Groups and Manufacturing - Information Management Today

BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider

Security Affairs

OCTOBER 30, 2022

The BlackByte ransomware group claims to have compromised Asahi Group Holdings, a precision metal manufacturing and metal solution provider. Asahi Group Holdings, Ltd. Asahi Group Holdings, Ltd. SecurityAffairs – hacking, Asahi Group Holdings ). Follow me on Twitter: @securityaffairs and Facebook.

Manufacturing

Manufacturing Ransomware Sales Security

Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars

Security Affairs

SEPTEMBER 24, 2023

The Alphv ransomware group claims to have hacked Clarion, the global manufacturer of audio and video equipment for cars and other vehicles. The Alphv ransomware group added Clarion, the global manufacturer of audio and video equipment for cars and other vehicles, to the list of victims on its Tor leak site.

Manufacturing

Manufacturing Ransomware Data breaches Risk

A cyber attack forced the wind turbine manufacturer Nordex Group to shut down some of IT systems

Security Affairs

APRIL 6, 2022

Nordex Group, one of the largest manufacturers of wind turbines, was hit by a cyberattack that forced the company to shut down part of its infrastructure. Nordex Group, one of the world’s largest manufacturers of wind turbines, was the victim of a cyberattack that forced the company to take down multiple systems.

Manufacturing

Manufacturing IT Ransomware Security

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

TIDRONE APT targets drone manufacturers in Taiwan

Security Affairs

SEPTEMBER 9, 2024

Trend Micro spotted an allegedly China-linked threat actor, tracked TIDRONE, targeting drone manufacturers in Taiwan. The group, which was previously undocumented, uses enterprise resource planning (ERP) software and remote desktops to deploy advanced malware, including CXCLNT and CLNTEND. ” concludes the report.

Manufacturing

Manufacturing Military Communications Access

Swiss rail vehicle manufacturer Stadler hit by a malware-based attack

Security Affairs

MAY 10, 2020

Stadler, a Swiss manufacturer of railway rolling stock disclosed a data breach, hackers attempted to blackmail the company. International rail vehicle manufacturer, Stadler , disclosed a security breach that might have also allowed the attackers to steal company data. ” reported the Swiss media. Pierluigi Paganini.

Manufacturing

Manufacturing Data breaches Ransomware Security

Airplane manufacturer Bombardier has disclosed a security breach, data leaked online

Security Affairs

FEBRUARY 24, 2021

Hackers posted data stolen from manufacturer of business jets Bombardier on Clop ransomware leak site following alleged FTA hack. Security experts from FireEye linked the cyber attacks to the cybercrime group UNC2546, aka FIN11. Bombardier pointed out that manufacturing and customer support operations have not been impacted.

Manufacturing

Manufacturing Security Ransomware Cybersecurity

How 'Mespinoza' Ransomware Group Hits Targets

Data Breach Today

JULY 16, 2021

Palo Alto Networks Report Describes Tactics of Group Leveraging Open-Source Tools The gang behind the ransomware strain known as Mespinoza, aka PYSA, is targeting manufacturers, schools and others, mainly in the U.S. million, according to Palo Alto Networks' Unit 42, which says the group leverages open-source tools.

Ransomware

Ransomware Manufacturing

COVID-19 vaccine manufacturer suffers a data breach

Security Affairs

OCTOBER 26, 2020

Indian COVID-19 vaccine manufacturer Dr. Reddy’s Laboratories was hit with a cyber attack that forced it to shut down its plants in Brazil, India, Russia, the U.K., In response to the security breach, the COVID-19 vaccine manufacturer has isolated all data center services. “In and the U.S. Pierluigi Paganini.

Manufacturing

Manufacturing Data breaches Security IT

Power semiconductor component manufacturer Semikron suffered a ransomware attack

Security Affairs

AUGUST 3, 2022

Semikron, a German-based independent manufacturer of power semiconductor components, suffered a ransomware cyberattck. The company confirmed it has suffered a cyberattack conducted by a professional hacker group. “The SEMIKRON Group has become a victim of a cyber-attack by a professional hacker group.

Manufacturing

Manufacturing Ransomware Encryption Data breaches

Unknown Cyberespionage Group Targeted Taiwan

Data Breach Today

OCTOBER 10, 2023

Threat Actor Likely Operates From A Region With A Strategic Interest In Taiwan A previously undetected cyberespionage group spied against Taiwanese government agencies and the island-country's manufacturing sector, say cybersecurity researchers.

Manufacturing

Manufacturing Cybersecurity Government IT

Threat actor claims to have hacked European manufacturer of missiles MBDA

Security Affairs

JULY 31, 2022

Threat actors that go online with the moniker Adrastea claim to have hacked the multinational manufacturer of missiles MBDA. A threat actor that goes online with the moniker Adrastea , and that defines itself as a group of independent cybersecurity specialists and researchers, claims to have hacked MBDA. Pierluigi Paganini.

