December 6, 2021

Hundreds of SPAR stores across northern England closed after ransomware attack

On Sunday 5th of December 2021, approximately 330 SPAR stores in northern England experienced a ransomware attack that has led to many of the stores having to close or switch to cash-only payments. The affected stores experienced a total IT outage which resulted in tills, credit card payment processing systems, and emails being impacted. Currently, it is unknown which ransomware gang is responsible […]
November 12, 2021

Customers urged to change passwords after German medical software vendor Medatixx experiences ransomware attack

On Friday 12th of November 2021, Medatixx, a German medical software vendor who provides medical software to over 21,000 health institutions, announced they had experienced a ransomware attack which has led to their operations being shut down. Shortly after the attack, they urged their customers and users to change their application passwords and passwords to all their workstations and servers […]
November 2, 2021

FBI warn ransomware gangs are targeting companies during time-sensitive financial events

On Monday 1st of November 2021, the United States Federal Bureau of Investigation (FBI) released a TLP: WHITE private industry notification where they warned that threat actors from ransomware gangs are starting to target companies that involved in significant, time-sensitive financial events like corporate mergers and acquisitions in the hope that these events will encourage these target companies to pay […]
October 26, 2021

FBI releases flash alert against Ranzy Locker ransomware

On Monday 25th of October 2021, the United States Federal Bureau of Investigation (FBI) announced that Ranzy Locker ransomware operators have compromised at least 30 US companies this year from various industry sectors. In a TLP: WHITE flash alert, the FBI states that the victims of the Ranzy Locker ransomware attacks included “the construction subsector of the critical manufacturing sector, […]
September 15, 2021

South Africa’s Justice Ministry experiences delays to their services after ransomware attack

On 9th of September 2021, justice ministry of the South African government released a statement that the Department of Justice and Constitutional Development had experienced a security breach which was caused by ransomware on the evening of 6th September 2021. This attack led to all their information systems being encrypted and therefore unavailable to both internal employees as well as […]
September 7, 2021

The return of REvil? REvil servers are suddenly back online

The operation servers of the REvil ransomware gang, aka Sodinokibi, have just been turned on for the first time since July after their large-scale attack against Kaseya when they used a zero-day vulnerability in the Kaseya VSA remote management software to encrypt around 60 managed service providers (MSPs) and over 1,500 of their business customers. Their disappearance was noticed when […]
August 23, 2021

Italy’s Lazio region’s vaccination registration system down after IT systems were disabled by ransomware attack

On Sunday 1st of August 2021, one of Italy’s largest regions, Lazio region experienced a ransomware attack that caused the region’s IT systems to be disabled. It meant Lazio residents were not able to book new vaccination appointments through the region’s COVID-19 vaccination registration portal as it was also taken down by the attack. Nicola Zingaretti, the region’s president confirmed […]
April 12, 2021

Ireland’s health service forced to drop up to 80% of appointment due to Conti ransomware attack

On the 14th of March 2021, Health Service Executive of Ireland, which is responsible for the provision of health and personal social services in the Republic of Ireland had to take all its IT systems offline after experiencing a Conti ransomware attack early in the morning that left Ireland’s health system paralyzed as up to 80% of appointments had to […]