February 10, 2023

A10 Networks confirms Play ransomware attack

Earlier this week, A10 Networks, a USA-based networking hardware manufacturer confirmed that the Play ransomware gang briefly gained access to its IT infrastructure and compromised data. A10 Networks stated that the incident occurred on Monday 23rd of January 2023, which lasted for a few hours before its IT team managed to stop the intrusion. Following an investigation into the incident, […]
February 10, 2023

The City of Oakland confirms systems are offline after a ransomware attack

On Wednesday 8th of February 2023, the local government of the City of Oakland was hit by a ransomware attack that resulted in them having to take all systems offline until the network is secured and affected services are brought back online. Even though they had to take all systems offline, the city has confirmed that the attack has not […]
February 10, 2023

CISA releases cybersecurity advisory against North Korean ransomware activity

On Thursday 9th of February 2023, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) released a new cybersecurity advisory that describes recently observed tactics, techniques, and procedures (TTPs) observed with North Korean ransomware operations against public health and other critical infrastructure sectors. The advisory also noted that the funds that were extorted, were being used to support the North Korean […]
February 9, 2023

US and UK announce sanction against TrickBot and Conti ransomware members

On Thursday 9th of February 2023, the United States and the United Kingdom sanctioned seven individuals for their involvement in the TrickBot malware operation. This sanction is the first of its kind for the UK to disrupt Russian cybercrime and ransomware. As a result of these sanctions, all property and funds in the United States and the United Kingdom belonging […]
February 8, 2023

Pharmaceutical distributor AmerisourceBergen confirms subsidiary data breach

This week, the Pharmaceutical distributor AmerisourceBergen confirmed that they suffered a cyber attack against one of its subsidiaries following the Lorenz ransomware gang listing AmerisourceBergen with allegedly stolen data on its extortion site. AmerisourceBergen also confirmed that the threat actors compromised the IT system of the targeted subsidiary which could have given the ransomware group a chance to exfiltrate data […]
February 2, 2023

LockBit ransomware group claim a cyber attack against ION Group

On the 31st of January 2023, ION Group, a UK-based software company that provides products to financial institutions, banks, and corporations for trading, investment management, and market analytics, disclosed that they had been targeted by a cyber attack that impacted their ION Cleared Derivatives. As a result of the attack, all the affected servers are disconnected which led to a […]
February 1, 2023

LockBit ransomware group announce a new encryptor based on the leaked source code of Conti ransomware

This week, it was revealed that the LockBit ransomware gang has released their latest encryptor named “LockBit Green”. After analyse by cyber security analysts and information disclosed by the ransomware group, it has been revealed that the new encryptor “LockBit Green” is based on the leaked source code of the former Conti ransomware. Furthermore, the cybersecurity firm PRODAFT stated that […]
February 1, 2023

Arnold Clark reveal that customer data was stolen in a cyber attack claimed by Play ransomware

This week, the self-described as Europe’s largest independent car retailer, Arnold Clark notified some of its customers that their personal information was stolen in a cyber attack on the 23rd of December 2022 that was claimed by the Play ransomware group. It is believed that the stolen data includes ID information and banking details. In response to the cyber attack, […]
January 26, 2023

US Department of Justice announce an international law enforcement operation against the Hive ransomware operation

On the 26th of January 2023, the US Department of Justice along with the FBI and Europol announced an international law enforcement operation against the Hive ransomware operation which resulted in the Hive ransomware operation’s Tor payment and data leak sites being seized. The law enforcement operation involved the FBI and other international partners secretly infiltrating the Hive ransomware gang’s […]