November 30, 2021

FBI name known affiliate of REvil ransomware gang in court documents that revealed they had seized $2.3 million in Bitcoins

On Tuesday 30th of November 2021, the FBI revealed they had seized $2.3 million in Bitcoins on August 3rd, 2021, from a well-known REvil and GandCrab ransomware affiliate Aleksandr Sikerin, in a “complaint for forfeiture” court documents that were filed. The FBI didn’t disclose how they had gained access to the Exodus wallet where the 39.89138522 Bitcoins were originally being […]
November 28, 2021

A surge of eCh0raix ransomware attacks seen over the Christmas holidays, targeting QNAP NAS devices

Recently users of QNAP network-attached storage (NAS) devices have been reporting their systems are being attacked by the eCh0raix ransomware, also known as QNAPCrypt. The initial infection vector of these attacks is still unclear but some of the incidents are believed to be due to users not properly securing their devices. As soon as the threat actor is within the […]
November 20, 2021

Personal information leaked after Pacific City Bank hit by AvosLocker Ransomware

This week, Pacific City Bank, one of the largest Korean American community banking service providers in America, has disclosed that they experienced a ransomware attack that occurred on the 30th of August 2021. The bank informed their clients of an incident and disclosed that the threat actors had obtained information from their systems including Loan application forms, Tax return documents, […]
November 19, 2021

US federal bank regulators approve new rule ordering banks to report cyberattacks within 36 hours

On Thursday 18th of November 2021, US federal bank regulatory agencies approved a new rule that requires banks to notify their primary federal regulators of significant computer-security incidents within 36 hours. Currently banks are only required to report major cyberattacks if they have or will likely impact their operations, the ability to deliver banking products and services, or the US financial […]
November 17, 2021

US releases joint advisory warning companies of Iranian APT group that has been involved in ransomware attacks

On Wednesday 17th of November 2021, Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) released a joint cybersecurity advisory where they warned of ongoing malicious cyber activity that FBI, CISA, ACSC, and NCSC have observed and associated with an advanced persistent threat (APT) group that is […]
November 15, 2021

Cyber security research groups observe signs of Emotet malware returning and rebuilding its botnet via TrickBot

On Monday 15th of November 2021, Emotet research groups Cryptolaemus, GData, and Advanced Intel started to observe the TrickBot malware dropping a loader for Emotet on infected devices. The Emotet malware was considered the most widely spread malware in the past although at the start of the year, it was taken down by an international law enforcement action coordinated by Europol […]
November 2, 2021

FBI warn ransomware gangs are targeting companies during time-sensitive financial events

On Monday 1st of November 2021, the United States Federal Bureau of Investigation (FBI) released a TLP: WHITE private industry notification where they warned that threat actors from ransomware gangs are starting to target companies that involved in significant, time-sensitive financial events like corporate mergers and acquisitions in the hope that these events will encourage these target companies to pay […]
November 1, 2021

Canadian province of Newfoundland and Labrador healthcare providers hit by possible ransomware attack

On Saturday 30th of October 2021, healthcare providers and hospitals from the Canadian province of Newfoundland and Labrador experienced a possible ransomware attack. The attack led to the regional health systems having to shut down their networks and thousands of medical appointments were cancelled because of the outage. It has been confirmed that the outage is a result of a […]
October 21, 2021

Carbanak hacking group enters ransomware space by creating a fake cybersecurity company

On Thursday 21st of October 2021, researchers at Gemini Advisory released a blog detailing evidence that FIN7 (aka ‘Carbanak’) hacking group has set up a fake cybersecurity company known as Bastion Security which was being used to hire pentesters and system administrators to conduct pre-encryption stages of ransomware attacks. Researchers discovered Bastion Security website was made up of stolen and […]
Prev page
1234567891011121314151617
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.