November 1, 2021

Canadian province of Newfoundland and Labrador healthcare providers hit by possible ransomware attack

On Saturday 30th of October 2021, healthcare providers and hospitals from the Canadian province of Newfoundland and Labrador experienced a possible ransomware attack. The attack led to the regional health systems having to shut down their networks and thousands of medical appointments were cancelled because of the outage. It has been confirmed that the outage is a result of a […]
October 30, 2021

Chaos ransomware variant targets Minecraft players in Japan

On Thursday 28th of October 2021, cyber security researchers from FortiGuard Labs released a report revealing they had recently discovered variant of the Chaos ransomware that is being used to target Minecraft players in Japan. The FortiGuard Labs researchers have stated that this variant is unique due to the fact they not only encrypt certain files of a size smaller […]
October 26, 2021

FBI releases flash alert against Ranzy Locker ransomware

On Monday 25th of October 2021, the United States Federal Bureau of Investigation (FBI) announced that Ranzy Locker ransomware operators have compromised at least 30 US companies this year from various industry sectors. In a TLP: WHITE flash alert, the FBI states that the victims of the Ranzy Locker ransomware attacks included “the construction subsector of the critical manufacturing sector, […]
October 22, 2021

All extortion gangs called on to attack US interests by Groove ransomware gang

On Friday 22nd of October 2021, the Groove ransomware gang released a Russian blog post in Russian which calls for all other ransomware operations to target US interests. This blog comes about after REvil was taken down because of an international law enforcement operation that included support from the FBI. “I urge not to attack Chinese companies, because where do […]
October 21, 2021

Evil Corp launch new Macaw Locker ransomware to evade US sanctions

Recently, a new ransomware called Macaw Locker launched by Evil Corp, has entered the ransomware space. It is believed that Evil Corp have released this new ransomware to evade US sanctions that prevent victims from making ransom payments. This is not the first time that Evil Corp have released a new ransomware to evade the US sanctions that were placed […]
October 18, 2021

Attacks on ten Israeli hospitals attributed to Chinese threat actors

On the 17th of October 2021, the Ministry of Health and the National Cyber Directorate in Israel released a joint announcement details a spike in ransomware attacks over the weekend of the 16th that has seen by targeting systems of nine health institutes in Israel. The Israeli government have stated that the attempts had resulted in no damage to the […]
October 17, 2021

REvil ransomware group’s Tor sites shut down after being hijacked

On the 17th of October 2021, the Tor sites of REvil ransomware gang went offline after an unknown person hijacked the Tor onion domains with the same private keys as REvil’s Tor sites and may have backups of the sites. One of the threat actors “0_neday”, affiliated with the REvil operation has confirmed that someone has hijack the ransomware gang’s […]
September 24, 2021

Disruptions to major European call center provider- Covisian after Conti Ransomware attack

On Saturday 18th of September 2021, GSS, the Spanish and Latin America division of Covisian was hit by a ransomware attack by the Conti ransomware gang. The attack led to them having to shut down a large portion of their IT systems and led to disruptions to call centers across its Spanish-speaking client base. Some of the impacted clients included […]
September 22, 2021

IT systems of Crystal Valley Cooperative brought down due to ransomware attack

On the 19th of September 2021, Crystal Valley experienced a ransomware attack that led to them having to shut down their IT systems and resulting in payments being paid to the farm supply and grain marketing cooperative via Visa, Mastercard and Discover Credit cards were stopped. Currently it is unknown which ransomware group are behind the attack. “On Sunday, September […]