Blog

Cymulate’s August 2021 Cyberattacks Wrap-up No summertime vacation for threat actors who were once again very busy during August 2021, launching ransomware attacks against several organizations. The Conti ransomware operators were very active this month, breaching the systems of SAC Wireless, a US-based Nokia subsidiary. They were able to upload the stolen information to their cloud server and to encrypt files on the compromised systems. The FBI has connected Conti to more than 400.

Cymulate’s July 2021 Cyberattacks Wrap-up July 2021 started with an affiliate of the notorious REvil gang conducting a ransomware attack targeting Miami-based information technology firm Kaseya. It infected thousands of victims in at least 17 countries through firms that remotely manage IT infrastructure for multiple customers. The threat actors demanded a ransom of a rumored $50 million that the company stated it did not pay, but instead had obtained a decryption tool from a “third party”. .

Risk is not worth the price While spending money on a good cybersecurity platform is no longer a luxury for companies but a necessity, it’s still an important investment. And like a lot of big purchases, it’s crucial to always kick the tires before you buy or switch. If you don’t, you could regret it. Here’s a recent example: CISO of a large high-tech company was approached by an integrator looking to sell an EDR platform. A product that’s highly rated with great scores and reviews by various.

Cymulate’s June 2021 Cyberattacks Wrap-up June 2021 saw a number of ransomware attacks and ransom payments. Gold Northfield, the REvil ransomware group, launched various attacks targeting high-profile targets. JBS Foods, one of the world’s largest meat producers, paid the equivalent of $11 million to restore its operations in Australia, the USA, and Canada after being infected by REvil. Also Fujifilm fell victim to a ransomware attack by the REvil threat actors using the Qbot Trojan, as did.

Cymulate’s May 2021 Cyberattacks Wrap-up During May 2021, threat actors, quite likely DarkSide, went big-game hunting, hacking the Colonial Pipeline Co., which operates one of the largest U.S. fuel pipelines. The company decided to comply with the ransom demand and paid $5 million to restore operations. Also in May 2021, branches of insurance giant AXA based in Thailand, Malaysia, Hong Kong, and the Philippines were hit by ransomware cyberattacks. This cyber attack followed the announcement of.

Cymulate’s April 2021 Cyberattacks Wrap-up Threat actors stepped up their game during April 2021, with ransomware groups finding new ways to increase their profits by putting on corporate victims. For instance, the DarkSide ransomware group is openly approaching stock traders to offer them inside knowledge of their latest corporate victims, which would allow the brokers to short sell the breached company’s stock before any data is leaked and the breach becomes public. The Babuk ransomware group.

Cymulate’s March 2021 Cyberattacks Wrap-up Threat actors were busy during March 2021, breaching major companies such as SITA, a global IT company supporting 90% of the world’s airlines. In this case, the PII belonging to airline passengers was stolen, including their names, card numbers, and status level. In the Netherlands, the stolen personal data of an estimated 7.3 million residents were offered online for sale. The data was stolen from RDC, a company that provides car garages with IT.

  February 2021 remained active by threat actors, launching cyberattacks and new malware strains. We saw that organizations working on COVID-19 vaccines remained popular targets. During the month, threat actors attacked an Oxford University lab, which is researching and producing COVID-19 vaccines. They were able to gain access to its internal systems, including machines used to prepare biochemical samples. In addition to Oxford University, due to the COVID-19 pandemic, overworked hospitals.

*This blog has been updated as of February 21, 2021, with relevant content. A Watering Hole attack is a method in which the attacker seeks to compromise a specific group of end-users either by creating new sites that would attract them or by infecting existing websites that members of that group are known to visit. The attacks have been adopted by criminals, APT groups, and nation-states alike, and we see the amounts rising. The goal is to swipe username, and password combinations hoping the.

 In January 2021, cybercrime kept thriving, also exploiting the current COVID-19 pandemic for personal gain with hackers leaking stolen Pfizer COVID-19 vaccine data online.   Stolen Data from Pfizer/BioNTech Servers The threat actors breached the European Medicines Agency (EMA) and stole part of its Pfizer/BioNTech COVID-19 vaccine data from its servers. The stolen data included email screenshots, EMA peer review comments, Word documents, PDFs, and PowerPoint presentations. Some of the stolen.