October 30, 2021

Chaos ransomware variant targets Minecraft players in Japan

On Thursday 28th of October 2021, cyber security researchers from FortiGuard Labs released a report revealing they had recently discovered variant of the Chaos ransomware that is being used to target Minecraft players in Japan. The FortiGuard Labs researchers have stated that this variant is unique due to the fact they not only encrypt certain files of a size smaller […]
October 27, 2021

Grief ransomware gang adds the National Rifle Association of America as a victim

On Wednesday 27th of October 2021, the Grief ransomware gang added The National Rifle Association of America (NRA) to their data leak as a victim of one of their attacks. The gang provide evidence of the attack by providing screenshots of Excel spreadsheets containing US tax information and investments amounts. They also have leaked a 2.7 MB archive titled ‘National […]
October 26, 2021

FBI releases flash alert against Ranzy Locker ransomware

On Monday 25th of October 2021, the United States Federal Bureau of Investigation (FBI) announced that Ranzy Locker ransomware operators have compromised at least 30 US companies this year from various industry sectors. In a TLP: WHITE flash alert, the FBI states that the victims of the Ranzy Locker ransomware attacks included “the construction subsector of the critical manufacturing sector, […]
October 22, 2021

All extortion gangs called on to attack US interests by Groove ransomware gang

On Friday 22nd of October 2021, the Groove ransomware gang released a Russian blog post in Russian which calls for all other ransomware operations to target US interests. This blog comes about after REvil was taken down because of an international law enforcement operation that included support from the FBI. “I urge not to attack Chinese companies, because where do […]
October 22, 2021

A data breach investigated by GPDP after ransomware attack on SIAE

On Thursday 21st of October 2021, the Italian data protection authority Garante per la Protezione dei Dati Personali (GPDP) announced they were investigating a data breach of Società Italiana degli Autori ed Editori which is Italy’s copyright protection government agency. Currently the GPDP is stating that the investigation is looking at whether threat actors were able to steal the personal […]
October 21, 2021

Evil Corp launch new Macaw Locker ransomware to evade US sanctions

Recently, a new ransomware called Macaw Locker launched by Evil Corp, has entered the ransomware space. It is believed that Evil Corp have released this new ransomware to evade US sanctions that prevent victims from making ransom payments. This is not the first time that Evil Corp have released a new ransomware to evade the US sanctions that were placed […]
October 21, 2021

Carbanak hacking group enters ransomware space by creating a fake cybersecurity company

On Thursday 21st of October 2021, researchers at Gemini Advisory released a blog detailing evidence that FIN7 (aka ‘Carbanak’) hacking group has set up a fake cybersecurity company known as Bastion Security which was being used to hire pentesters and system administrators to conduct pre-encryption stages of ransomware attacks. Researchers discovered Bastion Security website was made up of stolen and […]
October 21, 2021

Ecuador’s largest bank’s system shut down for multiple days after cyber attack

During the weekend of the 10th of October 2021, Banco Pichincha, Ecuador’s largest private bank experienced a cyberattack that led to disruption to their operations and meant that their ATM and online banking portal was taken offline. Due to the shutdown of their IT system, employees are notified that bank applications, email, digital channels, and self-services will not be operational […]
October 19, 2021

Free BlackByte ransomware decryptor released after AES encryption key was reused

On Thursday 15th of October 2021, a free decryptor for the BlackByte ransomware and a SpiderLabs blog detailing the process of decrypting the ransomware was released to the public to allow past victims to recover their files for free. Researchers had found that the ransomware was downloading an image file called ‘forest.png’ from a remote malicious site under the control […]
Prev page
1234567891011121314151617181920212223242526272829303132
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.