Government, Manufacturing and Phishing - Information Management Today

Russian APT29 conducts phishing attacks through Microsoft Teams

Security Affairs

AUGUST 3, 2023

Russia-linked APT29 group targeted dozens of organizations and government agencies worldwide with Microsoft Teams phishing attacks. Microsoft Threat Intelligence reported that the cyberspies conducted highly targeted social engineering attacks using credential theft phishing lures sent as Microsoft Teams chat.

Phishing

Phishing Authentication Government Military

China-linked APT Curious Gorge targeted Russian govt agencies

Security Affairs

MAY 3, 2022

China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge , is targeting Russian government agencies.

Manufacturing

Manufacturing Phishing Passwords Military

Hackers target German Task Force for COVID-19 PPE procurement

Security Affairs

JUNE 9, 2020

Hackers are targeting executives of a German multinational corporation involved in the government supply of personal protective equipment (PPE) against COVID-19. Hackers are targeting executives of a German multinational corporation involved in the government supply of personal protective equipment (PPE).

Phishing

Phishing Healthcare Manufacturing Government

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Government Cybersecurity Military

New TA2101 threat actor poses as government agencies to distribute malware

Security Affairs

NOVEMBER 15, 2019

A new threat actor tracked as TA2101 is conducting malware campaigns using email to impersonate government agencies in the United States, Germany, and Italy. The phishing campaigns delivering malicious attachments were observed since the end of October. . Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Government

Government Ransomware Manufacturing Phishing

Spanish Banking Trojan Attacks Various Industry Verticals

Data Breach Today

AUGUST 20, 2022

Grandoreiro Banking Trojan Impersonates Mexican Government Officials Researchers uncovered a spear-phishing campaign targeting automotive and chemical manufacturers across the Spanish-speaking nations of Mexico and Spain.

Manufacturing

Manufacturing Phishing Government

Spanish-Language Trojan Targets Many Industry Verticals

Data Breach Today

AUGUST 22, 2022

Grandoreiro Banking Trojan Impersonates Mexican Government Officials Researchers uncovered a spear-phishing campaign targeting automotive and chemical manufacturers across the Spanish-speaking nations of Mexico and Spain.

Manufacturing

Manufacturing Phishing Government

Microsoft seized 41 domains used by Iran-linked Bohrium APT

Security Affairs

JUNE 6, 2022

Microsoft’s Digital Crimes Unit (DCU) announced the seizure of domains used by Iran-linked APT Bohrium in spear-phishing campaigns. Microsoft’s Digital Crimes Unit (DCU) announced to have taken legal action to disrupt a spear-phishing operation linked to Iran-linked APT Bohrium. Middle East, and India.

Phishing

Phishing Manufacturing Education Cybersecurity

Coronavirus-themed campaign targets energy sector with PoetRAT

Security Affairs

APRIL 18, 2020

Threat actors employed the previously-undetected PoetRAT Trojan in a Coronavirus-themed campaign aimed at government and energy sectors. . Attackers launched phishing attacks using weaponized Microsoft Word documents, experts identified three separate phishing attacks that used COVID19 as a lure.

Energy and Utilities

Energy and Utilities Archiving Phishing Government

Israel announced to have foiled an attempted cyber-attack on defence firms

Security Affairs

AUGUST 13, 2020

Israel ‘s defence ministry announced to have foiled an attempted cyber attack by a foreign threat actors group targeting the country’s defence manufacturers. The Israeli statement did not explicitly refer to the government of Pyongyang and did not provide details about the attack (the targeted companies, data of the attack).

Agriculture

Agriculture Manufacturing Phishing Government

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

Researchers from the US-based firm Cyble recently came across a post shared by an unknown threat actor that goes online with the moniker Spectre123, where he has allegedly leaked the sensitive documents of NATO and Havelsan (Turkish Military/defence manufacturer). ” reads the post published by Cyble.

Military

Military Manufacturing Phishing Government

Rhysida ransomware gang claimed China Energy hack

Security Affairs

NOVEMBER 25, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. According to the advisory, the threat actors have exploited Zerologon ( CVE-2020-1472 ) in Microsoft’s Netlogon Remote Protocol in phishing attempts.

