Canadian snowmobile, motorcycle, and ATV manufacturer Bombardier Recreational Products has been hit by a ransomware attack earlier this month, which has since been claimed by the RansomEXX ransomware group, reports BleepingComputer.
All BRP operations have been temporarily disrupted by the "malicious cyberactivity" first reported by the company on Aug. 8 but production at four manufacturing sites in Canada, the U.S., Austria, and Finland resumed a week later.
Threat actors behind the attack were able to infiltrate the company's internal systems through a supply chain attack, according to BRP.
Meanwhile, BRP has been listed on the leak site of the RansomEXX ransomware gang on Tuesday, with the ransomware group also leaking 29.9 GB of stolen files, including non-disclosure agreements, material supply deals, contract renewals, passports, and IDs.
BRP has already confirmed the legitimacy of the exposed documents and noted that employees who may have been affected were already notified.
"Based on the current status of its investigation, BRP also believes that the compromised information relating to certain of its suppliers is limited in quantity and sensitivity, and is in the process of contacting them," added the company.
Operations of California's Solano Partner Libraries and St. Helena, or SPLASH, continue to be interrupted weeks after the county's library network was targeted by a ransomware attack earlier this month, StateScoop reports.
Several rootkit-like capabilities could be obtained by threat actors through the exploitation of vulnerabilities in Windows' DOS-to-NT path conversion process, including file and process concealment and compromised prefetch file analysis, reports The Hacker News.
Open-source DevOps software project GitLab has also been impacted by the same security issue in GitHub comments that has been exploited by threat actors through Microsoft repository-linked URLs to facilitate the distribution of malware that was made to seem to originate from credible entities' official source code repositories, according to BleepingComputer.