September 10, 2022

A growing number of ransomware gangs adopting new intermittent encryption tactic

In recent months, a growing number of ransomware groups have been observing using a new tactic, intermittent encryption that helps them encrypt their victims’ systems faster while reducing the chances of being detected and stopped. This involves encrypting only parts of the targeted files’ content, which would still render the data unrecoverable without using a valid decryptor and key. This tactic […]
September 6, 2022

FBI releases joint advisory warning of Vice Society ransomware attacks on school districts

On Tuesday 6th of September 2022, the United States Federal Bureau of Investigation (FBI) released a joint TLP:WHITE cybersecurity advisory which revealed that multiple agencies have observed Vice Society threat actors disproportionately targeting the education sector with ransomware attacks. The impacts of ransomware attacks against the education sectors have ranged from restricted access to networks and data, delayed exams, cancelled […]
September 6, 2022

Second largest U.S. school district LAUSD experiences disrupt from ransomware

On Tuesday 6th of September 2022, Los Angeles Unified (LAUSD), the second largest school district in the U.S., disclosed that a ransomware attack hit its Information Technology (IT) systems over the weekend. The incident has been reported to law enforcement and federal agencies and LAUSD is now working with those agencies as part of an ongoing investigation and incident response. […]
September 2, 2022

Italian energy agency GSE hit by BlackCat ransomware group

On the Sunday night of the 28th of August 2022, Italy’s energy agency, Gestore dei Servizi Energetici SpA he experienced a ransomware attack by the BlackCat/ALPHV ransomware gang who claimed responsibility for the attack. It has been reported that GSE’s website and systems were taken down to block the threat actors from gaining access to the data on GSE’s systems. […]
September 2, 2022

Hive ransomware group demands $2 million from Damart clothing store after ransomware attack

On Monday 15th of August 2022, Damart, a French clothing company published a message about unscheduled maintenance on the homepage of its online store. It was later revealed the unscheduled maintenance was due to Damart having to take proactive actions to contain a ransomware attack by the Hive ransomware group. The attack resulted in some of the company’s systems being […]
September 1, 2022

Government of Montenegro confirms ransomware attack, Cuba ransomware group claim responsible

On Wednesday 31st of August 2022, the government of Montenegro confirmed that ransomware was responsible for the damage and disruptions that have impacted its critical infrastructure. Public Administration Minister Maras Dukaj stated on local television that an organised cybercrime group was behind the attack. The minister was quoted saying that a “special virus” is used in the attack and there […]
August 31, 2022

Ragnar Locker ransomware claims attack on TAP Air Portugal

On the night of Thursday 25th of August, TAP Air Portugal, the flag carrier of Portugal, disclosed that their systems were hit by a cyber attack which resulted in their website and app being unavailable. The company stated that the attack had been blocked and added that it found no evidence indicating the attackers gained access to customer information stored […]
August 29, 2022

Baker & Taylor, a leading library services firm confirms the ransomware attack

On Tuesday 23rd of August 2022, Baker & Taylor, a leading distributor of books to libraries around the world, confirmed that they experienced a ransomware attack which resulted in Baker & Taylor’s servers being taken down after an outage that impacted the company’s phone systems, offices, and service centres. “As an update, the source of the disruption is a ransomware […]
August 24, 2022

The attack against Bombardier RecreationalProducts claimed by the RansomEXX ransomware group

On Monday 8th of August 2022, Bombardier Recreational Products (BRP), a Canadian maker of Ski-Doo snowmobiles, Sea-Doo jet skis, ATVs, motorcycles, watercraft, and Rotax engines confirmed that they were a target of a cyber attack which resulted in Bombardier Recreational Products taking immediate measures that suspended their operations temporarily. On Monday 15th of August 2022, Bombardier Recreational Products provided an […]