October 25, 2022

Hive ransomware group starts to leak data from a ransomware attack on Tata Power

On Tuesday 25th of October 2022, the Hive ransomware group claimed responsibility for a cyber attack that was disclosed on Friday 14th of October 2022 by a subsidiary of the multinational conglomerate Tata Group, Tata Power. They stated that they encrypted Tata Power’s data on Monday 3rd of October 2022. It is believed that the ransom negotiations failed as Hive […]
September 15, 2022

Cyberattack against Bell Canada subsidiary claimed by Hive ransomware gang

The Hive ransomware gang claimed responsibility for an attack that hit the systems of Bell Canada subsidiary Bell Technical Solutions (BTS). Within the data leak entry, Hive claims that they encrypted BTS’ systems almost a month ago, on Saturday 20th of August 2022. Even though BTS hasn’t disclosed when its network was breached or how the attack occurred, Bell Canada […]
September 6, 2022

Second largest U.S. school district LAUSD experiences disrupt from ransomware

On Tuesday 6th of September 2022, Los Angeles Unified (LAUSD), the second largest school district in the U.S., disclosed that a ransomware attack hit its Information Technology (IT) systems over the weekend. The incident has been reported to law enforcement and federal agencies and LAUSD is now working with those agencies as part of an ongoing investigation and incident response. […]
September 2, 2022

Hive ransomware group demands $2 million from Damart clothing store after ransomware attack

On Monday 15th of August 2022, Damart, a French clothing company published a message about unscheduled maintenance on the homepage of its online store. It was later revealed the unscheduled maintenance was due to Damart having to take proactive actions to contain a ransomware attack by the Hive ransomware group. The attack resulted in some of the company’s systems being […]
September 1, 2022

Government of Montenegro confirms ransomware attack, Cuba ransomware group claim responsible

On Wednesday 31st of August 2022, the government of Montenegro confirmed that ransomware was responsible for the damage and disruptions that have impacted its critical infrastructure. Public Administration Minister Maras Dukaj stated on local television that an organised cybercrime group was behind the attack. The minister was quoted saying that a “special virus” is used in the attack and there […]
August 31, 2022

Ragnar Locker ransomware claims attack on TAP Air Portugal

On the night of Thursday 25th of August, TAP Air Portugal, the flag carrier of Portugal, disclosed that their systems were hit by a cyber attack which resulted in their website and app being unavailable. The company stated that the attack had been blocked and added that it found no evidence indicating the attackers gained access to customer information stored […]
August 22, 2022

Greece’s largest natural gas distributor suffers a data breach and disruptions following an attack by the Ragnar Locker ransomware gang

On Saturday 20th of August 2022, Greece’s largest natural gas distributor, DESFA released a statement confirming that they suffered a data breach and IT system outage following a cyberattack. Although due to the quick response of its IT team, the intrusion was limited. However, some files and data were accessed and could be possibly exfiltrated so there is the risk […]
August 22, 2022

LockBit’s data leak sites shut down from DDoS attack, LockBit blames Entrust for attacks

Over the weekend of the 20th of August 2022, the LockBit ransomware operation’s data leak sites have been shut down due to a DDoS attack in response to LockBit claiming responsibility for the cyberattack against Entrust that occurred in July. LockBit started to leak data that was allegedly stolen from Entrust, including legal documents, marketing spreadsheets, and accounting data. Shortly […]
August 17, 2022

BlackByte ransomware gang returns with new extortion tactics

The BlackByte ransomware operation has returned with version 2.0 of their operation which introduces a new data leak site utilizing new extortion techniques borrowed from LockBit. Since their return, the BlackByte ransomware operation has been promoting a new data leak site on hacker forums and through Twitter accounts the threat actor seems to be controlling. At the time of writing, […]
Prev page
1234567891011121314151617
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.