CyberSecurityBoard
Sponsor Register Login

New Zipline Campaign Attacks Critical Manufacturing Companies

A new cyber espionage campaign named Zipline has been identified targeting critical manufacturing companies worldwide. This campaign employs sophisticated tactics to infiltrate and compromise manufacturing networks, aiming to steal sensitive intellectual property and disrupt operations. The attackers use a combination of spear-phishing emails and custom malware to gain initial access and maintain persistence within targeted environments. Zipline's operators are believed to be a well-resourced threat group with a focus on industrial espionage. The campaign highlights the increasing risks faced by the manufacturing sector, which is becoming a prime target for cybercriminals due to its critical role in global supply chains. Organizations are urged to enhance their cybersecurity posture by implementing robust email filtering, network segmentation, and continuous monitoring to detect and respond to such threats promptly. This article delves into the tactics, techniques, and procedures (TTPs) employed by the Zipline campaign, the potential impact on affected companies, and recommended mitigation strategies to safeguard against similar attacks in the future.

This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 27 Aug 2025 10:20:16 +0000


Cyber News related to New Zipline Campaign Attacks Critical Manufacturing Companies

Black Kite Research Reveals 80% Of Manufacturing Companies Face Critical Cyber Vulnerabilities - Due to its critical nature, the manufacturing industry is a prime target for bad actors to exploit, said Ferhat Dikbiyik, Black Kite’s chief research and intelligence officer. Black Kite’s data reveals that manufacturing was the top industry ...
10 months ago Informationsecuritybuzz.com
New Zipline Campaign Attacks Critical Manufacturing Companies - A new cyber espionage campaign named Zipline has been identified targeting critical manufacturing companies worldwide. This campaign employs sophisticated tactics to infiltrate and compromise manufacturing networks, aiming to steal sensitive ...
6 days ago Cybersecuritynews.com Zipline
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Worried about job security, cyber teams hide security incidents - Between a growing talent shortage, alert fatigue, and new sophisticated attack methods, companies are more susceptible than ever. The research reveals that 40% of cyber teams have not reported a cyber incident out of fear of losing their jobs - a ...
1 year ago Helpnetsecurity.com
CVE-2008-7092 - Multiple cross-site scripting (XSS) vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to inject arbitrary web script or HTML via a Javascript event in the (1) url, (2) PageName, and (3) title parameters in a ...
8 years ago
Tracking Cybersecurity Progress at Industrial Companies - Although cybersecurity has become a priority at many manufacturing companies, risks have increased at the same time. To better understand how companies are addressing heightened risks, Manufacturers Alliance and Fortinet partnered to study the ...
1 year ago Feeds.fortinet.com Equation
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
1 year ago Feeds.dzone.com
Cybersecurity funding in 2024: Survival of the financially fittest - Attacker tactics, techniques, and procedures always evolve, which means companies will need new cybersecurity tools with improved capabilities. Cybersecurity startups raised massive rounds of funding with sometimes exorbitant valuations. ...
1 year ago Scmagazine.com
Threat Actors Actively Attacking Semiconductor Companies With 0-Day Exploits - In a concerning development for the global technology supply chain, sophisticated threat actors have launched a coordinated campaign exploiting previously unknown vulnerabilities in critical semiconductor manufacturing systems. “We’ve ...
4 months ago Cybersecuritynews.com
Manufacturers Rank as Ransomware's Biggest Target - When one operation or company in the chain gets attacked, it can lead to a domino effect and "cascading operational disruption and financial and reputational damage." In short — when threat actors target both manufacturing and supply ...
11 months ago Darkreading.com
SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022 - MSSPs took the lead in cybersecurity M&A in 2022 with twice as many deals as in 2021. An analysis conducted by SecurityWeek shows that more than 450 cybersecurity-related mergers and acquisitions were announced in 2022. In 2022, we tracked a total of ...
2 years ago Securityweek.com
