Retch is a new ransomware variant first discovered in mid-August 2023. It encrypts files on compromised machines and leaves two ransom notes asking victims to pay a ransom for file decryption.
Infection Vector - Information about the infection vector used by the Retch ransomware threat actor is not currently available. However, it is unlikely to be significantly different from other ransomware groups.[1] Retch ransomware samples have been submitted to a public file scanning service from the f
The media is full of stories about cyber threats, attacks, and ransomware demands, and why is this the norm? Digital transformation creates larger data estates, opening new avenues of attack for cybercriminals. Bad actors’ tactics are sophisticated and constantly evolving, making it difficult for companies to stay ahead of emerging threats. Cyber threat intelligence gives businesses the information and capabilities they need to refine their defenses continually.
Targeted cyber threat intelli
Cyber security refers to every aspect of protecting a company or organization as well as its employees and assets from online threats. For all of us in animal agriculture, cybersecurity is no longer just about avoiding those sketchy phishing emails or resetting our passwords. It’s about being aware of our online presence and how that may make us vulnerable to individuals or groups looking to gain access to sensitive information with the intent to target our farms or companies.[1]
Recently, the
DoDo ransomware was first reported last February of 2023. It is a variant of the widely reported and observed Chaos ransomware. Because it is a derivative, the DoDo ransomware is not considered new and recent. However, a slightly different version of the DoDo ransomware has recently emerged, described below.[1]
Infection Vector - DoDo ransomware samples have the “Mercurial Grabber” file icon, which indicates the ransomware was likely distributed as such. Mercurial Grabber is an open-source m
Microsoft spokesmen disclosed on 17 August 2023 that it found a new version of the BlackCat ransomware (aka ALPHV and Noberus) that embeds tools like Impacket and RemCom to facilitate lateral movement and remote code execution. "The Impacket tool has credential dumping and remote service execution modules that could be used for broad deployment of the BlackCat ransomware in target environments," the company's threat intelligence team said in a series of posts on X (formerly Twitter). "This Bla
A known ransomware group on 21 August 2023 started publishing data allegedly stolen from the systems of Japanese watchmaking company Seiko https://www.seikowatches.com. Seiko revealed on 10 August 2023 that it had identified a possible data breach on 28 July 2023, with someone gaining access to at least one server. An investigation showed that some information may have been compromised. “The Company and all our Group companies kindly ask our customers and business partners to contact us imm
A security alert was issued last Friday after a cyber-attack on the Election Commission of Pakistan (ECP). The electoral watchdog has urged all employees to take the necessary precautions in the wake of the situation. All ECP staff were ordered not to open emails which could possibly lead to precious data being leaked. The letter dated 6 July, titled “Cyber Security Alert” and written by the ECP Information Security Specialist who shared a screengrab of an email sent to an ECP official that a
EU Health Sector: Ransomware Accounts for 54% of Cybersecurity Threats
The European Union Agency for Cybersecurity (ENISA) released a report on 5 July with its first cyber threat landscape for the health sector. The report found that ransomware accounts for 54% of cybersecurity threats in the health sector.
The comprehensive analysis maps and studies cyberattacks, identifying prime threats, actors, impacts, and trends for a period of over 2 years, providing valuable insights for the healthcare
The Office of the Australian Information Commissioner (OAIC) says some of its files were stolen in a ransomware attack on law firm HWL Ebsworth https://hwlebsworth.com.au.
One of the largest law firms in Australia, HWL Ebsworth, says in an incident notice on its website that it became aware of the incident on 28 April 2023, after the ALPHV_BlackCat ransomware gang boasted about the hack, and that it immediately informed the Australian authorities and started investigating the incident.[1]
See:
The US Department of Energy and several other federal agencies were compromised in a Russian cyber-extortion gang’s global hack of a file-transfer program popular with corporations and governments. Still, the impact was not expected to be great, Homeland Security officials said on 15 June 2023. But for others, among what could be hundreds of victims from industry to higher education, including patrons of at least two state motor vehicle agencies, the hack was beginning to show some serious impa
On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The below report aims to provide readers with brief insights into the evolving ransomware landscape variants.
