September 10, 2022

A growing number of ransomware gangs adopting new intermittent encryption tactic

In recent months, a growing number of ransomware groups have been observing using a new tactic, intermittent encryption that helps them encrypt their victims’ systems faster while reducing the chances of being detected and stopped. This involves encrypting only parts of the targeted files’ content, which would still render the data unrecoverable without using a valid decryptor and key. This tactic […]
September 1, 2022

Government of Montenegro confirms ransomware attack, Cuba ransomware group claim responsible

On Wednesday 31st of August 2022, the government of Montenegro confirmed that ransomware was responsible for the damage and disruptions that have impacted its critical infrastructure. Public Administration Minister Maras Dukaj stated on local television that an organised cybercrime group was behind the attack. The minister was quoted saying that a “special virus” is used in the attack and there […]
August 11, 2022

UK NHS services still recovering after ransomware attack against British MSP

On Thursday 4th of August 2022, Advanced, a British managed service provider (MSP) suffered a ransomware attack that occurred in the early morning. The incident resulted in seven of the solutions that Advanced offer being impacted. One of Advanced’s main customers was United Kingdom’s National Health Service (NHS) where emergency services (111) were disrupted due to the incident. When the […]
August 10, 2022

7-Eleven Denmark confirms store closures as a result of a ransomware attack

On Monday 8th of August 2022, 7-Eleven Denmark experienced a ransomware attack that resulted in the closure of 175 stores across Denmark as they were not able to accept payment or use their cash register. The incident was confirmed via a statement on Facebook. “This is a so-called ransomware attack, where the criminals have forced access to the network and […]
August 1, 2022

BlackCat ransomware claims responsibility for an attack against a European gas pipeline

On Monday 25th of July 2022, the Encevo Group announced that two entities of the group had been victims of a cyber attack that occurred between Friday 22nd and Saturday 23rd of July 2022. The incident involved the customer portals becoming unavailable although, there were no interruptions to the supply of electricity and gas. A further update posted on Thursday […]
July 29, 2022

Microsoft draws connections between Raspberry Robin malware and Evil Corp attacks

On Thursday 28th of July 2022, Microsoft researchers revealed that an access broker (DEV-0206) they have been tracking has been observed using the Raspberry Robin Windows worm to deploy a malware downloader on networks as well as showing signs of Evil Corp pre-ransomware deploy tactics. According to Microsoft’s threat intelligence advisory, they have found Raspberry Robin malware on the networks of hundreds […]
July 27, 2022

LockBit make wrong claim about an attack on the Italian Revenue Agency

After LockBit’s claim of attacking the Italian Revenue Agency on the 25th, an investigation done by the Red Hot Cyber (RHC) open-news project has revealed that the stolen data is from another Italian organisation, GESIS Srl. The investigation discovered that the threat actor who stole the data was an affiliate and when asked if they were sure that the data […]
July 26, 2022

WordFly experiences a ransomware attack, resulting in the loss of stolen data

On Sunday 10th of July 2022, WordFly, a major mailing list provider experienced a ransomware attack which resulted in the WordFly website being taken offline as well as data related to their clients being stolen. In an announcement released on Tuesday 19th of July 2022, WordFly stated that their engineering team discovered a network disruption on Sunday 10th of July […]
July 25, 2022

LockBit ransomware group claim to have stolen 78 GB of files from the Italian Revenue Agency

On Monday 25th of July 2022, the LockBit ransomware group listed the Agenzia delle Entrate (Italian Revenue Agency) on their data leak site where they claimed to have stolen 78GB of data and are threatening to leak the allegedly stolen data if a ransom isn’t paid by Sunday 31st of July 2022. LockBit has claimed that the allegedly stolen data […]
Prev page
123456789101112131415161718
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.