Cybercrime Archives - Page 11 of 45 - Cyber Security Minute

Ransomware Attack Hits Production Facilities of Agricultural Equipment Giant AGCO

Issued by: Security Week

AGCO designs, makes, and distributes agricultural machinery and precision technology, offering equipment under brands such as Challenger, Fendt, Massey Ferguson, and Valtra. On Friday, the company announced that it fell victim to a ransomware attack that impacted some production facilities. AGCO says it has launched an investigation into the incident and estimates that it might…

Malware & Threats

New Black Basta Ransomware Possibly Linked to Conti Group

Issued by: Security Week

The existence of Black Basta came to light in mid-April, but MalwareHunterTeam researchers spotted a sample apparently compiled in February. The cybercriminals behind Black Basta use malware to encrypt files on compromised systems, appending the .basta extension to encrypted files. In addition, like many other ransomware groups, they steal large amounts of information from victims…

Malware & Threats

Conti Ransomware Activity Surges Despite Exposure of Group’s Operations

Issued by: Security Week

An individual claiming to be a Ukrainian cybersecurity researcher has leaked vast amounts of data belonging to the Conti group, including malware source code, chat logs, credentials, email addresses, and C&C server details. The files were leaked in response to the hackers expressing support for the Russian government as it began its invasion of Ukraine….

Vulnerabilities

Google Patches Third Actively Exploited Chrome Zero-Day of 2022

Issued by: Security Week

Tracked as CVE-2022-1364 and considered “high severity,” the exploited security hole is described as a type confusion in the V8 JavaScript and WebAssembly engine. Attacks targeting type confusion bugs in Chrome’s V8 engine may lead to arbitrary code execution. All Chromium-based browsers are impacted. “Google is aware that an exploit for CVE-2022-1364 exists in the…

Malware & Threats

New ‘Enemybot’ DDoS Botnet Targets Routers, Web Servers

Issued by: Security Week

Dubbed Enemybot, the botnet appears to be the work of Keksec, an established cybercrime group that specializes in DDoS attacks and cryptocurrency mining. The malware was built using the source code of the Gafgyt (Bashlite) botnet – which leaked in 2015 – with some modules borrowed from the infamous Mirai botnet, including the scanner module…

Malware & Threats

Russia-Linked Pipedream/Incontroller ICS Malware Designed to Target Energy Facilities

Issued by: Security Week

The malware, described as a modular ICS attack framework and a collection of custom-made tools, can be used by threat actors to target ICS and SCADA devices, including programmable logic controllers (PLCs) from Schneider Electric and Omron, and OPC UA servers. Advisories and blog posts describing the toolset have been released by industrial cybersecurity firm…

Malware & Threats

Wind Turbine Giant Nordex Scrambling to Recover From Cyberattack

Issued by: Security Week

The incident was publicly disclosed in early April, when the company announced that it shut down “IT systems across multiple locations and business units” to contain the issue. The company also said that the cyberattack was detected in its early stages, and that it immediately set up an incident response team to investigate and address…

Malware & Threats

Alleged Ukrainian Hacker in US Court After Extradition From Poland

Issued by: Security Week

Yaroslav Vasinskyi, 22, was extradited to the United States from Poland on March 3, the Justice Department said, and made an initial appearance in a court in the Northern District of Texas. Vasinskyi was arrested in Poland in October as part of a global operation against ransomware attacks. The arrests were linked to the Russian-based…

Malware & Threats

U.S. State Governments Targeted by Chinese Hackers via Zero-Day in Agriculture Tool

Issued by: Security Week

In a blog post published on Tuesday, cybersecurity research and incident response company Mandiant said it became aware of the campaign in May 2021, when it was called in to investigate an attack on a U.S. state government network. An analysis revealed that the attack had likely been carried out by a Chinese state-sponsored threat…

Malware & Threats

FBI Warns of BlackByte Ransomware Attacks on Critical Infrastructure

Issued by: Security Week

Available as a Ransomware-as-a-Service (RaaS), BlackByte has been used in attacks against US and foreign businesses, including in critical infrastructure sectors such as government, financial, and food and agriculture, the FBI and USSS warn. BlackByte operators recently claimed to have obtained financial data from the San Francisco 49ers as a result of an attack that…