August 22, 2022

Greece’s largest natural gas distributor suffers a data breach and disruptions following an attack by the Ragnar Locker ransomware gang

On Saturday 20th of August 2022, Greece’s largest natural gas distributor, DESFA released a statement confirming that they suffered a data breach and IT system outage following a cyberattack. Although due to the quick response of its IT team, the intrusion was limited. However, some files and data were accessed and could be possibly exfiltrated so there is the risk […]
August 16, 2022

Clop ransomware group attacked UK water supplier but extorted the wrong company

On Monday 15th of August 2022, South Staffordshire confirmed that they had experienced IT disruption from a cyberattack. The released announcement explained that the safety and water distribution systems are still operational and therefore there is no impact on the supply of safe water to its customers or those of its subsidiaries, Cambridge Water and South Staffs Water. “This is […]
August 15, 2022

PLAY ransomware hits Argentina’s Judiciary of Córdoba

On Saturday 13th of August 2022, Argentina’s Judiciary of Córdoba experienced a ransomware attack that resulted in them having to shut down its IT systems. The shutdown also resulted in the use of pen and paper for submitting official documents. Argentina’s Judiciary of Córdoba has confirmed they were hit by ransomware and have engaged with Microsoft, Cisco, Trend Micro, and […]
August 11, 2022

UK NHS services still recovering after ransomware attack against British MSP

On Thursday 4th of August 2022, Advanced, a British managed service provider (MSP) suffered a ransomware attack that occurred in the early morning. The incident resulted in seven of the solutions that Advanced offer being impacted. One of Advanced’s main customers was United Kingdom’s National Health Service (NHS) where emergency services (111) were disrupted due to the incident. When the […]
August 10, 2022

7-Eleven Denmark confirms store closures as a result of a ransomware attack

On Monday 8th of August 2022, 7-Eleven Denmark experienced a ransomware attack that resulted in the closure of 175 stores across Denmark as they were not able to accept payment or use their cash register. The incident was confirmed via a statement on Facebook. “This is a so-called ransomware attack, where the criminals have forced access to the network and […]
August 6, 2022

New GwisinLocker ransomware can target and encrypt Windows and Linux ESXi servers

This week, cybersecurity researchers at Ahnlab and ReversingLabs released reports on the new ransomware family called ‘GwisinLocker’ which has been seen targetting South Korean healthcare, industrial, and pharmaceutical companies with Windows and Linux encryptors. The reports also highlighted that these encryptors have support for encrypting VMware ESXi servers and virtual machines as well as using AES symmetric-key encryption with SHA256 […]
August 2, 2022

German power electronics manufacturer Semikron experiences LV ransomware attack

On Monday 1st of August, the German power electronics manufacturer Semikron revealed they had experienced a ransomware attack that partially encrypted the company’s network as well as data being allegedly stolen. According to an alert issued by the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik), the ransomware operators are blackmailing the company and threatening to […]
August 2, 2022

Spain’s Higher Council for Scientific Research experiences a ransomware attack

On Tuesday 2nd of August 2022, Spain’s Higher Council for Scientific Research (CSIC) experienced a ransomware attack on Saturday 16th and Sunday 17th of July 2022 which resulted in multiple centers being cut off from the Council’s network in an attempt to stop the spread of the ransomware. The incident was detected on Monday 18th of July 2022 and the […]
July 14, 2022

Holy Ghost ransomware operation linked to North Korean threat actors by Microsoft

On Thursday, 14th of July 2022, researchers at Microsoft Threat Intelligence Center (MSTIC) released a report which revealed they had been tracking the Holy Ghost ransomware gang which they have connected with North Korea. The Holy Ghost ransomware gang has been active for over a year but it has struggled to be as successful as other gangs. While Microsoft has […]
Prev page
123456789101112131415
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.