March 22, 2022

IT systems of top Russian meat producer, Miratorg encrypted by threat actors using the Windows BitLocker feature

On Thursday 17th of March 2022, an announcement by Rosselkhoznadzor, the Russian federal veterinary and phytosanitary supervision service revealed that Miratorg Agribusiness Holding, Moscow-based meat producer and distributor has experienced a cyberattack which resulted in their IT systems being encrypted using the Windows BitLocker feature to encrypt files and therefore having a similar impact of a ransomware attack. Rosselkhoznadzor stated […]
March 22, 2022

Greece’s state-own provider of postal services brought offline due to ransomware attack

On Sunday 20th of March 2022, ELTA, the state-owned provider of postal services in Greece suffered ransomware attack which has resulted in most of the organization’s services being taken offline. ELTA disclosed the incident on Monday 21st of March 2022 where they stated the cause of the disruption to their services was in response to a cyber-attack that occurred on […]
March 21, 2022

RansomExx ransomware group conducts ransomware attack against the Scottish Association for Mental Health

On Thursday 17th of March 2022, Scottish Association for Mental Health (SAMH), a Scottish mental health charity suffered a ransomware attack which resulted in their email system at both national and local offices being affected as well as some of their phone lines being taken down. In an announcement on Monday 21st March 2022, Chief Executive Billy Watson released an […]
March 14, 2022

Recent Google threat report exposes access broker linked to Conti and Diavol ransomware operations

This week, Google’s Threat Analysis Group has exposed the operations of EXOTIC LILY threat group who are believed to be an initial access broker linked to the Conti and Diavol ransomware operations. They were first spotted when they were exploiting a zero-day vulnerability in Microsoft MSHTML and then based on further investigations, it was determined that they were using large-scale […]
March 14, 2022

DENSO, automotive components giant breached by the new Pandora ransomware gang

On Thursday 10th of March 2022, DENSO, one of the world’s largest automotive components manufacturers suffered a cyber-attack by the new Pandora ransomware gang which has led to a data breach. DENSO has confirmed that their corporate network in Germany was breached but there has been no impact on any production plants or facilities. On Sunday 13th of March 2022, […]
March 11, 2022

Bridgestone Americas confirms ransomware attack by LockBit ransomware gang

On Friday 11th of March 2022, the LockBit ransomware gang announced they had attacked Bridgestone which is the one of the largest manufacturers of tires in the world. Bridgestone had stated back on Sunday 27th of February that they were investigating a potential cyber-attack incident which has been detected in the morning of the 27th of February. But no details […]
March 10, 2022

REvil ransomware affiliate extradited to U.S. to stand trial for Kaseya attack

It has been announced that Yaroslav Vasinskyi, an alleged REvil ransomware affiliate has been extradited to the United States last week to stand trial for the Kaseya cyberattack. He was originally arrested on October 8th of 2021 when he was attempting to enter Poland from his native country of Ukraine. Shortly after his arrest, the U.S. Department of Justice announced […]
March 9, 2022

Updated Conti ransomware alert by CISA announce Conti’s involvement in over 1000 attacks

On Wednesday 9th of March 2022, CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the United States Secret Service (USSS) have re-released an advisory on Conti ransomware. The initial advisory was released on Wednesday 22nd of September 2021 and stated that they had observed Conti ransomware being used in more than 400 attacks on U.S. […]
March 7, 2022

FBI releases flash alert against RagnarLocker ransomware

On Monday 7th of March 2022, the United States Federal Bureau of Investigation (FBI) released a joint TLP:WHITE flash alert revealed that RagnarLocker ransomware gang has breached the networks of at least 52 organizations across 10 critical infrastructure sectors. These affected sectors include “entities in the critical manufacturing, energy, financial services, government, and information technology sectors”. This flash alert was […]