Iranian APTs Hackers Actively Attacking Transportation and Manufacturing Sectors - This aggressive campaign has prompted urgent warnings from the Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Department of Homeland Security, highlighting the critical need for enhanced security measures across industrial and ...
1 month ago Cybersecuritynews.com MuddyWater OilRig APT3 APT33
Ransomware, Data Breaches Inundate OT & Industrial Sector - Three-quarters of industrial firms suffered a ransomware attack in the past year, with far more compromises affecting operational technology than ever before - representing a surge in attacks driven by both the industrial sector's vulnerability and ...
1 year ago Darkreading.com LockBit
Russian Cyberattackers Launch Multiphase PsyOps Campaign - Russia-linked threat actors employed both PysOps and spear-phishing to target users over several months at the end of 2023 in a multiwave campaign aimed at spreading misinformation in Ukraine and stealing Microsoft 365 credentials across Europe. The ...
1 year ago Darkreading.com
FTC Warns AI Companies About Changing Policies to Leverage User Data - The Federal Trade Commission is warning AI companies against secretly changing their security and privacy policies in hopes of leveraging the data they collect from customers to feed models they use to develop their products and services. ...
1 year ago Securityboulevard.com
Digital Technologies Power Global Operations but Present Growing Risks - As more and more industries and businesses turn to digital technologies in order to power their operations, cyber-attacks present a larger and more widespread threat for organizations and enterprises all over the world. The frequency and severity of ...
1 year ago Cyberdefensemagazine.com
The Imperative for Robust Security Design in the Health Industry - COMMENTARY. In an era dominated by digital innovation and technological advancements, healthcare companies find themselves at the intersection of immense opportunity and equally unprecedented risk. The digitalization of patient records, electronic ...
1 year ago Darkreading.com
Apple Move iPad Engineering To Vietnam - Fresh reports of Apple shifting manufacturing from China, with iPad product development resources relocated to Vietnam. Apple continues to strengthen its manufacturing and development capabilities outside of mainland China, according to recent media ...
1 year ago Silicon.co.uk
Russian Hackers Likely Not Involved in Attacks on Denmark's Critical Infrastructure - Russian state-sponsored APT actor Sandworm might have not been involved in last year's massive attack campaign against Denmark's critical infrastructure, cybersecurity firm Forescout says. The assaults occurred in May 2023 and resulted in the ...
1 year ago Securityweek.com CVE-2023-28771 CVE-2023-33009 CVE-2023-33010 CVE-2023-27881
Securities and Exchange Commission Cyber Disclosure Rules: How to Prepare for December Deadlines - Starting Dec. 18, publicly traded companies will need to report material cyber threats to the SEC. Deloitte offers business leaders tips on how to prepare for these new SEC rules. The U.S. Securities and Exchange Commission’s new rules around ...
1 year ago Techrepublic.com
OT Cybersecurity for Automotive Industry - OT systems are ubiquitous across all critical infrastructure industries, such as Oil and Gas, Automotive, Energy, Water Utilities, and Transportation. OT infrastructure is very vital to any nation's security to ensure the delivery of essential ...
1 year ago Feeds.dzone.com
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
2 years ago Trendmicro.com
Protecting Critical Infrastructure Means Getting Back to Basics - Critical infrastructure organizations are undergoing dramatic changes in their technology and cybersecurity landscapes that make them both more efficient and more vulnerable. Nation-state actors and cybercriminals increasingly are targeting the ...
1 year ago Darkreading.com
Zipline Phishers Target Victims’ Email First - The article discusses a phishing campaign linked to the Zipline threat group, which uniquely targets victims' email accounts first to maximize the impact of their attacks. This approach allows attackers to gain early access to sensitive ...
6 days ago Darkreading.com Zipline
Kaspersky Unveils New Flagship Product Line for Business, Kaspersky Next - PRESS RELEASE. Woburn, MA - April 16, 2024 - Today Kaspersky introduced its new flagship product line, Kaspersky Next, combining robust endpoint protection with the transparency and speed of EDR, alongside the visibility and powerful tools of XDR. ...
1 year ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)