JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Lacroix Group shut down three facilities after a ‘targeted cyberattack’

French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack. The French electronics manufacturer Lacroix Group shut down three facilities in France, Germany, and Tunisia in response to a cyber attack. The group designs and manufactures electronic equipment for its customers in […]

Reynolds ransomware uses BYOVD to disable security before encryption ransomware

French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack.

The French electronics manufacturer Lacroix Group shut down three facilities in France, Germany, and Tunisia in response to a cyber attack. The group designs and manufactures electronic equipment for its customers in multiple sectors, including the automotive, aerospace, industrial, and health sectors. The company earned $770 million in 2022.

The company announced the closure of the plant on May 12, the response to the incident suggest it was the victim of a ransomware attack.

The company revealed to have detected a “targeted cyberattack” on its facilities, it has launched an investigation into the security breach to determine if attackers exfiltrated some data.

The company said that some local infrastructures have been encrypted. Lacroix plans to resume production on May 22, 2023.

“The time needed to carry out these actions and to use the backups to restart should take a few days, which is why the 3 sites are closed for the week.” reported Yahoo Finance.

“It should be noted that the activity of these three sites represents 19% of the group’s total sales in 2022. Moreover, given the favourable calendar with only 3 days of effective production this week on the French and German sites, LACROIX does not envisage at this stage any significant impact on the performances announced for the Group for the whole of 2023.”

At the time of this writing, no ransomware gang has claimed responsibility for the attack.

Last week, Swiss multinational company ABB, a leading electrification and automation technology provider, was the victim of a Black Basta ransomware attack.

The attack took place on May 7, 2023, and reportedly impacted the business operations of the company.

We are in the final!

Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini

Please nominate Security Affairs as your favorite blog.

Nominate Pierluigi Paganini and Security Affairs here here: https://docs.google.com/forms/d/e/1FAIpQLSepvnj8b7QzMdLh7vWEDQDqohjBUsHyn3x3xRdYGCetwVy2DA/viewform

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, ransomware)