October 26, 2022

Medibank confirm that a ransomware group accessed all its customers’ personal data

On Wednesday 12th of October 2022, one of Australia’s largest private health insurance providers, Medibank Private Limited identified unusual activity which was discovered to be a precursor to a ransomware attack. In response, Medibank immediately took down parts of its IT systems to contain the threat and therefore disrupted its online services. “Our ongoing investigation has found the unusual activity […]
October 25, 2022

Hive ransomware group starts to leak data from a ransomware attack on Tata Power

On Tuesday 25th of October 2022, the Hive ransomware group claimed responsibility for a cyber attack that was disclosed on Friday 14th of October 2022 by a subsidiary of the multinational conglomerate Tata Group, Tata Power. They stated that they encrypted Tata Power’s data on Monday 3rd of October 2022. It is believed that the ransom negotiations failed as Hive […]
October 17, 2022

German newspaper stops circulation after a ransomware attack

On Friday 14th of October 2022, the german newspaper ‘Heilbronn Stimme’ experienced a ransomware attack that crippled its printing systems as well as phone and email services. On Saturday, the newspaper released an “emergency” six-page edition while all planned obituaries were posted on the website and today, they published a 28-page issue in an e-paper format. The Editor-in-chief Uwe Ralf […]
October 14, 2022

Dutch National Police trick DeadBolt ransomware out of 155 decryption keys

On Friday 14th of October 2022, the Dutch National Police, in collaboration with cybersecurity firm Responders.NU released a statement that revealed the collaboration was able to trick the DeadBolt ransomware group into handing over 155 decryption keys by faking ransom payments. “The police paid, received the decryption keys, and then withdrew the payments. These keys allow files such as treasured […]
October 14, 2022

Microsoft reveals new Prestige ransomware campaign against Ukraine and Poland

On Friday 14th of October 2022, Microsoft released an article where they stated that the new novel ransomware campaign, Prestige ransomware is being used to target transportation and logistics organizations in Ukraine and Poland in ongoing attacks. This ransomware campaign was first Tuesday 11th of October 2022 when a series of attacks were detected within an hour of each other. […]
October 13, 2022

Magniber ransomware targets Windows home users as fake security updates

Recent observations of the Magniber ransomware have revealed that the recent campaign that uses Magniber ransomware has been targeting Windows home users with fake security updates. It was observed in September that the threat actors had created websites that promoted fake antivirus and security updates for Windows 10. These websites hosted malicious ZIP archives that contained JavaScript that initiated an […]
October 4, 2022

Cheerscrypt ransomware has been linked to the Chinese hacking group, Emperor Dragonfly

On Monday 3rd of October 2022, the cyber security company, Sygnia released an article that stated that they had investigated a Cheerscrypt ransomware attack which utilized Night Sky ransomware TTPs and then on further analysis, it was revealed that Cheerscrypt and Night Sky are both rebrands of the same threat group, dubbed ‘Emperor Dragonfly’. The TTPs that were identified were […]
September 29, 2022

Lesser-known Royal Ransomware ramps up operations with multi-million dollar attacks

Recently, a lesser-known ransomware operation named Royal has been observed ramping up its attacks against serval corporations with ransom demands ranging from $250,000 to over $2 million. The Royal ransomware operation was launched in January 2022 and is believed to be a private group without affiliates that consist of vetted and experienced ransomware actors from previous operations. It was reported […]
September 28, 2022

Bl00Dy Ransomware Gang seen using Leaked LockBit 3.0 builder

Recently, the Bl00Dy Ransomware Gang has been observed using a recently leaked LockBit ransomware builder in attacks against companies. The Bl00Dy Ransomware Gang was first observed operating around May 2022, when they were targeting a group of medical and dental practices in New York. Last week, the LockBit 3.0 ransomware builder was leaked on Twitter after a fallout between a […]
Prev page
12345678910111213141516171819202122232425262728293031
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.