April 24, 2023

Black Basta claims responsibility for a cyberattack against Yellow Pages Group

Last week, the Black Basta ransomware gang claimed responsibility for a cyberattack against the Yellow Pages Group, a Canadian directory publisher and posted a sample of sensitive documents and data. The posted sample included the following documents: ID documents (such as scans of passports and driver’s licenses) exposing people’s date of birth and address. Tax documents—exposing Social Insurance Number (SIN) Sales and […]
April 16, 2023

Mac ransomware encryptors linked to LockBit founded

This week, it was discovered that the LockBit ransomware gang has created encryptors targeting Macs and it was confirmed by the public-facing representative of LockBit, known as LockBitSupp, that the Mac encryptor is “actively being developed”. The new ransomware encryptor was discovered by cybersecurity researchers MalwareHunterTeam and Florian Roth. An analysis of the Apple M1 encryptor revealed that parts of the encryptor were […]
April 15, 2023

BlackCat ransomware claims responsibility for the outage of NCR’s Aloha POS

On Saturday 15th of April 2023, the American software and technology consulting company NCR disclosed that they had suffered an outage since Wednesday at their data centers after being hit by a ransomware attack. The outage resulted in its Aloha point of sale platform being unavailable for its customers to utilize the system. NCR stated that they launched an investigation […]
April 10, 2023

Brand owner of KFC, Taco Bell and Pizza Hut disclose data breach following ransomware attack

On Thursday 6th of April 2023, Yum! Brands, the fast food brand operator of KFC, Pizza Hut, Taco Bell, and Habit Burger, started sending data breach notification letters to individuals whose personal information was stolen during a ransomware attack that happened on Friday 13th of January 2023. The notification letter revealed that during an ongoing investigation, Yum! Brands have found […]
March 21, 2023

Saks Fifth Avenue confirms cyber security incident concerning Clop ransomware gang’s claims

On Monday 20th of March 2023, the Clop ransomware gang claimed to have attacked Saks Fifth Avenue on its dark web leak site. It is believed that the incident is a part of the gang’s ongoing attacks against vulnerable GoAnywhere MFT servers using the CVE-2023-0669 vulnerability. Since the post was released, sources have contacted Saks and a spokesperson confirmed the […]
March 13, 2023

HACLA housing authority discloses data breach after LockBit ransomware attack

Recently, the Housing Authority of the City of Los Angeles (HACLA) released a data breach notice following the LockBit ransomware gang listing HACLA on their Tor leak site. The data breach revealed that on Saturday 31st of December 2022, HACLA discovered that computer systems on its network had been encrypted which resulted in them being forced to shut down all […]
March 8, 2023

Medusa ransomware gang releases video of data stolen from Minneapolis Public Schools district

On Tuesday 7th of March 2023, the Medusa ransomware gang listed the Minneapolis Public Schools district as a victim on its Tor data leak site, threatening to publish all data it allegedly stole from the public school district by Friday the 17th of March 2023. The ransomware gang has demanded a payment of $1 million for the deletion of all data […]
March 7, 2023

Hospital Clínic de Barcelona heavily impacted by a ransomware attack

On Sunday 5th of March 2023, the Hospital Clínic de Barcelona suffered a ransomware attack that resulted in severe disruptions to its healthcare services after the organisation’s virtual machines were targeted by the attack. Following a statement issued by the Government of Catalonia, the Hospital Clínic de Barcelona suffered an attack by the RansomHouse ransomware operation. The statement also revealed […]
March 2, 2023

FBI releases joint advisory alert against the Royal ransomware gang

On Thursday 2nd of March 2023, the United States Federal Bureau of Investigation (FBI) released a joint TLP:WHITE cybersecurity advisory which revealed threat actors have been using the Royal ransomware since September 2022 where they have targeted numerous critical infrastructure sectors including, but not limited to, Manufacturing, Communications, Healthcare and Public Healthcare (HPH), and Education. It is believed that the […]