Manufacturing

Manufacturing Military Archiving Cybersecurity

Lazarus Group Targeted COVID-19 Research

Data Breach Today

DECEMBER 24, 2020

Kaspersky: North Korean APT Group Used Malware in Attempt to Steal Information The Lazarus Group, a North Korean advanced persistent threat gang, apparently recently targeted a national ministry of health and a drug manufacturer involved in developing a COVID-19 vaccine in an attempt to steal information, according to the security firm Kaspersky.

Manufacturing

Manufacturing Security

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Security Affairs

APRIL 16, 2024

The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company. The Dark Angels (Dunghill) ransomware group claims responsibility for hacking chipmaker Nexperia and stealing 1 TB of the company’s data. The chipmaker has 14,000 employees as of 2024.

Ransomware

Ransomware Manufacturing Insurance Cybersecurity

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. The Rhysida ransomware group claimed to have breached the Abdali Hospital in Jordan and added it to the list of victims on its Tor leak site. The Rhysida ransomware group has been active since May 2023.

Ransomware

Ransomware Manufacturing Education Libraries

Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators

Security Affairs

AUGUST 21, 2020

Experts at threat intelligence firm Cyble came across a post published by Maze ransomware operators claiming to have breached the steel sheet giant Hoa Sen Group. Hoa Sen Group is the no.1 1 company in the field of manufacturing and trading steel sheet in Vietnam and the leading exporter of steel sheet in Southeast Asia.

Ransomware

Ransomware Archiving Manufacturing Data breaches

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Security Affairs

MARCH 5, 2025

Ransomware group Hunters International claims to have hacked Tata Technologies, threatening to leak 1.4 The Hunters International ransomware group claimed to have breached the Indian multinational technology company Tata Technologies, a Tata Motors subsidiary. The group claims the theft of 1.4 TB of stolen data.

Ransomware

Ransomware Manufacturing IT Security

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

NOVEMBER 29, 2023

The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London. The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London and added it to the list of victims on its Tor leak site. The Rhysida ransomware group has been active since May 2023. Data from the Royal Family!

Ransomware

Ransomware Manufacturing Education Libraries

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Security Affairs

MAY 22, 2020

ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. The group behind this activity is the same we identified in the past malicious operations described in Roma225 (12/2018), Hagga (08/2019), Mana (09/2019), YAKKA (01/2020). Introduction.

Manufacturing

Manufacturing e-Delivery IT Security

Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware

Security Affairs

AUGUST 7, 2024

The Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware and offers alleged stolen data for 25 BTC. The Rhysida Ransomware group claims to have breached Bayhealth Hospital and added the hospital to the list of victims on its Tor leak site. The Rhysida ransomware group has been active since May 2023.

Ransomware

Ransomware Manufacturing Libraries Education

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Security Affairs

DECEMBER 11, 2020

Vietnam-linked APT group APT32 , also known as OceanLotus and APT-C-00, carried out cyber espionage campaigns against Chinese entities to gather intelligence on the COVID-19 crisis. Now the Facebook security team has revealed the real identity of APT32 , linking the group to an IT company in Vietnam named CyberOne Group. .

Agriculture

Agriculture IT Retail Manufacturing

Aggah APT Group Targets Taiwan, South Korea

Data Breach Today

AUGUST 20, 2021

Spear-Phishing Campaign Exploits PowerPoint Vulnerability The Aggah APT group, believed to be of Pakistani origin, apparently was behind a recent spear-phishing campaign targeting manufacturing firms in Taiwan and South Korea, according to Anomali Threat Research.

Manufacturing

Manufacturing Phishing

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

Security Affairs

AUGUST 8, 2024

FBI and CISA published a joint advisory on the BlackSuit Ransomware group, the document provides TTPs and IOCs as recently as July 2024. CISA, in collaboration with the FBI, has published a joint advisory on the BlackSuit Ransomware group. The group uses SharpShares and SoftPerfect NetWorx to map out victim networks.

Ransomware

Ransomware Communications Manufacturing Phishing

Texas oilfield supplier Newpark Resources suffered a ransomware attack

Security Affairs

NOVEMBER 8, 2024

” Newpark Resources pointed out that its manufacturing and field operations remain largely unaffected, continuing with established downtime procedures despite the ransomware attack. At this time, no ransomware groups claimed responsibility for the security breach. The company will update disclosures if circumstances change.

Ransomware

Ransomware Manufacturing Cybersecurity Access

BianLian group exploits JetBrains TeamCity bugs in ransomware attacks

Security Affairs

MARCH 11, 2024

BianLian ransomware group was spotted exploiting vulnerabilities in JetBrains TeamCity software in recent attacks. Researchers from GuidePoint Security noticed, while investigating a recent attack linked to the BianLian ransomware group, that the threat actors gained initial access to the target by exploiting flaws in a TeamCity server.

