July 7, 2022

Emsisoft releases free AstraLocker and Yashma ransomware decryptor

On Thursday 7th of July 2022, Emsisoft, a New Zealand-based cybersecurity firm announced that they had released a free decryption tool for AstraLocker and Yashma ransomware which is available for download from Emsisoft’s servers. The decryption tool is based on AstraLocker’s Babuk-based decryptor and Yashma’s Chaos-based decryptor. Emsisoft has warned the victims of these ransomware variants to quarantine the malware […]
July 6, 2022

The University of Maastricht recovers ransom payment from the 2019 ransomware attack

On Saturday 2nd of July 2022, the University of Maastricht announced they had managed to successfully recover a ransom they had paid from a ransomware attack against the university that occurred on December 23, 2019. The ransom demand was 30 Bitcoins which at the time was worth about 197,000 euros ($218,000). But in April this year, the Dutch public prosecution […]
July 4, 2022

AstraLocker ransomware announces shutdown and releases decryptors

This week, the threat actor behind the lesser-known AstraLocker ransomware has reported telling the technology news outlet, BleepingComputer that they are shutting down the operation and plan to switch to cryptojacking. As well as shutting down the operation, the developer also submitted a ZIP archive which contained AstraLocker decryptors to the VirusTotal malware analysis platform. The decryptors have been confirmed […]
June 30, 2022

Macmillan Publishers’s systems were forced offline by a possible ransomware attack

On Monday 25th of June, the book publisher, Macmillan disclosed they had experienced a cyber-attack which has been believed to be a ransomware attack by experts as the publisher had initially stated that a portion of the company’s files had been encrypted and that they had taken protection measures by taking their systems offline to prevent further compromise. Employees of […]
June 30, 2022

FBI releases joint advisory alert against the MedusaLocker ransomware gang

On Thursday 30th of June 2022, the United States Federal Bureau of Investigation (FBI) released a joint TLP:WHITE joint advisory that revealed that the MedusaLocker ransomware gang has predominantly been relying on vulnerabilities in Remote Desktop Protocol (RDP) to access victims’ networks. This flash alert was released in coordination with CISA, the Department of the Treasury, and FinCEN to provide […]
June 29, 2022

Walmart denies claims of successful attack conducted by Yanluowang ransomware group

On Monday 27th of June 2020, the new Yanluowang ransomware operation claimed in a published entry to their data leak site that they had breached, the American retailer, Walmart and encrypted between 40,000 and 50,000 devices. Additionally, various files were uploaded with the entry which allegedly contains information extracted from Walmart’s Windows domain during the attack. “We encrypted about 40-50k Walmart […]
June 29, 2022

Ex-Canadian government employee linked to NetWalker Ransomware crew pleads guilty to U.S. ransomware charges

On Tuesday 28th of June 2022, 34-year-old Sebastien Vachon-Desjardins pleaded guilty in a US court to conspiring to commit computer and wire fraud, intentionally damaged a protected computer, and transmitted a demand in relation to damaging a protected computer. The former Canadian government employee has been described as “one of the most prolific NetWalker Ransomware affiliates” responsible for extorting said millions […]
June 29, 2022

Ransomware is believed to be the culprit for the cyber attack against Wiltshire Farm Foods

On Sunday 26th of June 2022, Wiltshire Farm Foods, a leading UK producer of frozen ready meals disclosed that its systems had been taken down after experiencing a serious cyber-attack. The incident has resulted in the company being unable to make deliveries to their customers and is unable to contact customers personally due to them not having access to their […]
June 28, 2022

Black Basta ransomware gang are on track to become a highly dangerous group after hitting 50 organisations in just two months

Two recent reports by cyber security researchers have revealed that the new ransomware group known as Black Basta have claimed to have successfully attacked 50 victims in just two months while also revealing that the new group has links to veteran gangs like REvil and Conti. “The Black Basta gang has added nearly 50 victims to their list as of […]
Prev page
1234567891011121314151617181920212223242526272829
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.