Remove Document Remove Libraries Remove Manufacturing
article thumbnail

FIN7 targeted a large U.S. carmaker phishing attacks

Security Affairs

In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. carmaker with spear-phishing attacks. OpenSSH is also used for external access.

Phishing 329
article thumbnail

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

GossiTheDog @SOSIntel @UK_Daniel_Card @LisaForteUK pic.twitter.com/L7A3XNNxU7 — Dominic Alvieri (@AlvieriD) November 29, 2023 The group published images of stolen documents as proof of the hack. King Edward VII’s Hospital in London has been breached by Rhysida Ransomware. “Unique files are presented to your attention!

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. The group also claimed the hack of the British Library and China Energy Engineering Corporation. Rhysida has allegedly breached more critical infrastructure. reads the joint advisory.

article thumbnail

New Cyber Operation Targets Italy: Digging Into the Netwire Attack Chain

Security Affairs

During our Cyber Threat Intelligence monitoring we spotted a particular Office document weaponized to deliver such kind of malicious tool, uncovering a hidden malicious campaign designed to target Italian speaking victims. Once opened, the Excel document looks like a document with some dynamic elements but hasn’t some clickable buttons.

article thumbnail

Decommissioned medical infusion pumps sold on secondary market could reveal Wi-Fi configuration settings

Security Affairs

The researchers analysed 13 infusion pumps that despite being no longer manufactured are still working in numerous medical organizations worldwide. The researchers pointed out that they haven’t found online documented data purge processes for device decommissioning. ” continues the analysis.

Marketing 246
article thumbnail

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

Security Affairs

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One FBI warns of dual ransomware attacks Progress Software fixed two critical severity flaws in WS_FTP Server Child abuse site taken down, organized child exploitation crime suspected – exclusive A still unpatched zero-day RCE impacts more than 3.5M

article thumbnail

Raspberry Robin operators are selling initial access to compromised enterprise networks to ransomware gangs

Security Affairs

The malware was first spotted in September 2021, the experts observed Raspberry Robin targeting organizations in the technology and manufacturing industries. Initial access is typically through infected removable drives, often USB devices. Then msiexec.exe launches a legitimate Windows utility, fodhelper.exe, which in turn run rundll32.exe