Select Page
Slide 1

Weekly

Ransomware Roundup

August 26th - 30th, 2024

Connecticut Nonprofit Pays $1 Million Ransom After Sophisticated Cyberattack

The ARRL nonprofit was hit by a coordinated ransomware attack on May 15th that compromised their on-site and cloud systems running Windows and Linux. They paid the $1 million ransom demand after tense negotiations and now offer credit monitoring while establishing an IT security committee to prevent future attacks. Read more

BlackSuit Ransomware Exposes Data of 950,000 Individuals in Software Vendor Breach

The BlackSuit ransomware group breached Young Consulting on April 10th, exfiltrating personal data of 954,177 individuals like names, SSNs, DOBs and insurance details over 3 days before encrypting systems. The data exposure includes business contracts, employee passports and financial audits from Young Consulting's compromised network. Read more

Sea-Tac Airport Hit by Cyberattack, Disrupting Services and Websites

A cyberattack on August 25th disrupted Sea-Tac airport operations like baggage handling, terminal screens and boarding passes by compromising their network. Services remained down for days, resulting in thousands of missing bags and flight delays. Read more

Patelco Credit Union Suffers Ransomware Data Breach, Affecting 726,000 Customers

The RansomHub group exploited Patelco's network on May 23rd to steal data of 726k customers like Full name, Social Security number (SSN), Driver’s license number, DOB and Email address and published it on August 15th. Patelco offered credit monitoring and warned customers of the risks of phishing, engineering and scams after the two week service shutdown to contain the breach. Read more

SaaS Downtime: How Single Points of Failure Disrupt Entire Industries

Software as a Service (SaaS) solutions have become the backbone of countless industries. From automotive and finance to education and healthcare, these platforms offer efficiency, convenience, and a wealth of features. However, a critical vulnerability lurks within many SaaS environments: single points of failure (SPoFs). When an SPoF in a SaaS platform is compromised, the impact can be widespread, affecting all users and leading to significant disruptions. Read more

French Government Websites Under Siege Following Telegram CEO Arrest

Key French government websites face DDoS attacks in protest against Pavel Durov's arrest, which led to outrage online. DDoS attacks flood targeted servers with traffic to cripple accessibility. Durov's detention for charges including laundering and fraud sparked global concerns and a decline in associated cryptocurrencies like Toncoin. Read more

Promo
Upgrade Wasabi to Wasabi DR Plus

Add disaster recovery (DR) to your Wasabi or better, upgrade to Wasabi with air-gapped and immutable Plus disaster recovery.

Protect your valuable assets, minimize downtime, restore to the cloud while performing forensics. Cleanup, secure safe available resources, and restore your on-prem.

This also qualifies you for the Protection Plus program, which provides continuous monitoring and Professional Services to optimize and protect you against Ransomware.

For details, contact us.

Slide 1

Weekly

Ransomware Roundup

August 19th - 23rd, 2024

Microchip Technology Cyberattack: Manufacturing Incapacitated

US chipmaker Microchip Technology detected a cyberattack on August 17th comprising its IT systems, subsequently confirming unauthorized access on August 19th. Isolating impacted systems caused manufacturing facilities to operate at less than normal levels, disrupting order fulfillment. The tactics and techniques used in the attack are still unknown. Read more

Toyota Confirms Third-Party Data Breach Impacted its Customers

A threat actor claiming to be ZeroSevenGroup hacked a US branch of Toyota and stole 240GB of files from a backup server containing customer, employee, and financial data on December 25. This included credentials used to further exploit Toyota's network infrastructure using ADRecon. Toyota confirmed a third-party entity processed by them was compromised, impacting an unknown number of customers. Read more

CISA Warns of Critical Jenkins RCE Bug Exploited in Ransomware Attacks

CISA issued a warning regarding a critical RCE vulnerability (CVE-2024-23897) in widely used automation server Jenkins, allowing attackers to execute malicious code via CLI. Threat actors like IntelBroker have exploited this bug to breach organizations. Federal agencies must patch vulnerable Jenkins servers in 3 weeks as the bug is actively being used in ransomware attacks disrupting operations. Read more

