March 11, 2022

Bridgestone Americas confirms ransomware attack by LockBit ransomware gang

On Friday 11th of March 2022, the LockBit ransomware gang announced they had attacked Bridgestone which is the one of the largest manufacturers of tires in the world. Bridgestone had stated back on Sunday 27th of February that they were investigating a potential cyber-attack incident which has been detected in the morning of the 27th of February. But no details […]
March 10, 2022

REvil ransomware affiliate extradited to U.S. to stand trial for Kaseya attack

It has been announced that Yaroslav Vasinskyi, an alleged REvil ransomware affiliate has been extradited to the United States last week to stand trial for the Kaseya cyberattack. He was originally arrested on October 8th of 2021 when he was attempting to enter Poland from his native country of Ukraine. Shortly after his arrest, the U.S. Department of Justice announced […]
March 9, 2022

Updated Conti ransomware alert by CISA announce Conti’s involvement in over 1000 attacks

On Wednesday 9th of March 2022, CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the United States Secret Service (USSS) have re-released an advisory on Conti ransomware. The initial advisory was released on Wednesday 22nd of September 2021 and stated that they had observed Conti ransomware being used in more than 400 attacks on U.S. […]
March 7, 2022

FBI releases flash alert against RagnarLocker ransomware

On Monday 7th of March 2022, the United States Federal Bureau of Investigation (FBI) released a joint TLP:WHITE flash alert revealed that RagnarLocker ransomware gang has breached the networks of at least 52 organizations across 10 critical infrastructure sectors. These affected sectors include “entities in the critical manufacturing, energy, financial services, government, and information technology sectors”. This flash alert was […]
March 3, 2022

Avast releases free HermeticRansom ransomware decryptor based on weakness in crypto schema

On Thursday 3rd of March 2022, Avast, a Czech cybersecurity software firm announced that they had released a free decryption tool for HermeticRansom ransomware which has been observed being used in targeted attacks against Ukrainian systems. Avast first observed the ransomware strain on the 24th of February 2022 as it was found accompanying the data wiper HermeticWiper. Based on analysis […]
March 1, 2022

Toyota shuts down all plants in Japan after cyber-attack on major

On Monday 28th of February 2022, Toyota, the world’s bestselling carmaker had to halt their operations at all their plants in Japan due to one of their suppliers, Kojima Industries Corporation experiencing a system failure which is believed to be due to a cyber-attack. It is believed that the closure will result in a set back of about 13,000 cars. […]
February 27, 2022

U.S. Marshals Service reveal data theft following a ransomware attack

On Monday 27th of February 2023, the U.S. Marshals Service (USMS), a bureau within the U.S. Justice Department, revealed that they experienced a ransomware attack and had discovered data exfiltration of a stand-alone system on Friday, 17th of February 2023. The USMS has stated they are investigating the theft of sensitive law enforcement information following the ransomware attack and that […]
February 25, 2022

TrickBot developers move to stealthier malware after TrickBot malware operation shuts down

On Thursday 24th of February 2022, the TrickBot malware operation is believed to have shut down after it was reported that their core developers have move to the Conti ransomware gang to focus development on the other malware families which Conti has in their operations. TrickBot has been a key Windows malware which has been part of the threat landscape […]
February 25, 2022

Cyber threat groups pick sides over Russia’s invasion of Ukraine

The week of the 21st of February 2022 has seen threat actor groups announce their support in relation to Russia’s invasion of Ukraine. The one of the first announcements were from an administrator of Raidforums which is one of the largest clearnet hacking forums who announced that the forum was blocking all Russia IPs and therefore block any users connecting […]