August 11, 2022

FBI releases joint cybersecurity advisory against Zeppelin ransomware

On Thursday 11th of August 2022, the United States Federal Bureau of Investigation (FBI) released a joint TLP:WHITE cybersecurity advisory which revealed threat actors have been using the Zeppelin ransomware from 2019 through to at least June 2022 where a wide range of businesses and critical infrastructure organisations have been targeted, including defence contractors, educational institutions, manufacturers, technology companies, and […]
August 11, 2022

UK NHS services still recovering after ransomware attack against British MSP

On Thursday 4th of August 2022, Advanced, a British managed service provider (MSP) suffered a ransomware attack that occurred in the early morning. The incident resulted in seven of the solutions that Advanced offer being impacted. One of Advanced’s main customers was United Kingdom’s National Health Service (NHS) where emergency services (111) were disrupted due to the incident. When the […]
August 10, 2022

Cisco confirms attack by Yanluowang ransomware gang

On Wednesday 10th of August 2022, Cisco confirmed the Yanluowang ransomware group had breached its corporate network in late May and that the ransomware group tried to extort them under the threat of leaking stolen files online. Although Cisco confirmed that the incident had no impact on their business operations. This confirmation was released in a response to the Yanluowang […]
August 10, 2022

7-Eleven Denmark confirms store closures as a result of a ransomware attack

On Monday 8th of August 2022, 7-Eleven Denmark experienced a ransomware attack that resulted in the closure of 175 stores across Denmark as they were not able to accept payment or use their cash register. The incident was confirmed via a statement on Facebook. “This is a so-called ransomware attack, where the criminals have forced access to the network and […]
August 6, 2022

New GwisinLocker ransomware can target and encrypt Windows and Linux ESXi servers

This week, cybersecurity researchers at Ahnlab and ReversingLabs released reports on the new ransomware family called ‘GwisinLocker’ which has been seen targetting South Korean healthcare, industrial, and pharmaceutical companies with Windows and Linux encryptors. The reports also highlighted that these encryptors have support for encrypting VMware ESXi servers and virtual machines as well as using AES symmetric-key encryption with SHA256 […]
August 4, 2022

Highly disruptive cyberattack hits German Chambers of Industry and Commerce

On Thursday 4th of August, the Association of German Chambers of Industry and Commerce (DIHK) announced they had to shut down all of its IT systems and switch off digital services, telephones, and email servers, in response to a cyberattack to provide the IT teams time to resolve the incident and restore services. Some services have gradually become available again […]
August 2, 2022

German power electronics manufacturer Semikron experiences LV ransomware attack

On Monday 1st of August, the German power electronics manufacturer Semikron revealed they had experienced a ransomware attack that partially encrypted the company’s network as well as data being allegedly stolen. According to an alert issued by the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik), the ransomware operators are blackmailing the company and threatening to […]
August 1, 2022

BlackCat ransomware claims responsibility for an attack against a European gas pipeline

On Monday 25th of July 2022, the Encevo Group announced that two entities of the group had been victims of a cyber attack that occurred between Friday 22nd and Saturday 23rd of July 2022. The incident involved the customer portals becoming unavailable although, there were no interruptions to the supply of electricity and gas. A further update posted on Thursday […]
July 29, 2022

Microsoft draws connections between Raspberry Robin malware and Evil Corp attacks

On Thursday 28th of July 2022, Microsoft researchers revealed that an access broker (DEV-0206) they have been tracking has been observed using the Raspberry Robin Windows worm to deploy a malware downloader on networks as well as showing signs of Evil Corp pre-ransomware deploy tactics. According to Microsoft’s threat intelligence advisory, they have found Raspberry Robin malware on the networks of hundreds […]
Prev page
1234567891011121314151617181920212223242526272829
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.