Ransomware

Ransomware Manufacturing Education Libraries

FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks

Security Affairs

MAY 11, 2021

The Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) are warning of an ongoing Avaddon ransomware campaign targeting organizations worldwide in multiple industries, including government, finance, energy, manufacturing, and healthcare.

Ransomware

Ransomware Manufacturing Phishing Encryption

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

MAY 5, 2021

The group targeted the organization with phishing attacks aimed at spreading at least three new sophisticated malware strains. The phishing messages include links to a malicious website that serves the malware, experts pointed out that the emails had subject lines that were customized for each targeted organization.

Manufacturing

Manufacturing Phishing Military Retail

APT32 state hackers target human rights defenders with spyware

Security Affairs

FEBRUARY 24, 2021

“Amnesty Tech’s Security Lab found technical evidence in phishing emails sent to two prominent Vietnamese human rights defenders, one of whom lives in Germany, and a Vietnamese NGO based in the Philippines, showing that Ocean Lotus is responsible for the attacks between 2018 and November 2020.”

Phishing

Phishing Manufacturing Government Security

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

Security Affairs

AUGUST 8, 2024

The BlackSuit ransomware has targeted various critical infrastructure sectors, including commercial facilities, healthcare, government, and manufacturing. The BlackSuit actors gain initial access to victim networks through several methods, including Phishing campaigns, Remote Desktop Protocol (RDP) (Used in about 13.3%

Ransomware

Ransomware Communications Manufacturing Phishing

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Krebs on Security

APRIL 15, 2020

. “The group is also using its web of contacts in internet infrastructure providers to squash garden-variety phishing attacks and another financial crime that is using the fear of COVID-19 or the desire for information on it to trick regular internet users,” wrote Reuters’ Joe Menn. ” SURVIVING THE PANDEMIC. .

Cybersecurity

Cybersecurity Phishing Government Ransomware

Vietnam-linked APT32 group launches COVID-19-themed attacks against China

Security Affairs

APRIL 23, 2020

The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists. Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors.

Government

Government Phishing Manufacturing Cybersecurity

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

NOVEMBER 29, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. According to the advisory, the threat actors have exploited Zerologon ( CVE-2020-1472 ) in Microsoft’s Netlogon Remote Protocol in phishing attempts.

Ransomware

Ransomware Manufacturing Education Libraries

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. According to the advisory, the threat actors have exploited Zerologon ( CVE-2020-1472 ) in Microsoft’s Netlogon Remote Protocol in phishing attempts.

Ransomware

Ransomware Manufacturing Education Libraries

Balikbayan Foxes group spoofs Philippine gov to spread RATs

Security Affairs

NOVEMBER 1, 2021

Experts uncovered a new threat actor, tracked as Balikbayan Foxes, that is impersonating the Philippine government to spread malware. . The group focuses on Shipping/Logistics, Manufacturing, Business Services, Pharmaceutical, and Energy entities, among others. ” reads the analysis published by the experts. .

Healthcare

Healthcare Phishing Government Manufacturing

D-Link confirms data breach, but downplayed the impact

Security Affairs

OCTOBER 18, 2023

Taiwanese manufacturer D-Link confirmed a data breach after a threat actor offered for sale on BreachForums stolen data. The stolen data includes information for many Taiwanese government officials, as well as the CEOs and employees of the company. The threat actor is offering an archive of 1.2

Data breaches

Data breaches Sales Phishing Manufacturing

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Security Affairs

DECEMBER 7, 2021

APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing. ” reads the post published by Microsoft. Follow me on Twitter: @securityaffairs and Facebook.

Manufacturing

Manufacturing Phishing Government Security

Security Affairs newsletter Round 282

Security Affairs

SEPTEMBER 20, 2020

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Security

Security Ransomware Data breaches Manufacturing

The City of Durham shut down its network after Ryuk Ransomware attack

Security Affairs

MARCH 8, 2020

According to the local media, the City of Durham was hit with a phishing attack aimed at delivering the Ryuk Ransomware on the victims’ systems. The City of Durham, North Carolina was forced to shut down its network after its systems have been infected with the Ryuk Ransomware during the weekend.

Ransomware

Ransomware IT Computer and Electronics Mining

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Security Affairs

DECEMBER 11, 2020

The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists. Threat actors were contacting people of interest with romantic lures, they set up pages that were specifically designed to target followers with malware and phishing attacks.

