ES: Cosmetics firm added by LockBit Skin and hair products firm Montibello has been added by LockBit3.0 to their leaks page. The listing was added on February 14th but without any filetree or proof. DataBreaches emailed Montibello to see if they would confirm or deny an attack but received no reply. There is nothing on…
Category: Malware
MKS Instruments’ breach notification includes a surprising statement to reassure those affected
Well, this is a bit different. On February 13, MKS Instruments in Massachusetts (the U.S. parent company of the MKS and Atotech group of companies) became aware of a ransomware event. By February 16, they issued a notification letter to former and current employees who may have been affected. Their notification informed employees that, “While…
Update: Wawasee Community School Corporation victim of BlackCat attack
The Wawasee Community School Corporation in Indiana was reportedly the victim of a cyberattack by BlackCat. The threat actors have now leaked what they claim are 9.78 GB of files on their leak site because Wawasee did not pay their demands. Perhaps luckily for Wawasee, the download link is not working at this time. There…
New MortalKombat ransomware and Laplas Clipper malware threats deployed in financially motivated campaign
Chetan Raghuprasad writes: Since December 2022, Cisco Talos has been observing an unidentified actor deploying two relatively new threats, the recently discovered MortalKombat ransomware and a GO variant of the Laplas Clipper malware, to steal cryptocurrency from victims. Talos observed the actor scanning the internet for victim machines with an exposed remote desktop protocol (RDP)…
City of Oakland declares state of emergency after ransomware attack
Sergiu Gatlan reports: Oakland has declared a local state of emergency because of the impact of a ransomware attack that forced the City to take all its IT systems offline on February 8th. Interim City Administrator G. Harold Duffey declared a state of emergency to allow the City of Oakland to expedite orders, materials and equipment procurement,…
Royal Mail refused to pay ‘absurd’ LockBit ransom, chat logs say
Carly Page reports: The LockBit ransomware gang has published what it claims is the full transcript of its negotiations with Royal Mail, which continues to experience disruption due to last month’s cyberattack. The chat logs negotiating the ransom is the first data that LockBit has published following the cyberattack on Royal Mail, which left the British postal service…