July 29, 2022

Microsoft draws connections between Raspberry Robin malware and Evil Corp attacks

On Thursday 28th of July 2022, Microsoft researchers revealed that an access broker (DEV-0206) they have been tracking has been observed using the Raspberry Robin Windows worm to deploy a malware downloader on networks as well as showing signs of Evil Corp pre-ransomware deploy tactics. According to Microsoft’s threat intelligence advisory, they have found Raspberry Robin malware on the networks of hundreds […]
July 27, 2022

LockBit make wrong claim about an attack on the Italian Revenue Agency

After LockBit’s claim of attacking the Italian Revenue Agency on the 25th, an investigation done by the Red Hot Cyber (RHC) open-news project has revealed that the stolen data is from another Italian organisation, GESIS Srl. The investigation discovered that the threat actor who stole the data was an affiliate and when asked if they were sure that the data […]
July 26, 2022

WordFly experiences a ransomware attack, resulting in the loss of stolen data

On Sunday 10th of July 2022, WordFly, a major mailing list provider experienced a ransomware attack which resulted in the WordFly website being taken offline as well as data related to their clients being stolen. In an announcement released on Tuesday 19th of July 2022, WordFly stated that their engineering team discovered a network disruption on Sunday 10th of July […]
July 25, 2022

LockBit ransomware group claim to have stolen 78 GB of files from the Italian Revenue Agency

On Monday 25th of July 2022, the LockBit ransomware group listed the Agenzia delle Entrate (Italian Revenue Agency) on their data leak site where they claimed to have stolen 78GB of data and are threatening to leak the allegedly stolen data if a ransom isn’t paid by Sunday 31st of July 2022. LockBit has claimed that the allegedly stolen data […]
July 25, 2022

St. Marys, a small Canadian town hit by LockBit ransomware

On Wednesday 20th of July 2022, the Canadian town of St. Marys in Ontario experienced a ransomware attack that locked staff out of internal systems and encrypted data. The incident has been claimed by the LockBit ransomware group who posted a listing on their data leak site as well as provided some of the screenshots of the stolen files as […]
July 22, 2022

Ransomware gang breaches digital security giant Entrust

On Wednesday 6th of July 2022, Entrust, a digital security giant confirmed that it experienced a cyberattack that occurred on Saturday 18th of June 2022, where threat actors breached their network and stole corporate data from internal systems. The confirmation of the incident was announced to Entrust’s customers via a security notice. The customers who could be affected by the […]
July 21, 2022

New Redeemer ransomware version promoted on hacker forums

Recently, the author of the ‘Redeemer’ ransomware has been seen promoting the latest version of the free-to-use C++ ransomware on hacker forums which provides amateur and unskilled threat actors with the opportunity to enter the market of ransomware. In the post by the author, the new version 2.0 works on Windows Vista, 7, 8, 10, and 11, and has many […]
July 20, 2022

Kaspersky reveals new Luna ransomware can encrypt Windows, Linux, and ESXi systems

On Wednesday 20th of July 2020, Kaspersky security researchers revealed a new ransomware family named Luna which can be used to encrypt devices running several operating systems, including Windows, Linux, and ESXi systems. The new ransomware family was discovered via a dark web ransomware forum ad which revealed that the Luna ransomware appears to be specifically tailored to be used […]
July 20, 2022

U.S. Department of Justice announces the seizure of $500,000 ransom payments made to Maui ransomware

On Tuesday 19th of July 2022, the U.S. Department of Justice announced the seizure of paid ransom payments totalled at approximately $500,000 in Bitcoin. These ransoms was paid by American health care providers to the operators of the Maui ransomware strain. It was revealed that as soon as the discovery of the ransomware strain was found, a Kansas hospital reported a […]