October 4, 2022

Cheerscrypt ransomware has been linked to the Chinese hacking group, Emperor Dragonfly

On Monday 3rd of October 2022, the cyber security company, Sygnia released an article that stated that they had investigated a Cheerscrypt ransomware attack which utilized Night Sky ransomware TTPs and then on further analysis, it was revealed that Cheerscrypt and Night Sky are both rebrands of the same threat group, dubbed ‘Emperor Dragonfly’. The TTPs that were identified were […]
October 2, 2022

Vice Society Ransomware gang releases stolen data from the LAUSD school system

On Sunday 2nd of October 2022, the Vice Society Ransomware gang published data and documents that were stolen from the Los Angeles Unified School District during a ransomware attack at the start of September. The release of the stolen data was confirmed by LAUSD superintendent Alberto M. Carvalho in a statement posted to Twitter. “Unfortunately, as expected, data was recently […]
September 20, 2022

A cyberattack against New York Racing Association claimed by the Hive ransomware gang

On Monday 19th of September 2022, the Hive ransomware gang claimed responsibility for an cyberattack that impacted the IT operations of the New York Racing Association (NYRA). The incident also impacted their website availability and has resulted in member data being compromised. On Friday 9th of September 2022, NYRA released a security breach notification that revealed that the threat actors […]
September 17, 2022

New York-based Empress Emergency Medical Services discloses data breach after ransomware attack

On Thursday 14th of July 2022, Empress Emergency Medical Services (EMS), emergency response and ambulance service provider based in New York suffered a ransomware attack. An investigation into the incident revealed that the threat actor had gained access to Empress EMS’ systems on Thursday 26th of May, 2022. The threat actor stayed in their systems until Wednesday 13th of July 2022, […]
September 15, 2022

Cyberattack against Bell Canada subsidiary claimed by Hive ransomware gang

The Hive ransomware gang claimed responsibility for an attack that hit the systems of Bell Canada subsidiary Bell Technical Solutions (BTS). Within the data leak entry, Hive claims that they encrypted BTS’ systems almost a month ago, on Saturday 20th of August 2022. Even though BTS hasn’t disclosed when its network was breached or how the attack occurred, Bell Canada […]
September 10, 2022

A growing number of ransomware gangs adopting new intermittent encryption tactic

In recent months, a growing number of ransomware groups have been observing using a new tactic, intermittent encryption that helps them encrypt their victims’ systems faster while reducing the chances of being detected and stopped. This involves encrypting only parts of the targeted files’ content, which would still render the data unrecoverable without using a valid decryptor and key. This tactic […]
September 1, 2022

Government of Montenegro confirms ransomware attack, Cuba ransomware group claim responsible

On Wednesday 31st of August 2022, the government of Montenegro confirmed that ransomware was responsible for the damage and disruptions that have impacted its critical infrastructure. Public Administration Minister Maras Dukaj stated on local television that an organised cybercrime group was behind the attack. The minister was quoted saying that a “special virus” is used in the attack and there […]
August 11, 2022

UK NHS services still recovering after ransomware attack against British MSP

On Thursday 4th of August 2022, Advanced, a British managed service provider (MSP) suffered a ransomware attack that occurred in the early morning. The incident resulted in seven of the solutions that Advanced offer being impacted. One of Advanced’s main customers was United Kingdom’s National Health Service (NHS) where emergency services (111) were disrupted due to the incident. When the […]
August 10, 2022

7-Eleven Denmark confirms store closures as a result of a ransomware attack

On Monday 8th of August 2022, 7-Eleven Denmark experienced a ransomware attack that resulted in the closure of 175 stores across Denmark as they were not able to accept payment or use their cash register. The incident was confirmed via a statement on Facebook. “This is a so-called ransomware attack, where the criminals have forced access to the network and […]
Prev page
12345678910111213141516171819
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.