May 17, 2023

FBI releases joint advisory against the BianLian ransomware gang

On Tuesday 16th of May 2023, the United States Federal Bureau of Investigation (FBI) released a joint TLP:CLEAR cybersecurity advisory warning organisations of the latest tactics, techniques, and procedures (TTPs) used by the BianLian ransomware group. The advisory highlighted that BianLian is a ransomware developer, deployer, and data extortion cybercriminal group that has targeted organisations in multiple U.S. critical infrastructure sectors […]
May 17, 2023

ScanSource warns of delays following ransomware attack

On Tuesday 16th of May 2023, a US-based technology provider ScanSource disclosed that they had suffered a ransomware attack that has impacted some of its systems, business operations, and customer portals. The impact has been significant, as it is expected to cause delays in the provision of services to customers in North America and Brazil. ScanSource has stated in a press […]
May 15, 2023

Cisco Talos reveals RA Group ransomware targeting USA and South Korean organisations

On Monday 15th of May 2023, Cisco Talos revealed a new ransomware group named ‘RA Group’ that is targeting pharmaceutical, insurance, wealth management, and manufacturing firms in the United States and South Korea. The blog post covering the group revealed that their operation started in April 2023, when they launched a data leak site on the dark web on Sunday […]
May 15, 2023

Data of 5.8 million PharMerica patients stolen by ransomware gang

On Friday 12th of May 2023, a US-based pharmacy services provider PharMerica disclosed that they had suffered a data breach involving the personal information of over 5.8 million patients. According to a data breach notification, the threat actors breached PharMerica’s system on Sunday 12th of March 2023 and stole the full names, addresses, dates of birth, social security numbers (SSNs), medications, […]
May 12, 2023

FBI releases joint advisory warning of Bl00dy ransomware targets education organisation in PaperCut attacks

On Thursday 11th of May 2023, the United States Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released a joint TLP:CLEAR cybersecurity advisory warning organisation that the Bl00dy Ransomware gang is now actively exploiting a PaperCut remote-code execution vulnerability (CVE-2023-27350) to gain initial access to networks. The advisory revealed that the Bl00dy Ransomware Gang attempted […]
May 3, 2023

Cl0p ransomware attack impacts 783k Brightline patients

This week, Brightline, a pediatric mental health provider released a data notice warning patients that it suffered a data breach impacting 783,606 people following a cyberattack by the Cl0p ransomware gang. It is believed that the ransomware gang used a zero-day vulnerability (CVE-2023-0669) in its Fortra GoAnywhere MFT secure file-sharing platform to steal the data from 130 organisations including Brightline. […]
April 24, 2023

Black Basta claims responsibility for a cyberattack against Yellow Pages Group

Last week, the Black Basta ransomware gang claimed responsibility for a cyberattack against the Yellow Pages Group, a Canadian directory publisher and posted a sample of sensitive documents and data. The posted sample included the following documents: ID documents (such as scans of passports and driver’s licenses) exposing people’s date of birth and address. Tax documents—exposing Social Insurance Number (SIN) Sales and […]
April 16, 2023

Mac ransomware encryptors linked to LockBit founded

This week, it was discovered that the LockBit ransomware gang has created encryptors targeting Macs and it was confirmed by the public-facing representative of LockBit, known as LockBitSupp, that the Mac encryptor is “actively being developed”. The new ransomware encryptor was discovered by cybersecurity researchers MalwareHunterTeam and Florian Roth. An analysis of the Apple M1 encryptor revealed that parts of the encryptor were […]
April 15, 2023

BlackCat ransomware claims responsibility for the outage of NCR’s Aloha POS

On Saturday 15th of April 2023, the American software and technology consulting company NCR disclosed that they had suffered an outage since Wednesday at their data centers after being hit by a ransomware attack. The outage resulted in its Aloha point of sale platform being unavailable for its customers to utilize the system. NCR stated that they launched an investigation […]
Prev page
123456789101112131415161718
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.