February 29, 2024

Suspected Iranian Threat Actor UNC1549 Targets Israeli and Middle East Aerospace and Defense Sectors

Suspected Iran-nexus espionage activity targeting the aerospace, aviation and defense industries in Middle East countries, including Israel and the United Arab Emirates (UAE) and potentially Turkey, India, and Albania. Mandiant attributes this activity with moderate confidence to the Iranian actor UNC1549, which overlaps with Tortoiseshell—a threat actor that has been publicly linked to Iran’s Islamic Revolutionary Guard Corps (IRGC). Tortoiseshell […]
February 29, 2024

Black Basta ransomware attacks ZircoDATA company

ZircoDATA is the leading provider of secure document storage and records management (RIM) solutions from information governance and digital conversion to storage, language services and secure shredding since 1995.ZircoDATA has been attacked by the Black Basta Group, claiming 395 GB of data, including financial documents, personal user folders, and confidentiality agreements. There are at least 46 passport scans and 12 […]
June 8, 2023

MOVEit extortion attacks claimed by Clop ransomware gang

The Clop ransomware gang has confirmed that they are behind the MOVEit Transfer attacks where they have been exploiting a zero-day vulnerability to breach servers belonging to “hundreds of companies” and steal data. It has been revealed that the gang had started exploiting the vulnerability on Saturday 27th of May 2023, during the US Memorial Day holiday. At this time, the […]
June 8, 2023

Japanese pharmaceutical giant Eisai discloses ransomware attack

On Tuesday 6th of June 2023, Eisai, a Tokyo-based pharmaceutical company Eisai disclosed it suffered a ransomware incident over the weekend that impacted its operations following the threat actors encrypting some of its servers. In response to the attack, Eisai has taken many of its IT systems offline to contain the damage and prevent the spread of the locker to […]
June 1, 2023

2.5 million individuals impacted following ransomware against Harvard Pilgrim Health Care

Last week, Harvard Pilgrim Health Care (HPHC), a Massachusetts-based non-profit health services provider released a data breach notice disclosing that a ransomware attack it suffered in April 2023 impacted 2,550,922 people, as well as the threat actors stealing their sensitive data from compromised systems. The notice revealed that the threat actors had maintained access to HPHC’s systems between March 28 […]
May 29, 2023

8.9 million people impacted by MCNA Dental data breach after ransomware attack

On Friday 26th of May 2023, one of the largest government-sponsored (Medicaid and CHIP) dental care and oral health insurance providers in the U.S., Managed Care of North America (MCNA) Dental released a data breach notification, disclosing almost 9 million patients had their personal data were compromised. MCNA announced in the notice that it had become aware of unauthorized access […]
May 26, 2023

Attack against City of Augusta claimed by BlackByte ransomware gang

On Friday 2nd of June 2023, the city of Augusta in Georgia, U.S. confirmed that the recent IT system outage was caused by unauthorized access to its network. The city explained that it started experiencing technical difficulties on Sunday, May 21, which disrupted some of its computer systems. “Augusta’s Information Technology Department continues to work diligently to investigate the incident, to confirm […]
May 17, 2023

New MalasLocker ransomware demands charity donation after targeting Zimbra servers

This week, a new ransomware operation, dubbed MalasLocker by BleepingComputer, has been observed which is targeting Zimbra servers to steal emails and encrypt files since the end of March 2023. Although instead of demanding a ransom payment, the threat actors claim to require a donation to charity to provide an encryptor and prevent data leaking. “Unlike traditional ransomware groups, we’re […]
May 17, 2023

FBI releases joint advisory against the BianLian ransomware gang

On Tuesday 16th of May 2023, the United States Federal Bureau of Investigation (FBI) released a joint TLP:CLEAR cybersecurity advisory warning organisations of the latest tactics, techniques, and procedures (TTPs) used by the BianLian ransomware group. The advisory highlighted that BianLian is a ransomware developer, deployer, and data extortion cybercriminal group that has targeted organisations in multiple U.S. critical infrastructure sectors […]
Prev page
1234567891011121314151617
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.