April 18, 2022

Kaspersky add new support to their free RannohDecryptor utility which allows for the decryption of files encrypted by the Yanluowang ransomware strain

On Monday 18th of April 2022, Kaspersky, a Russian cybersecurity firm announced that they had found a vulnerability in Yanluowang ransomware’s encryption algorithm, which makes it possible to recover files it encrypts. Kaspersky has stated they’ve added support for decrypting files locked by the Yanluowang ransomware strain to their free RannohDecryptor utility.  Yanluowang ransomware strain has been observed to encrypt […]
March 14, 2022

Recent Google threat report exposes access broker linked to Conti and Diavol ransomware operations

This week, Google’s Threat Analysis Group has exposed the operations of EXOTIC LILY threat group who are believed to be an initial access broker linked to the Conti and Diavol ransomware operations. They were first spotted when they were exploiting a zero-day vulnerability in Microsoft MSHTML and then based on further investigations, it was determined that they were using large-scale […]
March 11, 2022

Bridgestone Americas confirms ransomware attack by LockBit ransomware gang

On Friday 11th of March 2022, the LockBit ransomware gang announced they had attacked Bridgestone which is the one of the largest manufacturers of tires in the world. Bridgestone had stated back on Sunday 27th of February that they were investigating a potential cyber-attack incident which has been detected in the morning of the 27th of February. But no details […]
March 1, 2022

Toyota shuts down all plants in Japan after cyber-attack on major

On Monday 28th of February 2022, Toyota, the world’s bestselling carmaker had to halt their operations at all their plants in Japan due to one of their suppliers, Kojima Industries Corporation experiencing a system failure which is believed to be due to a cyber-attack. It is believed that the closure will result in a set back of about 13,000 cars. […]
December 17, 2021

Hellmann Worldwide warns clients of possible phishing campaigns after ransomware attack

On Thursday 9th of December 2021, Hellmann Worldwide, an international logistics that handles 16 million shipments per year has disclosed that they experienced a ransomware attack which resulted in Hellmann Worldwide being forced to shut down their systems to contain the spread of the ransomware. Hellmann Worldwide has confirmed that during the forensic investigation that they have conducted, they have discovered evidence […]
October 17, 2021

REvil ransomware group’s Tor sites shut down after being hijacked

On the 17th of October 2021, the Tor sites of REvil ransomware gang went offline after an unknown person hijacked the Tor onion domains with the same private keys as REvil’s Tor sites and may have backups of the sites. One of the threat actors “0_neday”, affiliated with the REvil operation has confirmed that someone has hijack the ransomware gang’s […]
July 12, 2021

Coop supermarket – 500 stores closed due to Ransomware attack

On the 2nd of July 2021, approximately 500 Coop Supermarket in Sweden had to shut down due to their point-of-sale tills and self-service checkouts had stopped working. This is a result of the Kaseya supply chain attack by the REvil ransomware group as Coop’s cash registers are run by Visma Esscom, which manages servers for several Swedish businesses and in […]
July 4, 2021

MSP supply chains attacked through the Kaseya VSA in US

On the 3rd of July 2021, the IT solutions developer company Kaseya, announced that it had become the victim of a REvil ransomware attack on July 2. The goal of the attack to target multiple MSP and their customers (Managed Service Provider) through a supply chain attack that leveraged a vulnerability in Kaseya’s VSA software. Due to this attack more […]
May 28, 2021

Lorenz ransomware group involved – Canada Post Ransomware

On May 19, 2021, Canada post, the primary postal operator in Canada had to inform several of its large commercial customers that a ransomware attack that hit one of its third service providers, Commport Communications had exposed the commercial companies’ customers shipping information. In total, the attack affected 44 of Canada Post’s commercial customers and over 950,000 receiving customers. In […]
Prev page
1234
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.