article thumbnail

The Dangerous Weak Link in the US Food Chain

WIRED Threat Level

Without an information sharing and analysis center, the country’s food and agriculture sector is uniquely vulnerable to hackers.

article thumbnail

Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware

Security Affairs

In March, the threat actors hit a South American agricultural organization. ” reads the analysis published by Talos. Talos believes that NineRAT was built around May 2022, but was first spotted on March 2023 as part of Operation Blacksmith.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

San Francisco 49ers NFL team discloses BlackByte ransomware attack

Security Affairs

The analysis of the ransomware revealed that it was developed to avoid infecting systems that primarily use Russian or related languages. The experts spotted the BlackByte ransomware while investigating a recent malware incident. ” reads the advisory. ” Follow me on Twitter: @securityaffairs and Facebook.

article thumbnail

Hunting the ICEFOG APT group after years of silence

Security Affairs

This week, Chi-en (Ashley) Shen presented at the CONFidence cybersecurity conference held in Poland her analysis on new samples of malware associated with the ICEFOG group. Below the conclusions of the excellent analysis conducted by Shen: ICEFOG is malware shared among Roaming Tiger, APT15, Temp Group A and suspected APT9.

article thumbnail

DoppelPaymer, a fork of BitPaymer Ransomware, appeared in the threat landscape

Security Affairs

This new variant was behind a series of ransomware campaigns beginning in June 2019, including attacks against the City of Edcouch, Texas and the Chilean Ministry of Agriculture.” ” reads the analysis published by CrowdStrike. ” continues the analysis.

article thumbnail

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

The operation targeted many organizations in critical infrastructure sectors, including financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation. organizations since 2020.

article thumbnail

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

Security Affairs

A deeper analysis revealed that the threat actor CloudWizard has been linked to an activity cluster that dates back to May 2016 that was tracked by ESET researchers as Operation Groundbait. Further analysis revealed that the actor behind the above operations has been active since at least 2008. ” We are in the final!