Big Head Ransomware Overview – Researchers recently came across a new ransomware variant called Big Head, which came out in May 2023. Although there are at least three variants of Big Head ransomware, all are designed to encry
Schools face evolving cyber threats in an increasingly digital educational landscape. Insider errors, ransomware attacks, and vendor vulnerabilities require a strong focus on cyber hygiene and awareness to safeguard sensitive data, says the CEO of ManagedMethods. Although we talk about the seriousness of the cybersecurity threat in education a lot, it is worth repeating this alarming Microsoft statistic 6,110,425 (80.1% of the global total) Opens a new window enterprise malware encounter in th
The number of organizations impacted by ongoing hacks of the software MOVEit is continuing to mount as entities from airlines to universities to the Department of Energy confirm their information was among a series of recent data breaches largely blamed on a Russian-speaking criminal group.
Transportation agencies in Oregon and Louisiana have warned millions of residents their identities are at risk after a cyberattack Thursday stole names, addresses and social security numbers.[1] Louisiana of
The number of organizations impacted by ongoing hacks of the software MOVEit is continuing to mount as entities from airlines to universities to the Department of Energy confirm their information was among a series of recent data breaches largely blamed on a Russian-speaking criminal group.
Transportation agencies in Oregon and Louisiana have warned millions of residents their identities are at risk after a cyberattack Thursday stole names, addresses and social security numbers.[1] Louisiana of
The number of organizations impacted by ongoing hacks of the software MOVEit is continuing to mount as entities from airlines to universities to the Department of Energy confirm their information was among a series of recent data breaches largely blamed on a Russian-speaking criminal group.
Transportation agencies in Oregon and Louisiana have warned millions of residents their identities are at risk after a cyberattack Thursday stole names, addresses and social security numbers.[1] Louisiana of
The number of organizations impacted by ongoing hacks of the software MOVEit is continuing to mount as entities from airlines to universities to the Department of Energy confirm their information was among a series of recent data breaches largely blamed on a Russian-speaking criminal group.
Transportation agencies in Oregon and Louisiana have warned millions of residents their identities are at risk after a cyberattack Thursday stole names, addresses and social security numbers.[1] Louisiana of
The number of organizations impacted by ongoing hacks of the software MOVEit is continuing to mount as entities from airlines to universities to the Department of Energy confirm their information was among a series of recent data breaches largely blamed on a Russian-speaking criminal group.
Transportation agencies in Oregon and Louisiana have warned millions of residents their identities are at risk after a cyberattack Thursday stole names, addresses and social security numbers.[1] Louisiana of
The number of organizations impacted by ongoing hacks of the software MOVEit is continuing to mount as entities from airlines to universities to the Department of Energy confirm their information was among a series of recent data breaches largely blamed on a Russian-speaking criminal group.
Transportation agencies in Oregon and Louisiana have warned millions of residents their identities are at risk after a cyberattack Thursday stole names, addresses and social security numbers.[1] Louisiana of
The number of organizations impacted by ongoing hacks of the software MOVEit is continuing to mount as entities from airlines to universities to the Department of Energy confirm their information was among a series of recent data breaches largely blamed on a Russian-speaking criminal group.
Transportation agencies in Oregon and Louisiana have warned millions of residents their identities are at risk after a cyberattack Thursday stole names, addresses and social security numbers.[1] Louisiana of
The number of organizations impacted by ongoing hacks of the software MOVEit is continuing to mount as entities from airlines to universities to the Department of Energy confirm their information was among a series of recent data breaches largely blamed on a Russian-speaking criminal group.
Transportation agencies in Oregon and Louisiana have warned millions of residents their identities are at risk after a cyberattack Thursday stole names, addresses and social security numbers.[1] Louisiana of
