September 14, 2021

Olympus experiences disrupts due to potential BlackMatter Ransomware attack

On the 11th of September 2021, Olympus released a statement detailing they are currently investigating some suspicious activity. Olympus also stated that they had “immediately mobilized a specialized response team including forensics experts, and we are currently working with the highest priority to resolve this issue.” The statement also highlighted the fact that the attack affected areas of their EMEA […]
September 7, 2021

Ragnar Locker ransomware group threatens to publish stolen data if victims contact authorities

This week, an announcement has been made by The Ragnar Locker ransomware group on their data leak site, warning that they will leak stolen data from their victims that contact any law enforcement authorities. This warning also stated that hiring any recovery companies for negotiations will be seen as a hostile move against them and therefore they will publish the […]
September 7, 2021

The return of REvil? REvil servers are suddenly back online

The operation servers of the REvil ransomware gang, aka Sodinokibi, have just been turned on for the first time since July after their large-scale attack against Kaseya when they used a zero-day vulnerability in the Kaseya VSA remote management software to encrypt around 60 managed service providers (MSPs) and over 1,500 of their business customers. Their disappearance was noticed when […]
August 24, 2021

Accenture attacked by LockBit Ransomware

Accenture attacked by LockBit Ransomware The LockBit Ransomware gang have now targeted Accenture which is one of the major consultancy firms with over $40 billion revenue and more than 550,000 employees worldwide. The gang has threatened the firm by leaking the stolen data online (ransomware double extortion) if the company is not willing to pay the required ransom. $50 million […]
August 23, 2021

Italy’s Lazio region’s vaccination registration system down after IT systems were disabled by ransomware attack

On Sunday 1st of August 2021, one of Italy’s largest regions, Lazio region experienced a ransomware attack that caused the region’s IT systems to be disabled. It meant Lazio residents were not able to book new vaccination appointments through the region’s COVID-19 vaccination registration portal as it was also taken down by the attack. Nicola Zingaretti, the region’s president confirmed […]
August 18, 2021

Tokio Marine Holdings announce ransomware attack against their Singapore branch

This week, Tokio Marine Holdings, one of the largest property and casualty insurance group in Japan, announced that their Singapore branch, Tokio Marine Insurance Singapore (TMiS) had experienced a ransomware attack. Very little information about the incident has been released apart from their actions in response to the incident. Tokio Marine Holdings have state that the ransomware attack only affected […]
August 5, 2021

Conti Ransomware gang’s playbook leaked by unhappy affiliate

On 5th of August 2021, the playbook and training material of Conti ransomware gang were leaked on a popular Russian-speaking hacking forum site by an upset Conti affiliate. As the Conti Ransomware gang run their operations as a ransomware-as-a-service (RaaS), they recruit affiliates who they train to perform the ransomware attack. This model of operations means that the core team […]
July 14, 2021

REvil ransomware gang websites disappear – Is it the end?

The payment and blog websites of the famous Russian Ransomware gang “REvil” have suddenly become unreachable and have disappeared from the internet after the gang recently targeted Kaseya and demanded for a huge ransom of $70 million. REvil has been behind many big Ransomware attacks demanding for huge ransoms. One such example is the JBS (the world’s largest processor of […]
July 12, 2021

Coop supermarket – 500 stores closed due to Ransomware attack

On the 2nd of July 2021, approximately 500 Coop Supermarket in Sweden had to shut down due to their point-of-sale tills and self-service checkouts had stopped working. This is a result of the Kaseya supply chain attack by the REvil ransomware group as Coop’s cash registers are run by Visma Esscom, which manages servers for several Swedish businesses and in […]