Tag: Cyber attack

Sticky Werewolf Expands Cyber Attack Targets in Russia and Belarus
News

Sticky Werewolf Expands Cyber Attack Targets in Russia and Belarus

Researchers studying cybersecurity have revealed information on Sticky Werewolf, a threat actor connected to cyberattacks against targets in Belarus and Russia. In addition to government agencies, the phishing assaults also targeted a pharmaceutical company, a Russian research institute that specializes in microbiology and vaccine development, and the aviation industry, according to a study released by Morphisec last week. Security researcher Arnold Osipov stated, "In prior campaigns, the infection chain started with phishing emails containing a link to download a malicious file from platforms like gofile.io." The most recent campaign made use of archive files that pointed to a payload kept on WebDAV servers via LNK files. In October 2023, BI.ZONE first reported about Sticky Were...
Mysterious Cyber Attack Took Down 600,000+ Routers in the U.S.
News

Mysterious Cyber Attack Took Down 600,000+ Routers in the U.S.

More than 600,000 small office/home office (SOHO) routers are estimated to have been bricked and taken offline following a destructive cyber attack staged by unidentified cyber actors, disrupting users' access to the internet. The mysterious event, which took place between October 25 and 27, 2023, and impacted a single internet service provider (ISP) in the U.S., has been codenamed Pumpkin Eclipse by the Lumen Technologies Black Lotus Labs team. It specifically affected three router models issued by the ISP: ActionTec T3200, ActionTec T3260, and Sagemcom. "The incident took place over a 72-hour period between October 25-27, rendered the infected devices permanently inoperable, and required a hardware-based replacement," the company said in a technical report read more Mysterious Cyb...
Russian Hackers Linked to ‘Largest Ever Cyber Attack’ on Danish Critical Infrastructure
News

Russian Hackers Linked to ‘Largest Ever Cyber Attack’ on Danish Critical Infrastructure

What has been called the "largest cyber attack against Danish critical infrastructure," which targeted 22 companies involved in the nation's energy sector in May 2023, may have been orchestrated by Russian threat actors. Denmark's SektorCERT stated [PDF] that "22 simultaneous, successful cyberattacks against Danish critical infrastructure are not commonplace." "The assailants were always on target because they planned ahead and knew who to target. Never once did a shot go wide." The Russian military intelligence organization GRU, which is also known by the code name Sandworm and has a history of planning disruptive cyberattacks on industrial control systems, was linked to one or more of the attacks, the agency claimed read more Russian Hackers Linked to 'Largest Ever Cyber Attack' o...
New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal
News

New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal

An examination of the Linux version of the new ransomware strain BlackSuit revealed striking parallels to the Royal ransomware family. The x64 VMware ESXi version targeted for Linux PCs was investigated by Trend Micro, which found a "extremely high degree of similarity" between Royal and BlackSuit. According to BinDiff, a binary file comparison tool, "in fact, they are nearly identical, with 98% similarities in functions, 99.5% similarities in blocks, and 98.9% similarities in jumps." Based on BinDiff, a study of the Windows artefacts revealed 93.2% similarity in functions read more New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal. Stay one step ahead of cyber threats with ReconBee.com. Explore our comprehensive coverage of recent cyber attacks, cyber...
Notorious Cyber Gang FIN7 Returns With Cl0p Ransomware in New Wave of Attacks
News

Notorious Cyber Gang FIN7 Returns With Cl0p Ransomware in New Wave of Attacks

Cl0p (also known as Clop) ransomware has been seen being used by the prominent cybercrime group FIN7, marking the threat actor's first ransomware campaign since late 2021. Microsoft is tracking the financially motivated player under their new taxonomy Sangria Tempest after noticing the behavior in April 2023. The Lizar post-exploitation tool is loaded by Sangria Tempest in these new attacks in order to gain access to a target network, according to the threat intelligence team of the business read more Notorious Cyber Gang FIN7 Returns With Cl0p Ransomware in New Wave of Attacks. With ReconBee.com Stay ahead of the latest threats with in-depth coverage of cyber attacks and cybersecurity trends, and the latest cybersecurity news.
Lacroix Shuts Three Factories For a Week After Cyber Attack
News

