Loading...
Loading...
Foxconn, a major electronics manufacturer for companies including Apple, Google, Dell and Nvidia, suffered a cyberattack that halted North American factory operations and prompted a ransomware group to claim theft of 8 TB of data including schematics and project details. The attacker identified itself as Nitrogen, an extortion group tied to ALPHV/BlackCat that both steals data and deploys ransomware derived from Conti 2 code; researchers note Nitrogen’s encryptor has a fatal design flaw that can
Foxconn's outage shows large electronics supply chains are directly impacted by ransomware, risking production and customer deliveries. Tech professionals must prioritize incident readiness, secure backups, and supply-chain visibility to limit cascading disruptions.
Dossier last updated: 2026-05-13 00:01:06
Foxconn, a major electronics manufacturer for companies including Apple, Google, Dell and Nvidia, suffered a cyberattack that halted North American factory operations and prompted a ransomware group to claim theft of 8 TB of data including schematics and project details. The attacker identified itself as Nitrogen, an extortion group tied to ALPHV/BlackCat that both steals data and deploys ransomware derived from Conti 2 code; researchers note Nitrogen’s encryptor has a fatal design flaw that can render data irrecoverable. Foxconn confirmed outages and that affected factories are resuming production. The incident underscores supply-chain risk as attackers prioritize targets whose compromise can disrupt hardware production and customer IP.
日本双日公司将目光投向东南亚,寻求新的稀土供应来源
A security ops primer warns that backups are useless unless restores are tested and immune to attacker tampering. The article describes real-world ransomware tactics—threat actors escalate privileges, hunt for backup servers (Veeam, Rubrik, Datto), delete Volume Shadow Copies, format NAS, and encrypt backups after dismantling recovery options. The recommended fix is immutable backups and an updated 3-2-1-1 rule: three copies, two media, one offsite, and one immutable. Practical guidance includes using cloud Object Lock/WORM storage (e.g., AWS S3 Object Lock in Compliance Mode) and example Terraform to create a versioned, locked S3 bucket with a retention window. The piece stresses testing restores and architecting air-gapped, tamper-resistant recovery paths.
Two fledgling ransomware groups have turned on each other after 0APT threatened to expose personnel allegedly linked to rival gang Krybit and leaked sample data as leverage for payment. Dark-web observers first noticed the feud after 0APT posted identity photos, names, locations and plaintext credentials it claimed were from Krybit, plus five cryptocurrency addresses; Krybit’s site went offline with a temporary splash page. Security firm Halcyon warns 0APT shows credible technical depth and listed many alleged victims early on, though some claims may be inflated. Analysts note criminal-on-criminal leaks undermine the usual reputational leverage ransomware gangs use, but do carry risk because operators fiercely guard their anonymity.