Last week we reported the colonial pipeline Ransomware Attack which eventually disrupted the operations for around 6 days and made the pipeline cough up $5 Million in Ransom. Darkside Ransomware Service, responsible for the attack has reportedly announced the closure of their affiliate program. DarkSide also said, they are releasing decryption tools for all of the companies that have been ransomed.
This decision follows what is assumed by retaliatory actions in which their servers were seized and money of advertisers and founders was transferred to an unknown account. Earlier US President Joe Biden signed an executive order on improving the nation’s Cybersecurity which also included Softwares and Incident Response as part of it.
Healthcare continues to be a primary target for many Ransomware Gangs which was reported earlier in our report. Ireland’s health services, Irish Department of Health and Health Service Executive have been targeted in a major Ransomware attack. The attackers have reportedly asked for a Ransom of 20 Million. The attack is carried out by using a brand new variant of Conti Ransomware which is also known for stealing the victim’s information. The attack has severely impacted many services including outpatient care, Cancer, Stroke treatment and more.
As per a report from Reuters, French insurer Axa said on Sunday that one of its businesses in Asia was hit by a ransomware attack, adding that it was investigating after some data processed in Thailand was accessed.
The group said the cyber attack had targeted its Asia Assistance division, impacting IT operations in Thailand, Malaysia, Hong Kong and the Philippines.
On Friday the 14th, Cisco announced their intent to acquire Kenna Security, a recognised leader in risk-based vulnerability prioritisation. Kenna has over 14 million assets protected and over 12.7 billion managed vulnerabilities. Using data science and real-world threat intelligence, it is known to have a proven ability to bring data in from a multi-vendor environment and provide a comprehensive view of IT vulnerability risk.
Checkpoint Research published the data for top 10 Malwares, Vulnerabilities and Android malwares for the month of April. Dridex Trojan, used by many RAAS as initial payload has remained over the top. This makes for an interesting read and we recommend viewers to check it out here.
Take care and stay safe and we will keep you updated on what’s latest in Cybersecurity.