Who wants to mess with the food supply? Foreign adversaries and crooks, that’s who. The US food and agriculture sector dealt with at least 167 ransomware attacks last year, according to a leading industry group. In its first annual report, the Food and Agriculture-Information Sharing and Analysis Center (Food and Ag-ISAC) said the industry was the seventh most targeted sector in the country, behind manufacturing, financial services and others. Thus far in the first quarter of 2024, the secto
hive (9)
The US State Department announced a $10 million reward for information leading to the identification or location of key members of the Hive ransomware gang. The FBI disrupted the gang’s operations almost exactly one year ago, shutting the ransomware group’s infrastructure after a seven-month operation.
Last week, the State Department said that in addition to the $10 million for information on those holding key leadership positions in the gang, they are offering $5 million “for information leadi
Our friends at FortiGuard Labs, recently detected a new injector written in Rust—one of the fastest-growing programming languages—to inject shellcode and introduce XWorm into a victim’s environment. While Rust is relatively uncommon in malware development, several campaigns have adopted this language since 2019, including Buer loader, Hive, and RansomExx. FortiGuard Labs analysis also revealed a significant increase in injector activity during May 2023, where the shellcode can be encoded with
The US Marshals Service (USMS) is investigating a major ransomware attack that has compromised some of its most sensitive information, including law enforcement materials, and the personal information of employees and potential targets of federal investigations. The cyberattack was considered a "major incident" by officials, impacting a "stand-alone" system (meaning it is not connected to a larger federal network) within the service, an agency spokesperson said Monday. The attack was discovere
A pro-Russian hacking group is claiming responsibility for cyber-attacks on several hospitals in the United States. The attack came just days after the Federal Bureau of Investigation (FBI) said it took down a ransomware group that was also targeting hospitals in what was called “The Hive” attack.
The US Attorney General says they’ve seen how cyber-attacks on medical facilities can be very disruptive. “The Hive ransomware attack was able to prevent the hospital from accepting new patients,” th
The US Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) are releasing this joint CSA to disseminate known Hive IOCs and TTPs identified through FBI investigations as recently as November 2022. FBI, CISA, and HHS encourage organizations to implement the recommendations in the Mitigations section of this CSA to reduce the likelihood and impact of ransomware incidents. Victims of ransomware operations should report the incident to thei
Costa Rica is still reeling from the ransomware attacks deployed by the Conti group, and now the Hive ransomware group has joined in. According to Bleeping Computer, the Hive ransomware group is behind the attack beginning 31 March 2022 targeting Costa Rica’s public health service.
The Costa Rican government agency has publicly stated that an attack took place early Tuesday morning. The targeted government entities included the Costa Rican Social Security Fund (CCSS). The government also st
Ransomware is a constant thorn in the side of cyber security professionals worldwide. Hive Ransomware stormed onto the scene in June of 2021 and in their first six months, from June to December of 2021 they managed to compromise 355 companies. The group made headlines for targeting IT, real estate, and healthcare organizations, prompting an FBI Alert sharing the Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) associated with the group in late August.
Recently the
Activity Summary - Week Ending 10 September 2021:
- Red Sky Alliance identified 47,398 connections from new unique IP addresses- Sinkholes
- Analysts identified 1,034 new IP addresses participating in various Botnets
- 4 unique email accounts compromised with Keyloggers were used to log into Personal Accounts
- Sality Malware Variant seen 42252 times this past week
- Hive Ransomware Alert
- STRRAT RAT
- FIN7 again
- Microsoft and $20 billion in Cyber Security
- South Korea and TrickBot Arrest
- To SOAR, or to SIEM
