June 30, 2022

Macmillan Publishers’s systems were forced offline by a possible ransomware attack

On Monday 25th of June, the book publisher, Macmillan disclosed they had experienced a cyber-attack which has been believed to be a ransomware attack by experts as the publisher had initially stated that a portion of the company’s files had been encrypted and that they had taken protection measures by taking their systems offline to prevent further compromise. Employees of […]
June 29, 2022

Walmart denies claims of successful attack conducted by Yanluowang ransomware group

On Monday 27th of June 2020, the new Yanluowang ransomware operation claimed in a published entry to their data leak site that they had breached, the American retailer, Walmart and encrypted between 40,000 and 50,000 devices. Additionally, various files were uploaded with the entry which allegedly contains information extracted from Walmart’s Windows domain during the attack. “We encrypted about 40-50k Walmart […]
June 29, 2022

Ex-Canadian government employee linked to NetWalker Ransomware crew pleads guilty to U.S. ransomware charges

On Tuesday 28th of June 2022, 34-year-old Sebastien Vachon-Desjardins pleaded guilty in a US court to conspiring to commit computer and wire fraud, intentionally damaged a protected computer, and transmitted a demand in relation to damaging a protected computer. The former Canadian government employee has been described as “one of the most prolific NetWalker Ransomware affiliates” responsible for extorting said millions […]
June 29, 2022

Ransomware is believed to be the culprit for the cyber attack against Wiltshire Farm Foods

On Sunday 26th of June 2022, Wiltshire Farm Foods, a leading UK producer of frozen ready meals disclosed that its systems had been taken down after experiencing a serious cyber-attack. The incident has resulted in the company being unable to make deliveries to their customers and is unable to contact customers personally due to them not having access to their […]
June 28, 2022

Black Basta ransomware gang are on track to become a highly dangerous group after hitting 50 organisations in just two months

Two recent reports by cyber security researchers have revealed that the new ransomware group known as Black Basta have claimed to have successfully attacked 50 victims in just two months while also revealing that the new group has links to veteran gangs like REvil and Conti. “The Black Basta gang has added nearly 50 victims to their list as of […]
June 28, 2022

Chip manufacturing giant AMD investigating claims of stolen data

On Monday 27th of June 2022, the RansomHouse extortion group added AMD to their list of victims on their darknet site where they claimed to have stolen more than 450 GB in the January attack. There were some rumours earlier this year that AMD was hit by ransomware, but they were never confirmed officially confirmed. Based on an examined sample […]
June 7, 2022

Mandiant confirms no evidence of an attack from the LockBit ransomware group

On Monday 6th of June, the LockBit ransomware gang published a new page on their data leak website that named Mandiant, a major American cybersecurity firm as the victim where they claimed to have stolen 356,841 files from Mandiant. On further investigation of the new page, there is a 0-byte file named ‘mandiantyellowpress.com.7z’ displayed on the page which appears to […]
June 6, 2022

The municipality of Palermo suffers major disruptions due to a ransomware attack

On Friday 3rd of June, the municipality of Palermo in Southern Italy suffered a cyberattack which resulted in a wide range of operations and services used by both citizens and visiting tourists being impacted. The systems have remained offline for the past three days even though local IT experts have been trying to restore the systems. According to multiple local […]
June 2, 2022

Evil Corp attempts to evade sanctions by switching to LockBit ransomware

On Thursday 2nd of June 2020, Mandiant revealed that the Evil Corp cybercrime group has now switched to deploying LockBit ransomware on targets’ networks to evade sanctions imposed by the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC). The cybercrime group has been active since 2007 and was originally known for using the Dridex malware but in more recent […]