Lacroix Shuts Three Factories For a Week After Cyber Attack

According to reports, the German, French, and Tunisian activity sites for the global electronics firm Lacroix were the targets of a focused cyberattack. The business reported that it briefly shut down a number of online systems to analyse the damage brought on by the attack. Investigations are being conducted to make sure that the assault is entirely controlled before the systems of these sites are restarted, according to a statement from Lacroix. However, some local infrastructures have been encrypted, and a search for exfiltrated data is also underway. The three sites will be closed for the week as a result of these activities, which will take a few days, as well as the requirement to use backups to restore systems read more Lacroix Shuts Three Factories For a Week After Cyber ...
Five Takeaways From the Russian Cyber-Attack on Viasat’s Satellites
News

Five Takeaways From the Russian Cyber-Attack on Viasat’s Satellites

On February 24, 2022, a cyberattack on the KA-SAT satellites of the US company Viasat in Ukraine led to one of the greatest formal attributions of a cyberattack to a nation-state in history. Nearly 20 nations, including 12 EU member states and the Five Eyes nations (the US, UK, Australia, New Zealand, and Canada), blamed Russia for the incident. This cyberattack, which occurred just a few hours before Russia invaded its neighbour, was extensively covered during the third CYSAT conference, which focused on cybersecurity in the space industry and was held in Paris, France, on April 26–27, 2023. Since Viasat's satellites were solely utilised as a backup system, AcidRain, as the cyberattack is generally known, had little effect on Ukraine's military operations read more Five Takeaways F...
NZZ has to shut down the newspaper production system after a cyber attack
News

NZZ has to shut down the newspaper production system after a cyber attack

A smaller print edition is additionally connected to the "extraordinary situation." The perpetrators are reportedly demanding a ransom for the stopped system. Two weeks after a cyberattack on its computers, The "Neue Zürcher Zeitung" is still having issues. The publisher had to pre-produce the Saturday edition on Thursday after shutting down the newspaper's central production systems. The business said on Saturday that this "extraordinary scenario" was also connected to a scope decrease. Certain systems and services are still unavailable as a result of the cyberattack. According to the statement, the NZZ's IT is collaborating with outside experts on corrective steps read more NZZ has to shut down the newspaper production system after a cyber attack. With ReconBee.com Stay ahead o...
University of Hawaii Maui College Announces Recent Data Breach
News

University of Hawaii Maui College Announces Recent Data Breach

Following a cyberattack in February, the University of Hawaii Maui College ("UH Hawaii College") published notice of a data breach on their website on April 6, 2023. The type of the compromised data, however, has not yet been disclosed by UH Maui College. UH Maui College started issuing data breach notification letters to everyone who was affected by the recent data security issue after establishing that student data was compromised and who it belonged to. It's critical that you comprehend what is at risk and what you can do about it if the University of Hawaii Maui read more University of Hawaii Maui College Announces Recent Data Breach. With ReconBee.com Stay ahead of the latest threats with in-depth coverage of cyber attacks and cybersecurity trends, and the latest cybersecur...
Experts Spot Half a Million Novel Malware Variants in 2022
Risk, Security

Experts Spot Half a Million Novel Malware Variants in 2022

According to SonicWall, there were 5.5 billion malware detections worldwide in 2022, up 2% YoY, with never-before-seen varieties seeing a 5% increase. In order to create its 2023 SonicWall Cyber Threat Report, the security provider gathered threat intelligence from its global SonicWall Capture Threat network, which includes one million security sensors. A total of 465,501 new malware strains were discovered, showing that the cybercrime underground is still evolving. These findings "often closely correlate with zero-day attack patterns," according to SonicWall. The firm also noted an 87% spike in IoT malware to reach 112 million devices and a 43% increase in crypto-jacking malware read more Experts Spot Half a Million Novel Malware Variants in 2022. Stay informed with the best ...