Remove Energy and Utilities Remove Manufacturing Remove Tools
article thumbnail

Coronavirus-themed campaign targets energy sector with PoetRAT

Security Affairs

Threat actors employed the previously-undetected PoetRAT Trojan in a Coronavirus-themed campaign aimed at government and energy sectors. . The malware infected ICS and SCADA systems used to control the wind turbines within the renewable energy sector. ” reads the analysis published by Cisco Talos. ” continues the analysis.

article thumbnail

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

Since January 2020, affiliates utilizing LockBit have targeted organizations of diverse sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation. on January 5, 2020.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

A new piece of Snake Ransomware targets ICS processes

Security Affairs

Like other ransomware, upon execution Snake will remove the computer’s Shadow Volume Copies, it also kills numerous processes related to SCADA systems, virtual machines, industrial control systems, remote management tools, network management software, and more. a file named invoice.doc is encrypted and renamed like invoice.docIksrt.

article thumbnail

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The group also relies on customized versions of open-source tools for C2 communications and to stay under the radar.

article thumbnail

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

LockBit had a bespoke data exfiltration tool, known as Stealbit, which was used by affiliates to steal victim data. The LockBit ransomware operation operated under a Ransomware-as-a-Service (RaaS) model, recruiting affiliates to carry out ransomware attacks through the utilization of LockBit ransomware tools and infrastructure.

article thumbnail

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Security Affairs

LockBit had a bespoke data exfiltration tool, known as Stealbit, which was used by affiliates to steal victim data. The LockBit ransomware operation operated under a Ransomware-as-a-Service (RaaS) model, recruiting affiliates to carry out ransomware attacks through the utilization of LockBit ransomware tools and infrastructure.

article thumbnail

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The group also relies on customized versions of open-source tools for C2 communications and to stay under the radar.