May 17, 2023

ScanSource warns of delays following ransomware attack

On Tuesday 16th of May 2023, a US-based technology provider ScanSource disclosed that they had suffered a ransomware attack that has impacted some of its systems, business operations, and customer portals. The impact has been significant, as it is expected to cause delays in the provision of services to customers in North America and Brazil. ScanSource has stated in a press […]
May 15, 2023

Cisco Talos reveals RA Group ransomware targeting USA and South Korean organisations

On Monday 15th of May 2023, Cisco Talos revealed a new ransomware group named ‘RA Group’ that is targeting pharmaceutical, insurance, wealth management, and manufacturing firms in the United States and South Korea. The blog post covering the group revealed that their operation started in April 2023, when they launched a data leak site on the dark web on Sunday […]
May 15, 2023

Data of 5.8 million PharMerica patients stolen by ransomware gang

On Friday 12th of May 2023, a US-based pharmacy services provider PharMerica disclosed that they had suffered a data breach involving the personal information of over 5.8 million patients. According to a data breach notification, the threat actors breached PharMerica’s system on Sunday 12th of March 2023 and stole the full names, addresses, dates of birth, social security numbers (SSNs), medications, […]
May 12, 2023

FBI releases joint advisory warning of Bl00dy ransomware targets education organisation in PaperCut attacks

On Thursday 11th of May 2023, the United States Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released a joint TLP:CLEAR cybersecurity advisory warning organisation that the Bl00dy Ransomware gang is now actively exploiting a PaperCut remote-code execution vulnerability (CVE-2023-27350) to gain initial access to networks. The advisory revealed that the Bl00dy Ransomware Gang attempted […]
May 7, 2023

Kroll reveals new Cactus ransomware that encrypts itself to evade antivirus

On Wednesday 10th of May 2023, Kroll revealed a new ransomware strain named ‘Cactus’ which has been exploiting vulnerabilities in VPN appliances for initial access to networks of large commercial entities since March 2023. The publication covering the strain revealed that the unique feature of the strain is its self-encryption capability. to make it difficult for antivirus software to detect […]
May 5, 2023

Ransomware attack against Constellation Software claimed by ALPHV ransomware gang

On the 4th of May 2023, Constellation Software confirmed that some of its systems were breached by threat actors who also stole personal information and business data. However, they added that the incident did not impact the independent IT systems of Constellation Software’s operating groups and businesses. Constellation Software has stated that it had contained the incident and has now […]
May 4, 2023

Avos ransomware gang hijacks university alert system to issue threats

On Sunday 30th of April 2023, Bluefield University disclosed that the university had suffered a cyberattack that impacted the IT systems, causing all examinations to be postponed. However, at that time it had claimed that its investigation had found no evidence of any cases of financial fraud or identity theft linked to the incident. Although on Monday 1st of May […]
May 3, 2023

Cl0p ransomware attack impacts 783k Brightline patients

This week, Brightline, a pediatric mental health provider released a data notice warning patients that it suffered a data breach impacting 783,606 people following a cyberattack by the Cl0p ransomware gang. It is believed that the ransomware gang used a zero-day vulnerability (CVE-2023-0669) in its Fortra GoAnywhere MFT secure file-sharing platform to steal the data from 130 organisations including Brightline. […]
April 24, 2023

Black Basta claims responsibility for a cyberattack against Yellow Pages Group

Last week, the Black Basta ransomware gang claimed responsibility for a cyberattack against the Yellow Pages Group, a Canadian directory publisher and posted a sample of sensitive documents and data. The posted sample included the following documents: ID documents (such as scans of passports and driver’s licenses) exposing people’s date of birth and address. Tax documents—exposing Social Insurance Number (SIN) Sales and […]
Prev page
1234567891011121314151617181920212223242526272829
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.