Ransomware

Ransomware Manufacturing Access Security

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Security Affairs

DECEMBER 7, 2021

Microsoft seized dozens of malicious domains used by the China-linked APT15 group to target organizations worldwide. APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing.

Manufacturing

Manufacturing Phishing Government Security

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

Security Affairs

JULY 1, 2023

The LockBit ransomware gang claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC). The LockBit ransomware group this week claimed to have hacked the Taiwan Semiconductor Manufacturing Company ( TSMC ) and $70 million ransom. ” reads the announcement published by Lockbit operators on their leak site. .”

Manufacturing

Manufacturing Ransomware Security awareness Cybersecurity

Software firm Blue Yonder providing services to US and UK stores, including Starbucks, hit by ransomware attack

Security Affairs

NOVEMBER 26, 2024

At this time, no known ransomware group claimed responsibility for the attack. Blue Yonder Group , Inc. formerly JDA Software Group) is an American supply chain management company operating as an independent subsidiary of Panasonic. It’s unclear if the attackers have stolen information from the company.

Ransomware

Ransomware Retail Manufacturing Cloud

US offers $10 million reward for info on Hive ransomware group leaders

Security Affairs

FEBRUARY 8, 2024

Government offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware group. The US Department of State announced rewards up to $10,000,000 for information leading to the identification and/or location of the leaders of the Hive ransomware group.

Ransomware

Ransomware Blockchain Manufacturing Analytics

LockBit ransomware gang claims the hack of Continental automotive group

Security Affairs

NOVEMBER 3, 2022

The LockBit ransomware group claimed to have hacked the multinational automotive group Continental and threatens to leak stolen data. LockBit ransomware gang announced to have hacked the German multinational automotive parts manufacturing company Continental. At this time, it is not clear if the Lockbit 3.0 Pierluigi Paganini.

Ransomware

Ransomware Manufacturing IT Security

BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085

Security Affairs

AUGUST 28, 2024

Cisco Talos observed the BlackByte ransomware group exploiting the recently patched security flaw CVE-2024-37085 in VMware ESXi hypervisors in recent attacks. Recent investigations by Talos IR have revealed that the BlackByte ransomware group is using a victim’s existing remote access rather than tools like AnyDesk.

Ransomware

Ransomware Authentication Encryption Access

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Access

Access Financial Services Retail Insurance

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

Security Affairs

SEPTEMBER 16, 2024

Apple drops its lawsuit against commercial spyware vendor NSO Group, due to the risk of “threat intelligence” information exposure. Apple is seeking to drop its lawsuit against Israeli spyware company NSO Group , citing the risk of “threat intelligence” information exposure. ” continues the court filing.

Risk

Risk Government Manufacturing IT

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

Security Affairs

JANUARY 26, 2023

The BlackCat Ransomware group claims to have hacked SOLAR INDUSTRIES INDIA and to have stolen 2TB of “secret military data.” The BlackCat Ransomware group claims to have breached the company infrastructure and to have stolen 2TB of data, including secret military data related to weapons production.

Military

Military Manufacturing Ransomware Mining

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

The group managed to maintain access without being detected for as long as possible. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

e-Discovery

e-Discovery Communications Ransomware Government

China-linked APT41 group targets Hong Kong with Spyder Loader

Security Affairs

OCTOBER 18, 2022

Symantec researchers reported that cyberespionage group APT41 targeted organizations in Hong Kong in a campaign that is a likely continuation of the Operation CuckooBees activity detailed by Cybereason in May. Winnti (aka APT41 , Axiom, Barium , Blackfly) is a cyberespionage group that has been active since at least 2007.

File names

File names Encryption Manufacturing Libraries

Lacroix Group shut down three facilities after a ‘targeted cyberattack’

Security Affairs

MAY 16, 2023

French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack. The French electronics manufacturer Lacroix Group shut down three facilities in France, Germany, and Tunisia in response to a cyber attack.

Manufacturing

Manufacturing Ransomware Sales Encryption

Chinese APT Group Winnti Is Stealing Intellectual Property

Data Breach Today

MAY 5, 2022

Forensic Analysis Used to Detect the Group's Involvement, Cybereason Says A new malicious campaign that siphons off intellectual property and sensitive data - including documents, blueprints, diagrams, formulas and manufacturing-related proprietary data - has been identified by researchers at Cybereason as being the work of Chinese APT Winnti, based (..)

Manufacturing

New RA Group ransomware gang is the latest group using leaked Babuk source code

Security Affairs

MAY 15, 2023

A previously unknown ransomware group known as RA Group is targeting companies in U.S. Cisco Talos researchers recently discovered a new ransomware operation called RA Group that has been active since at least April 22, 2023. The group has already compromised three organizations in the U.S. and one in South Korea.

