May 5, 2024

North Korea hacking teams hack South Korea defence contractors – police

North Korean hacking groups have targeted defense contractors in South Korea, according to police reports. The attackers were identified through an analysis of source IP addresses, signal re-routing structures, and malware signatures. Authorities, in collaboration with national intelligence agencies and private sector experts, traced the hacks back to these groups.The Hacking teams linked to North Korea’s intelligence apparatus and known […]
April 18, 2024

Cyberattack Takes Frontier Communications Offline

Texas-based Frontier Communications, a provider of local residential and business telecom services in 25 states, experienced a cyberattack. The breach allowed an unauthorized third party to access portions of its information technology environment, resulting in the theft of personally identifiable information (PII). As part of its containment measures, Frontier took certain systems offline, which led to an operational disruption that […]
April 15, 2024

EPA critical infrastructure contacts stolen, attackers claim

JSOutProx malware targets financial customers by delivering fake SWIFT payment notifications to businesses and fake MoneyGram templates to civilians.Currently, the threat group is targeting financial organizations in the Philippines, Laos, Singapore, Malaysia, India, and Saudi Arabia, which researchers believe is linked to China.
February 29, 2024

CISA: Admin Credentials of a Former Employee Leveraged to Compromise a State Government Organization

Cybersecurity and Infrastructure Security Agency (CISA) and Multi-State Information Sharing & Analysis Center (MS-ISAC) conducted an incident response assessment of a state government organization’s network environment after documents with host and user information, including metadata, were posted on a dark web brokerage site. An analysis confirmed that an unknown threat actor compromised network administrator credentials through the account of a […]
March 23, 2023

The City of Toronto confirm unauthorized access following Clop’s claims

This week has seen the City of Toronto added to Clop’s TOR data leak site following the ongoing GoAnywhere attack spree. The City of Toronto has claimed that they became aware of potential unauthorized access to City data On Monday 20th of March 2023. However, the City of Toronto has confirmed that unauthorized access to City data did occur through […]
April 21, 2022

FBI releases flash alert against the BlackCat ransomware gang

On Tuesday 19th of April 2022, the United States Federal Bureau of Investigation (FBI) released a joint TLP:WHITE flash alert which revealed the BlackCat ransomware gang, also known as ALPHV, has breached the networks of at least 60 organizations worldwide as of March 2022. The FBI also stated the BlackCat ransomware gang has been the first ransomware group to have […]
January 24, 2022

Hacktivist group claims attack on Belarusian Railway in protest of Russia activity in Belarus

On Monday 24th of January 2022, the hacktivist group Belarusian Cyber-Partisans claimed to have encrypted the servers belonging to the Belarusian Railway, Belarus’s national state-owned railway company in protest of Russia using Belarusian Railway’s rail transport network to move military units and equipment into the country. “We encrypted some of BR’s servers, databases and workstations to disrupt its operations. Automation […]
January 15, 2022

Russian police raids against REvil ransomware gang members results in seizure of $6.6 million

On Friday 14th of January 2022, the Federal Security Service of the Russian Federation (FSB) in cooperation with the Investigation Department of the Ministry of Internal Affairs of Russia conducted police raids at 25 addresses in the cities of Moscow, St. Petersburg, Moscow, Leningrad and Lipetsk regions, which were linked to 14 members of REvil ransomware gang.  The raids resulted […]
December 10, 2021

80,000 Australian government employees impacted by ransomware attack on Frontier Software

On Thursday 9th of December 2021, South Australian government disclosed that the sensitive personal information belonging to up to 80,000 Australian government employees have been compromised following a ransomware attack that targeted the systems of Frontier Software who are responsible for the South Australian government’s payroll software. “The ongoing forensic investigation and other response activities conducted by Frontier Software and CyberCX has now […]
Prev page
123
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.