Security Affairs
JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Maze ransomware operators stole data from US military contractor Westech

Hackers have stolen confidential documents from the US military contractor Westech, which provides critical support for US Minuteman III nuclear deterrent. MAZE ransomware operators have stolen sensitive data from Westech, a company that supports the US Minuteman III nuclear deterrent. The LGM-30 Minuteman is a U.S. land-based intercontinental ballistic missile (ICBM), in service with the […]

Reynolds ransomware uses BYOVD to disable security before encryption ransomware

Hackers have stolen confidential documents from the US military contractor Westech, which provides critical support for US Minuteman III nuclear deterrent.

MAZE ransomware operators have stolen sensitive data from Westech, a company that supports the US Minuteman III nuclear deterrent.

The LGM-30 Minuteman is a U.S. land-based intercontinental ballistic missile (ICBM), in service with the Air Force Global Strike Command. As of 2020, the LGM-30G Minuteman III version[a] is the only land-based ICBM in service in the United States and represents the land leg of the U.S. nuclear triad, along with the Trident submarine-launched ballistic missile (SLBM) and nuclear weapons carried by long-range strategic bombers.

Threat actors first compromised the Westech’s network, then stole the documents before encrypting them. Then the attackers started leaking the files online to force the victim into paying the ransomware.

“It is unclear if the documents stolen by the criminals include military classified information, but files which have already been leaked online suggest the hackers had access to extremely sensitive data, including payroll and emails.” reads the post published by SkyNews that reported the news in exclusive.

“Court documents in the US allege that Russian cyber criminals with a financial motivation have collaborated with the intelligence services in order to steal classified government documents.”

Westech is involved with the nuclear deterrent as a sub-contractor for Northrup Grumman.

Security experts fear that hackers could attempt to sell stolen data about the nuclear deterrent on to a foreign state.

A Westech’s spokesperson told Sky News that the company was hit with ransomware and is currently investigating the security breach.

“We recently experienced a ransomware incident, which affected some of our systems and encrypted some of our files.” Westech’s spokesperson told Sky News.

“Upon learning of the issue, we immediately commenced an investigation and contained our systems.” “We have also been working closely with an independent computer forensic firm to analyse our systems for any compromise and to determine if any personal information is at risk.”

Recently Maze ransomware operators started publishing documents stolen from the ST Engineering group on their leak website.

A couple of weeks ago Maze ransomware operators have released credit card data stolen from the Bank of Costa Rica (BCR) threatening to leak other lots every week.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Maze Ransomware, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]