September 14, 2021

Olympus experiences disrupts due to potential BlackMatter Ransomware attack

On the 11th of September 2021, Olympus released a statement detailing they are currently investigating some suspicious activity. Olympus also stated that they had “immediately mobilized a specialized response team including forensics experts, and we are currently working with the highest priority to resolve this issue.” The statement also highlighted the fact that the attack affected areas of their EMEA […]
September 7, 2021

Ragnar Locker ransomware group threatens to publish stolen data if victims contact authorities

This week, an announcement has been made by The Ragnar Locker ransomware group on their data leak site, warning that they will leak stolen data from their victims that contact any law enforcement authorities. This warning also stated that hiring any recovery companies for negotiations will be seen as a hostile move against them and therefore they will publish the […]
September 7, 2021

The return of REvil? REvil servers are suddenly back online

The operation servers of the REvil ransomware gang, aka Sodinokibi, have just been turned on for the first time since July after their large-scale attack against Kaseya when they used a zero-day vulnerability in the Kaseya VSA remote management software to encrypt around 60 managed service providers (MSPs) and over 1,500 of their business customers. Their disappearance was noticed when […]
August 18, 2021

Tokio Marine Holdings announce ransomware attack against their Singapore branch

This week, Tokio Marine Holdings, one of the largest property and casualty insurance group in Japan, announced that their Singapore branch, Tokio Marine Insurance Singapore (TMiS) had experienced a ransomware attack. Very little information about the incident has been released apart from their actions in response to the incident. Tokio Marine Holdings have state that the ransomware attack only affected […]
August 5, 2021

Conti Ransomware gang’s playbook leaked by unhappy affiliate

On 5th of August 2021, the playbook and training material of Conti ransomware gang were leaked on a popular Russian-speaking hacking forum site by an upset Conti affiliate. As the Conti Ransomware gang run their operations as a ransomware-as-a-service (RaaS), they recruit affiliates who they train to perform the ransomware attack. This model of operations means that the core team […]
July 12, 2021

Coop supermarket – 500 stores closed due to Ransomware attack

On the 2nd of July 2021, approximately 500 Coop Supermarket in Sweden had to shut down due to their point-of-sale tills and self-service checkouts had stopped working. This is a result of the Kaseya supply chain attack by the REvil ransomware group as Coop’s cash registers are run by Visma Esscom, which manages servers for several Swedish businesses and in […]
June 11, 2021

Foodservice supplier Edward Don disrupted by expected ransomware attack

Earlier this week, ransomware was believed to have affected Edward Don and Company’s networks, phone systems, and email services. Edward Don and Company is one of the largest distributors of foodservice equipment and supplies, such as kitchen supplies, bar supplies, flatware, and dinnerware. Even though Edward Don has not publicly disclosed the attack at this time, there is evidence of […]
April 28, 2021

DC Police confirms cyberattack after ransomware gang leaks confidential data

In April 2021, Metropolitan Police Department had confirmed that they experienced a cyberattack after the Babuk ransomware gang leaked screenshots of data they had stolen from the department. The DC Police stated that they are aware of a breached server and that the FBI is investigating the matter. “We are aware of unauthorized access on our server. While we determine […]