May 12, 2023

FBI releases joint advisory warning of Bl00dy ransomware targets education organisation in PaperCut attacks

On Thursday 11th of May 2023, the United States Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released a joint TLP:CLEAR cybersecurity advisory warning organisation that the Bl00dy Ransomware gang is now actively exploiting a PaperCut remote-code execution vulnerability (CVE-2023-27350) to gain initial access to networks. The advisory revealed that the Bl00dy Ransomware Gang attempted […]
May 7, 2023

Kroll reveals new Cactus ransomware that encrypts itself to evade antivirus

On Wednesday 10th of May 2023, Kroll revealed a new ransomware strain named ‘Cactus’ which has been exploiting vulnerabilities in VPN appliances for initial access to networks of large commercial entities since March 2023. The publication covering the strain revealed that the unique feature of the strain is its self-encryption capability. to make it difficult for antivirus software to detect […]
May 5, 2023

Ransomware attack against Constellation Software claimed by ALPHV ransomware gang

On the 4th of May 2023, Constellation Software confirmed that some of its systems were breached by threat actors who also stole personal information and business data. However, they added that the incident did not impact the independent IT systems of Constellation Software’s operating groups and businesses. Constellation Software has stated that it had contained the incident and has now […]
May 4, 2023

Avos ransomware gang hijacks university alert system to issue threats

On Sunday 30th of April 2023, Bluefield University disclosed that the university had suffered a cyberattack that impacted the IT systems, causing all examinations to be postponed. However, at that time it had claimed that its investigation had found no evidence of any cases of financial fraud or identity theft linked to the incident. Although on Monday 1st of May […]
May 3, 2023

Cl0p ransomware attack impacts 783k Brightline patients

This week, Brightline, a pediatric mental health provider released a data notice warning patients that it suffered a data breach impacting 783,606 people following a cyberattack by the Cl0p ransomware gang. It is believed that the ransomware gang used a zero-day vulnerability (CVE-2023-0669) in its Fortra GoAnywhere MFT secure file-sharing platform to steal the data from 130 organisations including Brightline. […]
April 24, 2023

Black Basta claims responsibility for a cyberattack against Yellow Pages Group

Last week, the Black Basta ransomware gang claimed responsibility for a cyberattack against the Yellow Pages Group, a Canadian directory publisher and posted a sample of sensitive documents and data. The posted sample included the following documents: ID documents (such as scans of passports and driver’s licenses) exposing people’s date of birth and address. Tax documents—exposing Social Insurance Number (SIN) Sales and […]
April 16, 2023

Mac ransomware encryptors linked to LockBit founded

This week, it was discovered that the LockBit ransomware gang has created encryptors targeting Macs and it was confirmed by the public-facing representative of LockBit, known as LockBitSupp, that the Mac encryptor is “actively being developed”. The new ransomware encryptor was discovered by cybersecurity researchers MalwareHunterTeam and Florian Roth. An analysis of the Apple M1 encryptor revealed that parts of the encryptor were […]
April 15, 2023

BlackCat ransomware claims responsibility for the outage of NCR’s Aloha POS

On Saturday 15th of April 2023, the American software and technology consulting company NCR disclosed that they had suffered an outage since Wednesday at their data centers after being hit by a ransomware attack. The outage resulted in its Aloha point of sale platform being unavailable for its customers to utilize the system. NCR stated that they launched an investigation […]
April 10, 2023

Brand owner of KFC, Taco Bell and Pizza Hut disclose data breach following ransomware attack

On Thursday 6th of April 2023, Yum! Brands, the fast food brand operator of KFC, Pizza Hut, Taco Bell, and Habit Burger, started sending data breach notification letters to individuals whose personal information was stolen during a ransomware attack that happened on Friday 13th of January 2023. The notification letter revealed that during an ongoing investigation, Yum! Brands have found […]