Ransomware

Ransomware Encryption Healthcare Insurance

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Security Affairs

DECEMBER 19, 2023

The Federal Bureau of Investigation (FBI) announced the seizure of the Tor leak site of the AlphV/Blackcat ransomware group. The FBI seized the Tor leak site of the AlphV/Blackcat ransomware group and replaced the home page with the announcement of the seizure. the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware

Ransomware IT Access Manufacturing

Balikbayan Foxes group spoofs Philippine gov to spread RATs

Security Affairs

NOVEMBER 1, 2021

Meet Balikbayan Foxes: a threat group impersonating the Philippine gov’t. The group focuses on Shipping/Logistics, Manufacturing, Business Services, Pharmaceutical, and Energy entities, among others. Victims of the group are located in North America, Europe, and Southeast Asia. . ” concludes the report.

Healthcare

Healthcare Phishing Government Manufacturing

Group with numerous faces: chronicle of UltraRank’s deceptive JS-sniffer campaigns

Security Affairs

AUGUST 27, 2020

Group-IB security researchers provide evidence linking three campaigns with the use of various JS-sniffer families. Singapore – Group-IB , a global threat hunting and intelligence company headquartered in Singapore, today released its analytical report “ UltraRank: the unexpected twist of a JS-sniffer triple threat.” First clue.

Marketing

Marketing Cybersecurity CMS Analytics

Group-IB detects a series of ransomware attacks by OldGremlin

Security Affairs

SEPTEMBER 23, 2020

Researchers from threat hunting and intelligence firm Group-IB have detected a successful attack by a ransomware gang tracked as OldGremlin. Group-IB , a global threat hunting and intelligence company headquartered in Singapore, has detected a successful attack by a ransomware gang, codenamed OldGremlin. Unsought invoice.

Ransomware

Ransomware Phishing Encryption Authentication

Vietnam-linked APT32 group launches COVID-19-themed attacks against China

Security Affairs

APRIL 23, 2020

The Vietnam-linked cyberespionage group tracked as APT32 carried out hacking campaigns against Chinese entities to collect intelligence on the COVID-19 crisis. Vietnam-linked APT group APT32 , also known as OceanLotus and APT-C-00, carried out cyber espionage campaigns against Chinese entities to gather intelligence on the COVID-19 crisis.

Government

Government Phishing Manufacturing Cybersecurity

Key aerospace player Safran Group leaks sensitive data

Security Affairs

MARCH 15, 2023

Top aviation company Safran Group left itself vulnerable to cyberattacks, likely for well over a year, underlining how vulnerable big aviation firms are to threat actors, according to research by Cybernews. According to its own estimates, Safran Group ’s revenue for 2022 was above €19 billion.

Manufacturing

Manufacturing Access Risk IT

BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider

Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars

Webinars

Trending Sources

A cyber attack forced the wind turbine manufacturer Nordex Group to shut down some of IT systems

Webinars

TIDRONE APT targets drone manufacturers in Taiwan

Swiss rail vehicle manufacturer Stadler hit by a malware-based attack

Airplane manufacturer Bombardier has disclosed a security breach, data leaked online

How 'Mespinoza' Ransomware Group Hits Targets

COVID-19 vaccine manufacturer suffers a data breach

Power semiconductor component manufacturer Semikron suffered a ransomware attack

Unknown Cyberespionage Group Targeted Taiwan

Threat actor claims to have hacked European manufacturer of missiles MBDA

Lazarus Group Targeted COVID-19 Research

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Rhysida ransomware group hacked Abdali Hospital in Jordan

Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Aggah APT Group Targets Taiwan, South Korea

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

Texas oilfield supplier Newpark Resources suffered a ransomware attack

BianLian group exploits JetBrains TeamCity bugs in ransomware attacks

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

Software firm Blue Yonder providing services to US and UK stores, including Starbucks, hit by ransomware attack

US offers $10 million reward for info on Hive ransomware group leaders

LockBit ransomware gang claims the hack of Continental automotive group

BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

China’s Volt Typhoon botnet has re-emerged

China-linked APT41 group targets Hong Kong with Spyder Loader

Lacroix Group shut down three facilities after a ‘targeted cyberattack’

Chinese APT Group Winnti Is Stealing Intellectual Property

New RA Group ransomware gang is the latest group using leaked Babuk source code

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Balikbayan Foxes group spoofs Philippine gov to spread RATs

Group with numerous faces: chronicle of UltraRank’s deceptive JS-sniffer campaigns

Group-IB detects a series of ransomware attacks by OldGremlin

Vietnam-linked APT32 group launches COVID-19-themed attacks against China

Key aerospace player Safran Group leaks sensitive data

Stay Connected