Security Affairs
Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

ENGlobal Corporation disclosed a ransomware attack, discovered on November 25, disrupting operations, in a filing to the SEC. A ransomware attack disrupted the operations of a major energy industry contractor, ENGlobal Corporation. Founded in 1985, ENGlobal Corporation designs automated control systems for commercial and government sectors, reporting $6 million in Q3 revenue and $18.4 million […]

Reynolds ransomware uses BYOVD to disable security before encryption ransomware

ENGlobal Corporation disclosed a ransomware attack, discovered on November 25, disrupting operations, in a filing to the SEC.

A ransomware attack disrupted the operations of a major energy industry contractor, ENGlobal Corporation.

Founded in 1985, ENGlobal Corporation designs automated control systems for commercial and government sectors, reporting $6 million in Q3 revenue and $18.4 million year-to-date.

According to the FORM 8-K report filed with the U.S. Securities and Exchange Commission (SEC), the company discovered the attack on November 25. The threat actors had access to the company’s information technology systems and encrypted some of its data files. The investigation into the security breach is still ongoing and the company is remediating the incident with the help of external cybersecurity specialists.

“On November 25, 2024, ENGlobal Corporation (the “Company”) became aware of a cybersecurity incident.  The preliminary investigation has revealed that a threat actor illegally accessed the Company’s information technology (“IT”) system and encrypted some of its data files.” reads the report filed with SEC. “Upon detecting the unauthorized access, the Company immediately took steps to contain, assess and remediate the cybersecurity incident, including beginning an internal investigation, engaging external cybersecurity specialists, and restricting access to its IT system.”

“As a result of these and other measures, and while the investigation and remediation efforts remain ongoing, access to the Company’s IT system is limited to essential business operations.” ù

At this time, the company is not able to provide the timing of the restoration of full access to its IT systems.

ENGlobal Corporation is assessing whether the cybersecurity incident will significantly affect its financial condition or operations.

No ransomware gang has claimed responsibility for the attack. 

At the end of October, another energy industry contractor, Newpark Resources, reported a ransomware attack that disrupted operations and limited access to internal information systems.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, ransomware)