Sergiu Gatlan reports: The BlackCat (ALPHV) ransomware gang now uses stolen Microsoft accounts and the recently spotted Sphynx encryptor to encrypt targets’ Azure cloud storage. While investigating a recent breach, Sophos X-Ops incident responders discovered that the attackers used a new Sphynx variant with added support for using custom credentials. Read more at BleepingComputer.
Category: Malware
Colombia Reports Cyberattack With Impact Across Latin America
The Defense Post reports: Colombia has reported a massive cyberattack affecting dozens of government websites and impacting countries across Latin America. Local media said Thursday that key websites — such as the justice, health, and culture ministries as well as several hospitals — had been affected by a ransomware attack. The presidency said in a…
Caesars Entertainment confirms ransom payment, customer data theft
Sergiu Gatlan reports: Caesars Entertainment, self-described as the largest U.S. casino chain with the most extensive loyalty program in the industry, says it paid a ransom to avoid the online leak of customer data stolen in a recent cyberattack. Caesars discovered on September 7th that the attackers stole its loyalty program database, which stores driver’s…
AlphV responds to MGM incident and sloppy reporting
AlphV has posted a statement about their attack on MGM Resorts. They also post some scathing criticisms of journalists and news outlets for reporting inaccurately and not verifying sources. Of note, their statement also asserts, “The ALPHV ransomware group has not before privately or publicly claimed responsibility for an attack before this point. Rumors were…
Suspected ransomware attack hits Auckland Transport’s Hop cards
1News reports: A suspected ransomware attack is affecting Auckland Transport’s Hop card system, impacting card top-ups and leaving customer service centres with limited functionality. “Early indications are that this is a ransomware attack however our investigations are ongoing,” an Auckland Transport (AT) spokesperson told 1News. No personal or financial data has been accessed. Read more…
IOCTA spotlight report on malware-based cyber-attacks published
Following the Internet Organised Crime Assessment (IOCTA) 2023, today Europol published the spotlight report “Cyber Attacks: The Apex of Crime-as-a-Service”. It examines developments in cyber-attacks, discussing new methodologies and threats as observed by Europol’s operational analysts. The report also outlines the types of criminal structures that are behind cyber-attacks, and how these increasingly professionalised groups are exploiting…