November 19, 2021

US federal bank regulators approve new rule ordering banks to report cyberattacks within 36 hours

On Thursday 18th of November 2021, US federal bank regulatory agencies approved a new rule that requires banks to notify their primary federal regulators of significant computer-security incidents within 36 hours. Currently banks are only required to report major cyberattacks if they have or will likely impact their operations, the ability to deliver banking products and services, or the US financial […]
November 17, 2021

US releases joint advisory warning companies of Iranian APT group that has been involved in ransomware attacks

On Wednesday 17th of November 2021, Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) released a joint cybersecurity advisory where they warned of ongoing malicious cyber activity that FBI, CISA, ACSC, and NCSC have observed and associated with an advanced persistent threat (APT) group that is […]
November 15, 2021

Cyber security research groups observe signs of Emotet malware returning and rebuilding its botnet via TrickBot

On Monday 15th of November 2021, Emotet research groups Cryptolaemus, GData, and Advanced Intel started to observe the TrickBot malware dropping a loader for Emotet on infected devices. The Emotet malware was considered the most widely spread malware in the past although at the start of the year, it was taken down by an international law enforcement action coordinated by Europol […]
November 15, 2021

Israeli organisations are being targeted and disrupted by Moses Staff with ransomless encryptions

In the recent weeks, a new hacker group called Moses Staff has been recently claiming responsibility for multiple attacks against Israeli entities, where they have gaining access to networks and systems owned by Israeli organisations and encrypt the files on the systems before leaking copies of the stolen files to the public. Based on the attacks that they have conducted […]
November 12, 2021

Customers urged to change passwords after German medical software vendor Medatixx experiences ransomware attack

On Friday 12th of November 2021, Medatixx, a German medical software vendor who provides medical software to over 21,000 health institutions, announced they had experienced a ransomware attack which has led to their operations being shut down. Shortly after the attack, they urged their customers and users to change their application passwords and passwords to all their workstations and servers […]
November 9, 2021

Europe’s largest consumer electronics retailer, MediaMarkt suffers ransomware attack

On Monday 8th of November 2021, MediaMarkt, Europe’s largest consumer electronics retailer experienced a ransomware attack which has led to IT systems being shut down and disrupts to stores in Netherlands, Germany, Belgium and Luxembourg. No ransomware gang has been named yet. Although a MediaMarkt spokesperson has confirmed that the company had been hit by a cyber-attack on the morning […]
November 3, 2021

BlackMatter affiliates move to LockBit to continue extortion of BlackMatter ransomware victims after BlackMatter shutdown

With the threat actors behind BlackMatter Ransomware announcing they were shutting down on Monday 1st of November 2021, the remaining affiliates have been moving their victims to the competing ransomware gang. LockBit to continue the extortion of their victims. This has been proven by the fact that in existing BlackMatter negotiation chats to victims, affiliates are now providing victims links […]
November 3, 2021

UK Labour Party announce data breach after being informed of ransomware attack

On Wednesday 3rd of November 2021, the Labour Party, a political party in the United Kingdom released a statement that revealed on 29th October 2021, they were contacted by a third party about a cyber incident that had resulted in a large volume of the Party’s data being made inaccessible. “We were informed of the cyber incident by the third […]
November 3, 2021

BlackMatter ransomware gang announce the shutdown of operations due to pressure from authorities

On Monday 1st of November 2021, the threat actors behind the BlackMatter Ransomware released an announcement on their ransomware-as-a-service (RaaS) website which is used by their affiliates to communicate with the core ransomware operators and receive support during operations. The announcement stated that the operation was going to shut down after 48 hours of the release of the announcement. Due […]