With the holidays these past two weeks, there have been only a few known ransomware attacks and little research released.
At the end of December, a new enterprise-targeting ransomware operation called Night Sky was launched, but it is not very active so far.
We also saw an increase in Qlocker and eCh0raix campaigns targeting QNAP NAS devices, leading to QNAP releasing a security advisory.
The most noteworthy information that came out today is a new FBI flash alert warning that FIN7 hackers were sending malicious USB drives to defense firms that deployed REvil and BlackMatter ransomware.
Finally, there have been a few ransomware attacks over the past two weeks, including FinalSite, Bernalillo County, and SIC.
Now that the holidays are over, we can expect to see more attacks by threat actors and research related to new TTPs.
Also Read: How To Check Data Breach And How Can We Prevent It
Contributors and those who provided new ransomware information and stories this week include: @PolarToffee, @LawrenceAbrams, @VK_Intel, @FourOctets, @jorntvdw, @serghei, @Ionut_Ilascu, @DanielGallagher, @struppigel, @malwrhunterteam, @billtoulas, @malwareforme, @demonslay335, @fwosar, @BleepinComputer, @Seifreed, @BrettCallow, @pancak3lullz, @fbgwls245, @brfreed, @campuscodi, and @Amigo_A_,
dnwls0719 found a new Golang ransomware variant that appends the .xyz extension.
Jakub Kroustek found a new STOP ransomware variant that appends the .loov extension.
Jakub Kroustek found a new STOP ransomware variant that appends the .dehd extension.
The Lapsus$ ransomware gang has hacked and is currently extorting Impresa, the largest media conglomerate in Portugal and the owner of SIC and Expresso, the country’s largest TV channel and weekly newspaper, respectively.
Also Read: Top 8 Main PDPA Obligations To Boost And Secure Your Business
Government buildings in Bernalillo County, New Mexico, were closed to the public Wednesday in response to what appears to be the first ransomware attack this year against a local government in the United States.
FinalSite, a leading school website services provider, has suffered a ransomware attack disrupting access to websites for thousands of schools worldwide.
It’s a new year, and with it comes a new ransomware to keep an eye on called ‘Night Sky’ that targets corporate networks and steals data in double-extortion attacks.
The Federal Bureau of Investigation (FBI) warned US companies in a recently updated flash alert that the financially motivated FIN7 cybercriminal group is targeting the US defense industry with packages containing malicious USB devices to deploy ransomware.
QNAP has warned customers today to secure Internet-exposed network-attached storage (NAS) devices immediately from ongoing ransomware and brute-force attacks.
Amigo-A spotted a new Problem Ransomware variant that appends the .problem extension and drops a ransom note named readme.txt.
Established in 2018, Privacy Ninja is a Singapore-based IT security company specialising in data protection and cybersecurity solutions for businesses. We offer services like vulnerability assessments, penetration testing, and outsourced Data Protection Officer support, helping organisations comply with regulations and safeguard their data.
Singapore
7 Temasek Boulevard,
#12-07, Suntec Tower One,
Singapore 038987
