October 14, 2022

Microsoft reveals new Prestige ransomware campaign against Ukraine and Poland

On Friday 14th of October 2022, Microsoft released an article where they stated that the new novel ransomware campaign, Prestige ransomware is being used to target transportation and logistics organizations in Ukraine and Poland in ongoing attacks. This ransomware campaign was first Tuesday 11th of October 2022 when a series of attacks were detected within an hour of each other. […]
October 13, 2022

Magniber ransomware targets Windows home users as fake security updates

Recent observations of the Magniber ransomware have revealed that the recent campaign that uses Magniber ransomware has been targeting Windows home users with fake security updates. It was observed in September that the threat actors had created websites that promoted fake antivirus and security updates for Windows 10. These websites hosted malicious ZIP archives that contained JavaScript that initiated an […]
October 4, 2022

Cheerscrypt ransomware has been linked to the Chinese hacking group, Emperor Dragonfly

On Monday 3rd of October 2022, the cyber security company, Sygnia released an article that stated that they had investigated a Cheerscrypt ransomware attack which utilized Night Sky ransomware TTPs and then on further analysis, it was revealed that Cheerscrypt and Night Sky are both rebrands of the same threat group, dubbed ‘Emperor Dragonfly’. The TTPs that were identified were […]
September 29, 2022

Lesser-known Royal Ransomware ramps up operations with multi-million dollar attacks

Recently, a lesser-known ransomware operation named Royal has been observed ramping up its attacks against serval corporations with ransom demands ranging from $250,000 to over $2 million. The Royal ransomware operation was launched in January 2022 and is believed to be a private group without affiliates that consist of vetted and experienced ransomware actors from previous operations. It was reported […]
September 28, 2022

Bl00Dy Ransomware Gang seen using Leaked LockBit 3.0 builder

Recently, the Bl00Dy Ransomware Gang has been observed using a recently leaked LockBit ransomware builder in attacks against companies. The Bl00Dy Ransomware Gang was first observed operating around May 2022, when they were targeting a group of medical and dental practices in New York. Last week, the LockBit 3.0 ransomware builder was leaked on Twitter after a fallout between a […]
September 20, 2022

A cyberattack against New York Racing Association claimed by the Hive ransomware gang

On Monday 19th of September 2022, the Hive ransomware gang claimed responsibility for an cyberattack that impacted the IT operations of the New York Racing Association (NYRA). The incident also impacted their website availability and has resulted in member data being compromised. On Friday 9th of September 2022, NYRA released a security breach notification that revealed that the threat actors […]
September 17, 2022

New York-based Empress Emergency Medical Services discloses data breach after ransomware attack

On Thursday 14th of July 2022, Empress Emergency Medical Services (EMS), emergency response and ambulance service provider based in New York suffered a ransomware attack. An investigation into the incident revealed that the threat actor had gained access to Empress EMS’ systems on Thursday 26th of May, 2022. The threat actor stayed in their systems until Wednesday 13th of July 2022, […]
September 10, 2022

A growing number of ransomware gangs adopting new intermittent encryption tactic

In recent months, a growing number of ransomware groups have been observing using a new tactic, intermittent encryption that helps them encrypt their victims’ systems faster while reducing the chances of being detected and stopped. This involves encrypting only parts of the targeted files’ content, which would still render the data unrecoverable without using a valid decryptor and key. This tactic […]
September 6, 2022

FBI releases joint advisory warning of Vice Society ransomware attacks on school districts

On Tuesday 6th of September 2022, the United States Federal Bureau of Investigation (FBI) released a joint TLP:WHITE cybersecurity advisory which revealed that multiple agencies have observed Vice Society threat actors disproportionately targeting the education sector with ransomware attacks. The impacts of ransomware attacks against the education sectors have ranged from restricted access to networks and data, delayed exams, cancelled […]
Prev page
1234567891011121314151617181920212223242526272829
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.