This site uses cookies to improve your experience. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country, we will assume you are from the United States. Select your Cookie Settings or view our Privacy Policy and Terms of Use.
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Used for the proper function of the website
Used for monitoring website traffic and interactions
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Strictly Necessary: Used for the proper function of the website
Performance/Analytics: Used for monitoring website traffic and interactions
Pharmaceutical giant Cencora suffered a cyber attack and threat actors stole data from its infrastructure. Pharmaceutical giant Cencora disclosed a data breach after it was the victim of a cyberattack. Optum Solutions is a subsidiary of UnitedHealth Group, a leading health insurance company in the United States. Cencora, Inc.
Biopharmaceutical company Supernus Pharmaceuticals discloses a ransomware attack, the Hive ransomware claims to have stolen company data. Biopharmaceutical company Supernus Pharmaceuticals confirmed it was the victim of a data breach after a ransomware attack that hit the firm last in Mid-November. “Supernus Pharmaceuticals, Inc.
This week, the Japanese pharmaceutical giant Eisai has taken its systems offline in response to a ransomware attack. Eisai is a Japanese pharmaceutical company with about 10,000 employees and more than $5 billion in revenue. At the time of this writing, no ransomware group has claimed responsibility for the ransomware attack.
are warning medical institutions, pharmaceutical companies, universities and others about "password-spraying campaigns" by advance persistent threat groups seeking to steal COVID-19 research data. Password-Spraying' Campaigns Aimed at Stealing Research Data, US and UK Authorities Warn Authorities in the U.S.
The APT33 group has been around since at least 2013, since mid-2016, the group targeted the aviation industry and energy companies with connections to petrochemical production. The cyber espionage activity attacks are aimed at organizations in the satellite, defense, and pharmaceutical sectors. South Korean, and Europe.
Alert Comes as Other Ransomware Assaults, Data Leaks Plague Medical Providers Federal authorities are alerting healthcare sector entities of threats posed by Russian state-sponsored cyber groups, including some linked to attacks on pharmaceutical and related firms. medical facilities.
Meet Balikbayan Foxes: a threat group impersonating the Philippine gov’t. The group focuses on Shipping/Logistics, Manufacturing, Business Services, Pharmaceutical, and Energy entities, among others. Victims of the group are located in North America, Europe, and Southeast Asia. . ” concludes the report.
A previously unknown ransomware group known as RA Group is targeting companies in U.S. Cisco Talos researchers recently discovered a new ransomware operation called RA Group that has been active since at least April 22, 2023. The group has already compromised three organizations in the U.S. and one in South Korea.
The North Korea-linked Lazarus APT group has recently launched cyberattacks against at least two organizations involved in COVID-19 research. The North Korea-linked APT group Lazarus has recently launched cyberattacks against two entities involved in COVID-19 research. ” reads the analysis published by Kaspersky.
Microsoft reports that the Iran-linked APT33 group is targeting defense contractors worldwide with FalseFont backdoor. The APT33 group has been around since at least 2013, since mid-2016, the group targeted the aviation industry and energy companies with connections to petrochemical production. South Korea, and Europe.
Noisy 'Peach Sandstorm' Password Spraying Campaign Is Followed by Stealth Iranian state threat actor "Peach Sandstorm" is growing in sophistication, warns Microsoft in an alert about a campaign of password hacking targeting the satellite, defense and pharmaceutical sectors.
Researchers at Group-IB observed new financially motivated attacks in Western Europe traced to Russian-speaking threat actors. At least two companies operating in pharmaceutical and manufacturing sectors have been affected. At least two companies operating in pharmaceutical and manufacturing sectors have been affected.
Shane Huntley, Director at Google’s Threat Analysis Group (TAG), revealed that her team has shared its findings with the campaigns and the Federal Bureau of Investigation. Google sent 11,856 government-backed phishing warnings during Q1 2020, 11,023 in Q2 2020, and 10,136 in Q3 2020. Tbps, the largest DDoS attack of ever.
Operation Pangea took place between March 3 and 10, 2020, the authorities dismantled 37 organized crime groups attempting to illegally sell counterfeit surgical masks, unauthorised antiviral medications and the antimalarial chloroquine, Vitamin C, food supplements, painkillers, and antibiotics. link] — EC3 (@EC3Europol) March 23, 2020.
The Ubiquiti EdgeRouter botnet is still used by Russia-linked group APT28 and cybercriminals organizations. Trend Micro researchers reported that the EdgeRouter botnet , called Moobot , used by the APT28 group is still active and is also used by cyber criminal organizations. ” reported Trend Micro. ” reported Trend Micro.
In the first four months of 2024, 204 criminal groups were monitored globally for ransomware activities. Additionally, during this period, 25 new criminal groups emerged and were added to the monitoring list by Ransomfeed. Italy, in particular, faced specific challenges in cybersecurity during this critical period.
China-linked Winnti cyberespionage group targets South Korean video gaming company Gravity, QuoIntelligence (QuoINT) firm reported. Security experts from QuoIntelligence (QuoINT) firm reported that China-linked Winnti cyberespionage group targets South Korean video gaming company Gravity. a South Korean video game company.”
The business of Omiya Kasei is divided into four major areas, manufacturing and designing chemical and industrial products, designing electronic materials, pharmaceutical development, and factory manufacturing. Oomiya is focused on designing and manufacturing microelectronics and facility system equipment.
