Remove 2024 Remove Education Remove Manufacturing
article thumbnail

China’s Volt Typhoon botnet has re-emerged

Security Affairs

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

article thumbnail

The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector

Security Affairs

The threat actor has been active since July 2022, it was observed targeting organizations in the education, healthcare, IT, and manufacturing sectors. Microsoft observed the financially motivated threat actor tracked as Vanilla Tempest using INC ransomware for the first time to target the healthcare sector in the United States.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

Return here for more information at: 11:30 GMT on Tuesday 20th Feb” The Operation Cronos operation is still ongoing and NCA’s announced that more information will be published tomorrow, February 20, 2024. “The site is now under the control of law enforcement.

article thumbnail

Port of Seattle confirmed that Rhysida ransomware gang was behind the August attack

Security Affairs

— Port of Seattle – (@PortofSeattle) August 24, 2024 Passengers were recommended to check with their airlines for the latest information for their flights. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors.

article thumbnail

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

Security Affairs

China-linked APT Volt Typhoon exploited a zero-day vulnerability, tracked as CVE-2024-39717 , in Versa Director, to deploy a custom webshell on breached networks. Versa Director servers between June 12 and mid-July 2024. ISP on June 12, 2024. Black Lotus Labs detected unusual traffic indicating the exploitation of several U.S.

article thumbnail

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Security Affairs

” said Bryan Vorndran, the Assistant Director at the FBI Cyber Division, during the 2024 Boston Conference on Cyber Security. This call to action comes after law enforcement took down LockBit’s infrastructure in February 2024 in an international operation dubbed “ Operation Cronos.” continues the NCA.

article thumbnail

Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware

Security Affairs

pic.twitter.com/542Wl9QIgw — Dominic Alvieri (@AlvieriD) August 7, 2024 It isn’t the first time that the Rhysida Ransomware group targeted a hospital. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors.