X-Industry

Encevo Group, an energy corporation based in Luxembourg, is dealing with an ongoing cyberattack by ransomware-as-a-service gang BlackCat.  Some digital services are still disrupted 12 days after the attack began, but the company says that energy supply has not been affected.  BlackCat is believed by researchers to retain hackers of DarkSide, the now-defunct ransomware group that attacked US gas provider Colonial Pipeline in 2021. 

Encevo Group cyberattack: In a dark web blog post on 29 July, Bla

There are many things you can do to protect yourself against cyberattacks but if you still do not remember the basics, then your organization is an easy target for cyber criminals.  Please review what Red Sky Alliance recommends at the end of this article.

A security vulnerability that was left unpatched for three years allowed a notorious cyber-criminal gang to breach a network and plant ransomware.  The BlackCat ransomware attack against the undisclosed organization took place in March 2022

Ransomware is a constant thorn in the side of cyber security professionals worldwide.  Hive Ransomware stormed onto the scene in June of 2021 and in their first six months, from June to December of 2021 they managed to compromise 355 companies.  The group made headlines for targeting IT, real estate, and healthcare organizations, prompting an FBI Alert sharing the Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) associated with the group in late August.

Recently the

Activity Summary - Week Ending on 22 December 2021:

• Red Sky Alliance identified 30,069 connections from new IP’s checking in with our Sinkholes
• dauction.ru Still has Issues after 4 weeks !
• Analysts identified 5,039 new IP addresses participating in various Botnets
• Log4j Vulnerability
• BlackCat
• AgentTesla Additions
• Iran Hackers
• Cyber and Medical Devices
• Attacking K-12 School Apps
• Cyber Port Protection
• Finite Recruitment

Link to full report: IR-21-356-001_weekly356.pdf