CannonDesign Confirms Avos Locker Ransomware Data Breach

Hackers breached CannonDesign's network between January 19-25 2023, deploying the Avos Locker ransomware and stealing over 5.7TB of sensitive data including client PI, projects details, IT infrastructure records. After failing to extort payment, the Avos Locker gang published the stolen data on hacking forums and leak sites in September 2023 and February 2024, impacting over 13,000 clients. Read more

Qilin (Agenda) Ransomware: Threats, Techniques, And Prevention

Qilin ransomware uses Golang and Rust for high performance and evasion. Learn how it encrypts files while also stealing data, and how it targets healthcare and education. Discover strategies to protect critical data like user awareness training, backups and patching. Ensure your systems are secure from this evolving threat - check out the full blog to up your ransomware prevention game. Read more

Flint Reeling from Ransomware Attack, City Services Disrupted

The city of Flint, Michigan fell victim to a ransomware attack on August 14th, believed to be LockBit, which compromised its internal network and internet access, crippling online services. Residents could not pay bills or access information online, disrupting essential services at a sensitive time amid an ongoing water crisis. IT is working with the FBI and experts to investigate and recover data. Read more

Promo
60TB Hyper-V Dual Controller Server with Unlimited VMs for $9,850

60TB Hyper-V Dual Controller Server with Unlimited VMs. SAN Management Storage Concentrator Virtual machine that Includes iSCSI Base OS, Advanced Features with Snapshot & Synchronous Replication, Thin Provisioning, Supports up to 200 iSCSI Hosts for $9,850.

Single Node, 12 cores, NVME for OS, Unlimited VMs license on each node, 12GB RAM on each node, Dual 10G network port on each node, Enterprise SAS Hardware RAID controller. 960GB PCI-E Based NVMe SSD for Virtualization and Storage Engine. 800W Redundant Hot-Swappable Power Supply. 1 Year Warranty and Support included.

For details, contact us.

Slide 1

Weekly

Ransomware Roundup

August 12th - 16th, 2024

AutoCanada Cyber Attack, Ransomware Impacted Internal IT Systems

AutoCanada, a large Canadian automotive retailer, disclosed being impacted by a ransomware attack. The ransomware infiltrated their IT networks and systems, potentially disrupting operations and accessing sensitive business and customer data. The attack has strained AutoCanada's infrastructure as they work to restore services and evaluate improving network defenses. This incident comes after recent outages from their supplier CDK, also due to ransomware. Read more

Massive National Public Data Breach may have Exposed Personal Information of Billions, Lawsuit Claims

A class action lawsuit has been filed against a background check company alleging their failure to properly secure the personally identifiable information of billions of individuals collected from non-public sources. This supposedly led to a massive data breach where a threat actor claimed to have placed a database containing names, addresses, social security numbers and relatives' information from 2.9 billion US citizens for sale online after leaking it. Read more

Ohio School Board Association (OSBA) Hit by Ransomware Attack

The Ohio School Board Association (OSBA), which provides critical support services to over 700 Ohio school districts, discovered their network and systems were infiltrated by ransomware which disrupted operations right before the new school year. They had to immediately cut internet access and retained specialists to investigate the attack which could impact school board advocacy, training and resources. Read more

APT31 and APT27 Target Russian Organizations in Sophisticated Cyberespionage Campaign

Cybersecurity researchers uncovered a targeted campaign dubbed "EastWind" conducted by APT31 and APT27 against Russian government agencies and IT companies utilizing multi-staged malware implantation tactics via phishing emails. They deployed customized backdoors, trojans and payloads like "GrewApacha", "CloudSorcerer" and an undisclosed backdoor named "PlugY" to infiltrate networks while avoiding detection. Read more

Zero-Day Exploits: The Silent Assassins of Enterprise Security

Zero days stealthily exploit unknown flaws to slip past defenses. These invisible assassins derived from undetected vulnerabilities within software, hardware or firmware remain unpatched. Through weaponization and hijacking systemic functions, attackers easily execute their malicious payload. Zero days pose a serious threat, so read our blog to uncover how these silent threats operate and strengthen your protections. Read more

Australian Gold Mining Ransomware Attack: Mining Giant Hit by a Cyberattack

Large Australian gold miner Evolution Mining announced it detected ransomware on its IT systems on August 8th, disrupting operations. They promptly engaged forensic experts to investigate and contain the situation with no material impact expected. The details of the ransomware variant or attack vector used were not disclosed,. Read more

Promo
60TB Hyper-V Dual Controller Server with Unlimited VMs for $9,850

60TB Hyper-V Dual Controller Server with Unlimited VMs. SAN Management Storage Concentrator Virtual machine that Includes iSCSI Base OS, Advanced Features with Snapshot & Synchronous Replication, Thin Provisioning, Supports up to 200 iSCSI Hosts for $9,850.