According to the security firm, the group is financially motivated, its cyberespionage campaign hit high value targets such as government and educational institutions, religious movements, pro-democracy and human rights organisations in Hong Kong, Covid-19 research organisations, gambling and cryptocurrency companies, and the media.
The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. The financially-motivated hacker group FIN11 has switched tactics starting using ransomware as the main monetization method. ” reads the analysis published by FireEye. ” reads the analysis.
While pharmaceutical companies worldwide are working on the research of a vaccine for the ongoing COVID19 pandemic, threat actors are conducting cyber espionage campaigns in the attempt of stealing information on the work. . ” reported El Pais.
Symantec’s Threat Hunter Team, a Broadcom division, uncovered a global campaign conducted by a China-linked APT10 cyber-espionage group targeting businesses using the recently-disclosed ZeroLogon vulnerability. . The APT10 is well-resourced cyberespionage group that employed multiple tools and sophisticated techniques in its attacks.
“North Korean hackers have targeted at least six pharmaceutical companies in the U.S., “Then we’re going to have the group of people who just decide that ‘well I don’t want the world to have a vaccine’ “For us, inside, it’s really not much of a difference.”
CERT-France warns of a new ransomware group named Lockean that is behind a series of attacks against French organizations over the past 2 years. “First observed in June 2020, this group named Lockean is thought to have affiliated with several Ransomware-as-a-Service (RaaS) including DoppelPaymer, Maze, Prolock, Egregor and Sodinokibi.
Pharmaceutical giant Cencora confirmed that the threat actors had access to personally identifiable information (PII) and protected health information (PHI) following the February 2024 cyberattack. In May, Cencora subsidiary Lash Group announced that a security incident impacted individuals’ personal information.
The Winnti hacking group continues to target gaming industry, recently it used a new malware named PipeMon and a new method to achieve persistence. Winnti hacking group is using a new malware dubbed PipeMon and a novel method to achieve persistence in attacks aimed at video game companies. ” concludes ESET.
The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.
’s National Cyber Security Centre warning that so-called “advanced persistent threat” groups — state-sponsored hacking teams — are actively targeting organizations involved in both national and international COVID-19 responses.
A new wave of cyber attacks carried out by a China-linked APT group hit German blue-chip companies BASF, Siemens, Henkel and others. German media reported that the cyber attacks were launched by China-linked cyberespionage group. The gang is financially-motivated and was mostly involved in cyber espionage campaigns.
Resecurity detailed the increasing tensions between different influence groups behind illegal marketplaces in Dark Web – attacking each other, performing DDoS attacks and trying to abuse the reputation of competitors to capture a bigger market share. Resecurity noticed a sharp increase in demand for prescription pharmaceuticals.
The ransomware targets South Korean healthcare, industrial, and pharmaceutical companies, its name comes from the name of the author ‘Gwisin’ (ghost in Korean). The victims of the Linux GwisinLocker variant are required to log into a portal operated by the group to get in contact with the crooks. . Pierluigi Paganini.
Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. National Security Agency (NSA). alone by October 2020.
Hancitor became another commodity malware which partnered with ransomware gangs to help them gain initial access to target networks – the increasing trend outlined by Group-IB researchers in the recent Ransomware Uncovered 2020/2021 report. In addition, the group leveraged some custom tools for network reconnaissance. About Group-IB.
A ransomware group called Dark Angels made headlines this past week when it was revealed the crime group recently received a record $75 million data ransom payment from a Fortune 50 company. ThreatLabz found Dark Angels has conducted some of the largest ransomware attacks to date, and yet little is known about the group.
In May, the FBI and CISA also warned cyber attacks coordinated by Beijing and attempting to steal COVID-19 information from US health care, pharmaceutical, and research industry sectors. Do not add users to the local administrators group unless required. Enforce a strong password policy and implement regular password changes.
Experts attribute the attacks to the China-linked Winnti APT group (aka APT41 ) and reported that the attackers used a previously undocumented backdoor in the attacks. The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007.
Researchers from Secureworks reported that a China-linked APT group, tracked as Bronze Starlight (APT10), is deploying post-intrusion ransomware families to cover up the cyber espionage operations. The victims include pharmaceutical companies in Brazil and the U.S., and an aerospace and defense division of an Indian conglomerate.
Experts found new MOVEit Transfer SQL Injection flaws The University of Manchester suffered a cyber attack and suspects a data breach Russians charged with hacking Mt.
Some of them like DoppelPaymer and Maze groups announced that they would no target healthcare organizations during the pandemic. The gang behind the Ryuk ransomware goes against the tide and continues to target the hospitals, the group never responded to the questions of BleepingComputer researchers. reported BleepingComputer.
Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. Image: Archive.org.
Group Lists EHR Provider, Pharmaceutical Services Firm on Leak Site An electronic health records vendor and a pharmacy management services firm are purportedly among the latest healthcare sector victims of ransomware-as-a-service group BlackCat, also known as Alphv.
CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems. CISA published a security advisory warning of a wave of attacks carried out by China-linked APT groups affiliated with China’s Ministry of State Security.
We organize all of the trending information in your field so you don't have to. Join 55,000+ users and stay up to date on the latest articles your peers are reading.
You know about us, now we want to get to know you!
Let's personalize your content
Let's get even more personalized
We recognize your account from another site in our network, please click 'Send Email' below to continue with verifying your account and setting a password.
Let's personalize your content