Agriculture

Agriculture IT Retail Manufacturing

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. According to the advisory, the threat actors have been observed exploiting Zerologon ( CVE-2020-1472 ) in Microsoft’s Netlogon Remote Protocol in phishing attempts.

Ransomware

Ransomware Manufacturing Education Passwords

Kraken fileless attack technique abuses Microsoft Windows Error Reporting (WER)

Security Affairs

OCTOBER 7, 2020

The threat actor that employed the Kraken technique, likely an APT group, launched a phishing attack that used messages with a.ZIP file attachment. The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists.

Phishing

Phishing Manufacturing Archiving Security

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.” ” reads the flash alert.

Ransomware

Ransomware Manufacturing Access Phishing

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

“As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report. ” concludes the report.

Energy and Utilities

Energy and Utilities Military Government Phishing

Grandoreiro banking malware targets Mexico and Spain

Security Affairs

AUGUST 21, 2022

The campaign began in June 2022 and is still ongoing, the attacks hit organizations in multiple industries, such as Automotive, Chemicals Manufacturing, and others. ” reads the post published by Zscaler. ” reads the post published by Zscaler.

Archiving

Archiving Phishing Communications Manufacturing

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Security Affairs

DECEMBER 4, 2021

. “The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors.”

Ransomware

Ransomware Encryption Communications Manufacturing

State-Sponsored Phishing Campaigns Target 40,000 VIP Individuals

KnowBe4

JULY 5, 2024

Researchers at Menlo Security discovered three state-sponsored phishing campaigns that have targeted 40,000 important individuals over the past three months. “In The first campaign, “LegalQloud,” is impersonating Microsoft to target government workers and investment bankers in North America.

Phishing

Phishing Insurance Manufacturing Government

US DoJ indicts Chinese hackers over state-sponsored cyber espionage

Security Affairs

DECEMBER 21, 2018

The US Department of Justice charged two Chinese hackers for hacking numerous companies and government agencies in a dozen countries, US Indicts Two Chinese Government Hackers Over Global Hacking Campaign. Department of Energy’s Lawrence Berkeley National Laboratory. ” continues the DoJ’s Press release.

Computer and Electronics

Computer and Electronics Healthcare Manufacturing Government

China-linked APT40 used ScanBox Framework in a long-running espionage campaign

Security Affairs

AUGUST 31, 2022

Over the years, the group hit defence contractors, manufacturers, universities, government agencies, legal firms involved in diplomatic disputes, and foreign companies involved with Australasian policy or South China Sea operations. . ” read the report published by the experts. ” read the report published by the experts.

Energy and Utilities

Energy and Utilities Manufacturing Phishing Government

Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital

Security Affairs

SEPTEMBER 9, 2023

Instead of the dialogue, they decided to play tricks with us, they even tried to catch us with phishing. Ragnar Locker ransomware gang claims to have attempted to get in touch with the administration of the MYMC, but someone involved in the discussion with the crooks attempted to unmask them with phishing. Come on guys, seriously?

Ransomware

Ransomware Phishing Encryption Privacy

Group-IB detects a series of ransomware attacks by OldGremlin

Security Affairs

SEPTEMBER 23, 2020

Since March, the attackers have been trying to conduct multistage attacks on large corporate networks of medical labs, banks, manufacturers, and software developers in Russia. As the initial vector of their attacks, OldGremlin use spear phishing emails, to which the group adopted creative approach. Up-to-date phishing.

Ransomware

Ransomware Phishing Encryption Authentication

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

Malware, phishing, and web. Phishing is also one of the prominent threats relating to scams and fraudulent offers that arrive in users’ inboxes. Users could leave all the responsibility to governments and other institutions. The Flaws in Manufacturing Process. So, we believe that there needs to be a balance.

IoT

IoT Cybersecurity Passwords Manufacturing

Rhysida ransomware gang is auctioning data stolen from the British Library

Security Affairs

NOVEMBER 20, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. According to the advisory, the threat actors have been observed exploiting Zerologon ( CVE-2020-1472 ) in Microsoft’s Netlogon Remote Protocol in phishing attempts.

Libraries

Libraries Ransomware Manufacturing Education

APT29 is targeting Ministries of Foreign Affairs of NATO-aligned countries

Security Affairs

AUGUST 17, 2023

Russia-linked APT29 used the Zulip Chat App in attacks aimed at ministries of foreign affairs of NATO-aligned countries EclecticIQ researchers uncovered an ongoing spear-phishing campaign conducted by Russia-linked threat actors targeting Ministries of Foreign Affairs of NATO-aligned countries. ” concludes the report.

Phishing

Phishing Manufacturing Government Authentication

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

The hackers targeted organizations across multiple industries and have also hit foreign governments, dissidents, and journalists. Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors. ” Microsoft said.

Mining

Mining Manufacturing Government Phishing

Cyber mercenaries and insiders hired by Chinese intelligence to hack aerospace and tech firms

Security Affairs

OCTOBER 31, 2018

The turbofan engine was manufactured by a French aerospace company, which also had offices in the Jiangsu province with a U.S.-based “At the time of the intrusions, a Chinese state-owned aerospace company was working to develop a comparable engine for use in commercial aircraft manufactured in China and elsewhere.”

Manufacturing

Manufacturing Military Phishing Security

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

The Last Watchdog

MAY 1, 2019

Social engineering, especially phishing, continues to trigger the vast majority of breach attempts. Lucy’s’s software allows companies to easily set-up customizable mock attacks to test employees’ readiness to avoid phishing, ransomware and other attacks with a social engineering component. It is headquartered in Zurich, with a U.S

Phishing

Phishing Financial Services Manufacturing Education

APT40 cyberespionage group supporting growth of China’s naval sector

Security Affairs

MARCH 5, 2019

A cyber-espionage group, tracked as APT40, apparently linked to the Chinese government is focused on targeting countries important to the country’s Belt and Road Initiative. Jumper , and Leviathan ), apparently linked to the Chinese government, is focused on targeting countries important to the country’s Belt and Road Initiative (i.e.

Phishing

Phishing Passwords Government Manufacturing

Russian APT29 conducts phishing attacks through Microsoft Teams

China-linked APT Curious Gorge targeted Russian govt agencies

Webinars

Trending Sources

Hackers target German Task Force for COVID-19 PPE procurement

Webinars

US indicted 4 Russian government employees for attacks on critical infrastructure

New TA2101 threat actor poses as government agencies to distribute malware

Spanish Banking Trojan Attacks Various Industry Verticals

Spanish-Language Trojan Targets Many Industry Verticals

Microsoft seized 41 domains used by Iran-linked Bohrium APT

Coronavirus-themed campaign targets energy sector with PoetRAT

Israel announced to have foiled an attempted cyber-attack on defence firms

Researchers found alleged sensitive documents of NATO and Turkey

Rhysida ransomware gang claimed China Energy hack

FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

APT32 state hackers target human rights defenders with spyware

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Vietnam-linked APT32 group launches COVID-19-themed attacks against China

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Rhysida ransomware group hacked Abdali Hospital in Jordan

Balikbayan Foxes group spoofs Philippine gov to spread RATs

D-Link confirms data breach, but downplayed the impact

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Security Affairs newsletter Round 282

The City of Durham shut down its network after Ryuk Ransomware attack

Facebook links cyberespionage group APT32 to Vietnamese IT firm

FBI and CISA warn of attacks by Rhysida ransomware gang

Kraken fileless attack technique abuses Microsoft Windows Error Reporting (WER)

Ranzy Locker ransomware hit tens of US companies in 2021

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Grandoreiro banking malware targets Mexico and Spain

Cuba ransomware gang hacked 49 US critical infrastructure organizations

State-Sponsored Phishing Campaigns Target 40,000 VIP Individuals

US DoJ indicts Chinese hackers over state-sponsored cyber espionage

China-linked APT40 used ScanBox Framework in a long-running espionage campaign

Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital

Group-IB detects a series of ransomware attacks by OldGremlin

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Rhysida ransomware gang is auctioning data stolen from the British Library

APT29 is targeting Ministries of Foreign Affairs of NATO-aligned countries

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Cyber mercenaries and insiders hired by Chinese intelligence to hack aerospace and tech firms

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

APT40 cyberespionage group supporting growth of China’s naval sector

Stay Connected