Building automation giant Johnson Controls hit by ransomware attack

October 18, 2023 Audrey

Johnson Controls International has suffered what is described as a huge ransomware attack that encrypted lots of of the corporation devices, including VMware ESXi servers, impacting the company’s and its subsidiaries’ functions.

Johnson Controls is a multinational conglomerate that develops and manufactures industrial manage techniques, safety tools, air conditioners, and hearth safety equipment.

The company employs 100,000 people today by means of its corporate operations and subsidiaries, like York, Tyco, Luxaire, Coleman, Ruskin, Grinnel, and Simplex.

A weekend cyberattack

Yesterday, a source explained to BleepingComputer that Johnson Controls endured a ransomware attack soon after initially staying breached at its Asia offices.

BleepingComputer has since learned that the corporation endured a cyberattack around the weekend that brought about the firm to shut down portions of its IT programs.

Due to the fact then, many of its subsidiaries, such as York, Simplex, and Ruskin, have started to display specialized outage messages on website login internet pages and shopper portals.

“We are presently dealing with IT outages that might limit some buyer programs these kinds of as the Simplex Buyer Portal,” reads a message on the Simplex web site.

“We are actively mitigating any potential impacts to our products and services and will continue to be in conversation with clients as these outages are resolved.”

Johnson Controls technical outage message on York website — **Johnson Controls technological outage information on York web site**
*Supply: BleepingComputer*

If you have any facts on this attack or other attacks, you can get hold of us confidentially via Signal at 646-961-3731

Clients of York, one more Johnson Controls subsidiary, report that they are getting explained to the company’s units are down, with some stating they have been told it was owing to a cyberattack.

“Their computer system process crashed about the weekend. Manufacturing and all the things is down,” a York customer posted to Reddit.

“I talked to our rep and he explained somebody hacked them,” posted another buyer.

This morning, Nextron Units risk researcher Gameel Ali tweeted a sample of a Dark Angels VMware ESXi encryptor that contains a ransom take note stating it was utilized from Johnson Controls.

Dark Angels ransom note — **Dim Angels ransom take note**
*Source: BleepingComputer*

BleepingComputer has been instructed that the ransom note back links to a negotiation chat wherever the ransomware gang needs $51 million to give a decryptor and to delete stolen data.

The menace actors also claim to have stolen above 27 TB of corporate knowledge and encrypted the company’s VMWare ESXi virtual machines through the assault.

BleepingComputer has contacted Johnson Controls with thoughts regarding the assault but has not received a response.

Following publication of our tale, Johnson Controls verified the cybersecurity incident in a Form 8-K submitting with the SEC, stating that they are functioning with external cybersecurity experts to examine the incident and coordinating with insurers.

“Johnson Controls International plc (the “Company”) has experienced disruptions in portions of its interior info technologies infrastructure and programs ensuing from a cybersecurity incident. Promptly following detecting the difficulty, the Firm began an investigation with guidance from leading external cybersecurity professionals

Chinese Laptop Giant Lenovo Plans A Big Press Into The Metaverse

April 15, 2022 Audrey

An attendee wears a Lenovo augmented actuality headset even though participating in the ‘Star Wars: Jedi Challenges’ … [+] game at a news meeting in Hong Kong on Thursday, Could 24, 2018.

Anthony Kwan/Bloomberg

China’s Lenovo is planning to invest billions of pounds over the subsequent 5 years on investigation and improvement for new technological know-how, such as goods and products and services linked to the quick-rising metaverse space.

R&D workers at the world’s greatest particular personal computer company will perform on “technology which will aid businesses capitalize on the metaverse,” Lenovo reported in a assertion last 7 days. The firm says the investment must support “businesses of all measurements capitalize on new and rising systems like the metaverse.”

The Beijing-dependent enterprise will devote about $15.7 billion on new tech-related R&D above the future 5 decades, claimed Nikkei Asia. Lenovo explained in its statement that it will double R&D financial investment and increase 12,000 professionals above the coming 3 many years for cloud-related investigate. Cloud technology is a likely component of metaverse enhancement.

The metaverse refers to a nascent but exploding digital earth in which people function and play as a result of avatars. The metaverse market place was value about $45 billion in 2020 and could expand to $596 billion by 2027, forecasts Brandessence Sector Investigate. The consultancy points to the booms in mixed truth and on the net education fueling the metaverse’s development.

