April 16, 2023

Mac ransomware encryptors linked to LockBit founded

This week, it was discovered that the LockBit ransomware gang has created encryptors targeting Macs and it was confirmed by the public-facing representative of LockBit, known as LockBitSupp, that the Mac encryptor is “actively being developed”. The new ransomware encryptor was discovered by cybersecurity researchers MalwareHunterTeam and Florian Roth. An analysis of the Apple M1 encryptor revealed that parts of the encryptor were […]
April 15, 2023

BlackCat ransomware claims responsibility for the outage of NCR’s Aloha POS

On Saturday 15th of April 2023, the American software and technology consulting company NCR disclosed that they had suffered an outage since Wednesday at their data centers after being hit by a ransomware attack. The outage resulted in its Aloha point of sale platform being unavailable for its customers to utilize the system. NCR stated that they launched an investigation […]
April 10, 2023

Brand owner of KFC, Taco Bell and Pizza Hut disclose data breach following ransomware attack

On Thursday 6th of April 2023, Yum! Brands, the fast food brand operator of KFC, Pizza Hut, Taco Bell, and Habit Burger, started sending data breach notification letters to individuals whose personal information was stolen during a ransomware attack that happened on Friday 13th of January 2023. The notification letter revealed that during an ongoing investigation, Yum! Brands have found […]
April 7, 2023

MSI confirms network breach following ransomware attack claims by the Money Message ransomware group

On Friday 7th of April 2023, Micro-Star International (MSI) a Taiwanese PC vendor confirmed that its network was breached in a cyberattack. This confirmation came following claims by the Money Message ransomware gang who has claimed to have breached some of MSI’s systems and had stolen files that they are threatening to leak next week if the company refuses to pay […]
March 17, 2023

Hitachi Energy confirms data breach after CL0P’s wave of GoAnywhere attacks

On Friday 17th of March 2023, Hitachi Energy, a department of Japanese engineering and technology giant Hitachi confirmed it suffered a data breach after the Clop ransomware gang stole data using a zero-day vulnerability (CVE-2023-0669) in the Fortra GoAnywhere MFT (Managed File Transfer), that was first disclosed on February 2023. “We recently learned that a third-party software provider called FORTRA […]
March 13, 2023

HACLA housing authority discloses data breach after LockBit ransomware attack

Recently, the Housing Authority of the City of Los Angeles (HACLA) released a data breach notice following the LockBit ransomware gang listing HACLA on their Tor leak site. The data breach revealed that on Saturday 31st of December 2022, HACLA discovered that computer systems on its network had been encrypted which resulted in them being forced to shut down all […]
March 8, 2023

Medusa ransomware gang releases video of data stolen from Minneapolis Public Schools district

On Tuesday 7th of March 2023, the Medusa ransomware gang listed the Minneapolis Public Schools district as a victim on its Tor data leak site, threatening to publish all data it allegedly stole from the public school district by Friday the 17th of March 2023. The ransomware gang has demanded a payment of $1 million for the deletion of all data […]
March 7, 2023

Hospital Clínic de Barcelona heavily impacted by a ransomware attack

On Sunday 5th of March 2023, the Hospital Clínic de Barcelona suffered a ransomware attack that resulted in severe disruptions to its healthcare services after the organisation’s virtual machines were targeted by the attack. Following a statement issued by the Government of Catalonia, the Hospital Clínic de Barcelona suffered an attack by the RansomHouse ransomware operation. The statement also revealed […]
March 2, 2023

FBI releases joint advisory alert against the Royal ransomware gang

On Thursday 2nd of March 2023, the United States Federal Bureau of Investigation (FBI) released a joint TLP:WHITE cybersecurity advisory which revealed threat actors have been using the Royal ransomware since September 2022 where they have targeted numerous critical infrastructure sectors including, but not limited to, Manufacturing, Communications, Healthcare and Public Healthcare (HPH), and Education. It is believed that the […]