Japan's Tokio Marine is the latest insurer to be victimized by ransomware August 17, 2021 https://www.cyberscoop.com/tokio-marine-ryan-specialty-group-ransomware-cyber-insurance/
New analysis of Diavol ransomware reinforces the link to TrickBot gang August 18, 2021 https://securityaffairs.co/wordpress/121251/malware/diavol-ransomware-trickbot-gang.html IBM X-Force: Analysis of Diavol Ransomware Reveals Possible Link to TrickBot Gang
Conti ransomware prioritizes revenue and cyberinsurance data theft August 17, 2021 https://www.bleepingcomputer.com/ne...itizes-revenue-and-cyberinsurance-data-theft/
Data Stolen as Social Housing Group Suffers Ransomware Attack August 19, 2021 https://www.infosecurity-magazine.com/news/data-stolen-social-housing/
Ransomware attack on Department of Conservation August 20, 2021 https://www.stuff.co.nz/timaru-herald/news/126140104/ransomware-attack-on-department-of-conservation
SynAck ransomware decryptor lets victims recover files for free August 20, 2021 https://www.bleepingcomputer.com/ne...ecryptor-lets-victims-recover-files-for-free/ Emsisoft Decryptor for SynAck
The Week in Ransomware - August 20th 2021 - Exploiting Windows August 20, 2021 https://www.bleepingcomputer.com/ne...nsomware-august-20th-2021-exploiting-windows/
The Week in Ransomware - September 3rd 2021 - Targeting Exchange https://www.bleepingcomputer.com/ne...omware-september-3rd-2021-targeting-exchange/
Ransomware gangs target companies using these criteria https://www.bleepingcomputer.com/ne...-gangs-target-companies-using-these-criteria/
"[Ragnar Locker] Ransomware gang threatens to leak data if victim contacts FBI, police... The Ragnar Locker ransomware group is warning that they will leak stolen data from victims that contact law enforcement authorities, like the FBI. In an announcement published on Ragnar Locker's darknet leak site this week, the group is threatening to publish full data of victims who seek the help of law enforcement and investigative agencies following a ransomware attack. The threat also applies to victims contacting data recovery experts to attempt decryption and conduct the negotiation process..." https://www.bleepingcomputer.com/ne...s-to-leak-data-if-victim-contacts-fbi-police/
REvil ransomware's servers mysteriously come back online https://www.bleepingcomputer.com/ne...mwares-servers-mysteriously-come-back-online/
"Howard University cancels classes after ransomware attack Washington, D.C’s Howard University has canceled classes after becoming the latest educational institution to be hit by a ransomware attack..." https://techcrunch.com/2021/09/07/howard-university-cancels-classes-after-ransomware-attack/
"Technology giant Olympus hit by BlackMatter ransomware... Olympus is recovering from a ransomware attack that began in the early morning of September 8... A ransom note left behind on infected computers claimed to be from the BlackMatter ransomware group... BlackMatter is a ransomware-as-a-service group that was founded as a successor to several ransomware groups, including DarkSide, which recently bounced from the criminal world after the high-profile ransomware attack on Colonial Pipeline, and REvil, which went silent for months after the Kaseya attack flooded hundreds of companies with ransomware... Since the group emerged in June, Emsisoft has recorded more than 40 ransomware attacks attributed to BlackMatter..." https://techcrunch.com/2021/09/12/technology-giant-olympus-hit-by-blackmatter-ransomware/
"Bitdefender launches free REvil ransomware decryptor... Any REvil victim that was hit prior to July 13, 2021 can download the universal decryption tool from Bitdefender... Developed with assistance from an undisclosed law enforcement partner, the decryption tool can be downloaded from Bitdefender’s website for free, along with a step-by-step tutorial on how to use it. Decryptors provided by the REvil gang in the past have gained a reputation for being slow and unreliable, leaving many victims not much better off, but Botezatu said that because the new tool had been developed from scratch, it could be used in confidence..." https://www.computerweekly.com/news/252506780/BitDefender-launches-free-REvil-ransomware-decryptor Bitdefender decrytor: https://www.bitdefender.com/blog/la...al-decryptor-for-revil-sodinokibi-ransomware/ Bitdefender tutorial: https://www.nomoreransom.org/uploads/REvil_documentation.pdf
The Week in Ransomware - September 17th 2021 - REvil decrypted September 17, 2021 https://www.bleepingcomputer.com/ne...nsomware-september-17th-2021-revil-decrypted/
Second farming cooperative shut down by ransomware this week September 22, 2021 https://www.bleepingcomputer.com/ne...ooperative-shut-down-by-ransomware-this-week/
Major European call center provider goes down in ransomware attack September 24, 2021 https://therecord.media/major-european-call-center-provider-goes-down-in-ransomware-attack/
The Week in Ransomware - September 24th 2021 - Targeting crypto September 24, 2021 https://www.bleepingcomputer.com/ne...somware-september-24th-2021-targeting-crypto/
United Health Centers ransomware attack claimed by Vice Society https://www.bleepingcomputer.com/ne...rs-ransomware-attack-claimed-by-vice-society/
The Week in Ransomware - October 1st 2021 - "This was preventable" October 1, 2021 https://www.bleepingcomputer.com/ne...omware-october-1st-2021-this-was-preventable/
Pottawatomie Co. pays hackers to restore computer systems after cyber attack October 1, 2021 https://www.wibw.com/2021/10/01/pot...-restore-computer-systems-after-cyber-attack/
Unnamed Ransomware gang uses a Python script to encrypt VMware ESXi servers October 5, 2021 https://securityaffairs.co/wordpress/122993/malware/ransomware-gang-script-vmware-esxi.html Sophos: Python ransomware script targets ESXi server for encryption
New File-Locking Malware With No Known Decryptor Found DSCI: Ransomware Alkhal Likely Spread Via Phishing, Malicious URLs October 4, 2021 https://www.bankinfosecurity.asia/new-file-locking-malware-no-known-decryptor-found-a-17673