Single Node, 12 cores, NVME for OS, Unlimited VMs license on each node, 12GB RAM on each node, Dual 10G network port on each node, Enterprise SAS Hardware RAID controller. 960GB PCI-E Based NVMe SSD for Virtualization and Storage Engine. 800W Redundant Hot-Swappable Power Supply. 1 Year Warranty and Support included.

For details, contact us.

Slide 1

Weekly

Ransomware Roundup

August 5th - 9th, 2024

'The Biggest Fraud Are All Those Fees' — Customers Express Fury Over Ticketmaster Data Breach Notification Letters

Ticketmaster alerted customers of a ransomware occurrence that compromised databases with contact and financial information. This ignited a blizzard of fury on online platforms as customers questioned shelling out expensive service charges that doesn’t even guarantee fundamental encryption of their sensitive info. Others complained of financial losses. Read more

Nearly Three Billion People's Personal Data Exposed in Major National Public Data Breach

An infamous hacker collective ‘USDoD’ infiltrated the deficient security protections of a background screening firm, plundering over 277GB of sensitive personal info belonging to 2.9 billion people. Due to the company's negligent failure to safeguard such an immense trove of private user data, a class action lawsuit now seeks damages and remedies for impacted individuals. Read more

Kadokawa Data Breach Compromises Personal Data of Over 250,000 Individuals

The publishing firm Kadokawa found out more than a quarter million client records were revealed after cybercriminals infiltrated interior systems using stolen login credentials. They achieved access to a department's databases and purloined names, contact information, monetary particulars and academic histories - some of which ended up distributed publicly online. Read more

Judge Rules NSO Group Does Not Need to Provide Additional Witnesses in Pegasus WhatsApp Lawsuit

The judge turned down WhatsApp's petition to question extra NSO Group executives in Israel or secure added documents concerning use of Pegasus hacking tools on WhatsApp. While WhatsApp argued three leaders' statements were lacking, the judge decided their testimony sufficiently illuminated company operations. This bars WhatsApp from uncovering supplementary technical specifics relating to security breaches. Read more

Breaking for Ransom: Can the Automotive Industry Outrun Ransomware Threats?

Ransomware is laying siege to automakers, attacking sensitive data and crippling production. From encrypted IP to disrupted supply chains, these hackers deal critical damage. AI and immutable backups provide the best defense, rapidly detecting anomalies and restoring operations. Learn how the automotive industry can defend against ransomware attacks and secure their networks. Read more

Hunters International Ransomware Gang Targets IT Workers with New SharpRhino Malware

The ransomware group ‘Hunters International’ is focusing on technical professionals through SharpRhino malware downloaded from a duped IP address lookup website. It abuses PowerShell to stealthily run payloads and executes scripts altering system settings, making folders for command connections, and permitting actions like launching a calculator. It also tries to gain elevated access before encryption. Read more

Promo
60TB Hyper-V Dual Controller Server with Unlimited VMs for $9,850

60TB Hyper-V Dual Controller Server with Unlimited VMs. SAN Management Storage Concentrator Virtual machine that Includes iSCSI Base OS, Advanced Features with Snapshot & Synchronous Replication, Thin Provisioning, Supports up to 200 iSCSI Hosts for $9,850.

Single Node, 12 cores, NVME for OS, Unlimited VMs license on each node, 12GB RAM on each node, Dual 10G network port on each node, Enterprise SAS Hardware RAID controller. 960GB PCI-E Based NVMe SSD for Virtualization and Storage Engine. 800W Redundant Hot-Swappable Power Supply. 1 Year Warranty and Support included.

For details, contact us.

Subscribe To Our Newsletter

Join our mailing list to receive the latest news, updates, and promotions from StoneFly.

Please Confirm your subscription from the email