nexx bugs allow to open garage doors, and take control of alarms and plugs

FBI chief says China is preparing to attack US critical infrastructure

Money Message ransomware group claims to have hacked IT giant MSI

Cybersecurity agencies published a joint LockBit ransomware advisory

The source code of Zeppelin Ransomware sold on a hacking forum

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

A Russian national charged for committing LockBit Ransomware attacks

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

NCR was the victim of BlackCat/ALPHV ransomware gang

Volvo retailer leaks sensitive files

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

MSI confirms security breach after Money Message ransomware attack

New Linux Ransomware BlackSuit is similar to Royal ransomware

The U.S. CISA and FBI warn of Royal ransomware operation

Siemens Metaverse exposes sensitive corporate data

City of Dallas shut down IT services after ransomware attack

3CX Supply chain attack allowed targeting cryptocurrency companies

More details about Operation Cronos that disrupted Lockbit operation

Updated Kmsdx botnet targets IoT devices

Hyundai suffered a data breach that impacted customers in France and Italy

China-linked APT Volt Typhoon targets critical infrastructure organizations

Researchers Quietly Cracked Zeppelin Ransomware Keys

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

2022 Cyber Security Review of the Year

Hackers can hack organizations using data found on their discarded enterprise network equipment

Multinational ICICI Bank leaks passports and credit card numbers

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

China’s Volt Typhoon botnet has re-emerged

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

The IoT Cybersecurity Act of 2020: Implications for Devices

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

The Week in Cyber Security and Data Privacy: 27 November – 3 December 2023

GUEST ESSAY: Too many SMBs continue to pay ransomware crooks — exacerbating the problem

Stay Connected