Ciments Guyanais
April 1, 2022
•[ ransomware, malware, manufacturing ]
Vice Society encrypts network and threatens to leak data on their dark web portal.
ICTV
April 1, 2022
•[ espionage, malware, technology ]
Researchers from Malwarebytes reveal that the cyberespionage actor UAC-0056, also known as SaintBear, UNC2589 and TA471, is using a macro-embedded Excel document to target several entities in Ukraine, including ICTV, a private TV channel.
Russian state officers
March 31, 2022
•[ espionage, malware, government ]
Researchers from Secureworks discover a campaign carried out by the Mustang Panda group targeting Russian state officers with the PlugX remote access tool.
Yip in Tsoi
March 31, 2022
•[ ransomware, leak, malware ]
SNATCH executed exfiltration of data and ransomeware in targeted network. Data presented on dark web "leak site"
TIC International Corporation (TIC)
March 30, 2022
•[ ransomware, malware, finance ]
TIC International Corporation (TIC) reports a data breach after the company learned it had been the target of a ransomware attack.
Stago
March 29, 2022
•[ ransomware, malware, manufacturing ]
The RansomEXX ransomware gand drops leaked data samples on their TOR site.
OSSEG Obra Social de Seguros
March 28, 2022
•[ ransomware, malware, healthcare ]
Vice Society encrypts network and threatens to leak data on their dark web portal.
First Choice Community Healthcare
March 28, 2022
•[ ransomware, malware, healthcare ]
The Hive ransomware group claims to have hacked First Choice Community Healthcare.
NuLife Med
March 28, 2022
•[ ransomware, malware, healthcare ]
Vice Society encrypts network and threatens to leak data on their dark web portal ipacting 81,244 individuals.
Universidade Federal de Sao Paulo
March 27, 2022
•[ ransomware, malware, education ]
Vice Society encrypts network and threatens to leak data on their dark web portal.
Russian Federal Air Transport Agency (Rosaviatsia)
March 26, 2022
•[ hack, malware, government ]
An attack on Russian Federal Air Transport Agency infrastructure has erased all documents, files, aircraft registration data and emails from the servers. About 65 terabytes of data was erased. No backup of these data exists due to lack of funds allocated by Russia's Ministry of Finance. The agency's official website (favt.ru) went also down.
Val Verde Regional Medical Center (VVRMC)
March 25, 2022
•[ ransomware, malware, healthcare ]
Val Verde Regional Medical Center (VVRMC) appears to have been the victim of a ransomware attack involving LockBit.
North Carolina A&T State University
March 25, 2022
•[ ransomware, malware, education ]
North Carolina A&T State University is hit with an ALPHV Ransomware attack.
Trant
March 25, 2022
•[ leak, ransomware, malware ]
Documents Leaked on ransomware site.
Partnership HealthPlan of California
March 24, 2022
•[ ransomware, malware, healthcare ]
Partnership HealthPlan of California is hit with a Hive ransomware attack.
Rostec
March 23, 2022
•[ espionage, malware, manufacturing ]
Multiple Chinese APT groups leveraged the Russia and Ukraine war as a lure for cyberespionage operations. The APT groups have been using sanctions-related baits to attack Russian defense institutes, part of the Rostec Corporation. The hackers used new tools, which have not previously been described: a sophisticated multi-layered loader and a backdoor dubbed SPINNER. These tools use advanced evasion and anti-analysis techniques such as multi-layer in-memory loaders and compiler-level obfuscations. The operation targeted defense research institutes in Russia and possibly also in Belarus. The purpose of the backdoor and the operation is likely to collect information from targets inside the high-tech Russian defense industry to support China in its technological advancement.
Establishment of the Agency for the Environmental Protection of the Marche Region
March 23, 2022
•[ ransomware, leak, malware ]
Vice Society encrypts network and threatens to leak data on their dark web portal.
Miratorg Agribusiness Holding
March 22, 2022
•[ ransomware, malware, manufacturing ]
Moscow-based meat producer and distributor Miratorg Agribusiness Holding suffers a major cyberattack that encrypts its IT systems using Windows BitLocker.
Horizon Actuarial Services
March 21, 2022
•[ ransomware, malware, finance ]
Horizon Actuarial Services, a consulting firm that provides actuarial solutions to multiemployer benefit plans, notifies 38,418 individuals of a ransomware cyberattack.
Johnson Memorial Hospital
March 21, 2022
•[ leak, malware, healthcare ]
Johnson Memorial Hospital announces that the personal and protected health information of some of its patients has been exposed as a result of a malware infection at the law firm, Reid and Riege.