Lenovo has completed minor with the metaverse to day, notes Brady Wang, Taipei-centered affiliate director with market place investigate organization Counterpoint Exploration. The corporation could enjoy on present strengths to produce servers and cloud-connected technological know-how for the metaverse, he states.

Other metaverse components, this sort of as networking and cryptocurrency, may get off quicker if Lenovo invests right in exterior firms relatively than doing its possess R&D, says Wang. “Every company is diverse in its technique and it is not uncomplicated to entirely rely on oneself,” he provides. “We will not consider connectivity is much too fantastic mainly because Lenovo is not a connectivity corporation, so they’d want to commit in it. For virtual reality, it’s the exact detail.”

Lenovo did not react to a ask for for comment about the company’s ambitions for the metaverse.

Perfecting personal factors of the metaverse rather of pursuing an finish-to-end virtual system will possibly make a “bigger impact” for the likes of Lenovo, suggests Sean Su, an independent tech sector analyst in Taiwan.

Su claims the use of virtual fact to interpret info would particularly stand out. Normally, he states, Lenovo’s strategy would be “exactly the exact same as every person else, a shotgun and a prayer that they will hit upon something terrific.”

Lenovo’s world Personal computer sales that took off around 2012 nonetheless major sector share charts. It was the world’s largest Pc seller in the first quarter with a 22.7% market place share, according to IDC knowledge. Lenovo chairman and CEO Yang Yuanqing was a billionaire until 2016.

Giant Nvidia Leak Keeps Forecasting 2022’s Biggest Games

April 15, 2022 Audrey

Nvidia GeForce streams Kingdom Hearts IV leak right to Watch Dogs hacker's phone. — Image: Ubisoft / Square Enix / Kotaku

Last September, a massive list of potential PC games leaked through Nvidia’s GeForce Now video game streaming service and was posted online. At the time, no one quite knew what to make of it. Was it insider info or speculative placeholders? Now evidence is mounting that at least some of the leak is real with Square Enix officially confirming one of the more eye-catching listings for Kingdom Hearts IV with a splashy reveal over the weekend.

GeForce Now lets players stream games to phones, tablets, and PCs. Launched in 2020, the service has continually been adding support for new games, which requires testing and coordination with publishers and studios. So when dozens of unannounced PC game titles surfaced from its database, people took notice.

Video game storefronts and platforms use placeholders all the time, and the industry’s heavy reliance on sequels and spin-offs means it’s not hard to guess at least some of what publishers are working on at any given moment. Nintendo will make another 3D Mario and Activision will make another Call of Duty. But in some cases the Nvidia leak went deeper than that, using project code names and specifying unlikely remasters and as the confirmations pile up people are starting to take it more seriously.

The Nvidia leak dates back to September 12, 2021. A developer from Ukraine going by Ighor July shared a post on Medium where he detailed how he stumbled onto a phantom list of thousands of GeForce Now games back in May of that year. Unlike other streaming services, GeForce doesn’t actually contain any games. Instead, it helps you stream the ones you already own on services like Steam and Epic Games Store.

July was able to mess around with the backend and accidentally access listings for games that weren’t officially supported by GeForce, as well as a bunch that didn’t even exist. SteamDB operator Pavel Djundik posted the list to Github, and breakouts of the more notable entries were shared on places like the Gaming Leaks and Rumors subreddit.

Nvidia responded a couple days later denying the leaks contained any confirmation of new PC ports or releases:

NVIDIA is aware of an unauthorized published game list, with both released and/or speculative titles, used only for internal tracking and testing. Inclusion on the list is neither confirmation nor an announcement of any game.

NVIDIA took immediate action to remove access to the list. No confidential game builds or personal information were exposed.

One of the games listed was Halo 5, the only Halo not yet on PC. It seemed a reasonable assumption, but 343 Industries immediately shot the rumor down. As the months went on, however, other parts of the leak were vindicated. There are basically four types of Nvidia listings for unannounced games that have since found support in some way: PC ports, remasters, sequels, and unnamed projects.

God of War's Kratos prepares a ritual sacrifice in hopes of getting the next batch of Nvidia leaks. — Screenshot: Sony

One of the most notable