Gandalf_The_Grey
Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
- Apr 24, 2016
- 7,477
This week has been a busy ransomware week, with ransomware attacks having a massive impact on organizations and the fallout of the MOVEit breaches to be disclosed.
BleepingComputer also exclusively broke the story that building and automation giant Johnson Controls International suffered a Dark Angels ransomware attack, with the threat actors claiming to have stolen 27 TB of data from 25 file servers.
The cyberattack was reportedly launched in Asia offices, from which the threat actors spread to the rest of the corporate network. During this time, the attackers claim to have stolen DWG files, engineering documents, databases, confidential documents, and client contracts.
Soon after BleepingComputer broke the news, Johnson Controls submitted a FORM 8-K filing with the SEC, confirming they suffered a cyberattack.
We also continue to see the effects of Clop's massive MOVEit data-theft attacks, with the National Student Clearinghouse warning of a data breach that impacted 890 schools and the BORN Ontario child registry breach impacting 3.4 million people, including patients at the Hospital for Sick Children (SickKids).
Cybersecurity firms, journalists, and law enforcement also released interesting reports this week:
- A threat actor named ShadowSyndicate is linked to 7 ransomware operations.
- Hackers are actively exploiting OpenFire flaws to encrypt servers.
- The Snatch extortion gang left their server status page open, allowing anyone to see who was connecting to the server.
- The FBI warned that ransomware affiliates are accelerating double-encryption attacks.
- A look at Akira's new PowerRanges variant, internally called Megazord.
The Week in Ransomware - September 29th 2023 - Dark Angels
This week has been a busy ransomware week, with ransomware attacks having a massive impact on organizations and the fallout of the MOVEit breaches to be disclosed.
www.bleepingcomputer.com