Israeli IT services provider Securinux has been hit by LockBit ransomware
Securinux provides a full range of advanced IT services for MSPs and enterprise customers. They specialize in Linux-based security applications, including firewalls and a variety of internet solutions.
The company was compromised by LockBit ransomware in January, most likely via phishing email. Criminals exfiltrated around 35GB of data and a ransom of $100,000 has been demanded.
We saw a high volume of threats in Israel in March, with 37.8% of users experiencing at least one malware detection during the month and 22.4% trying to visit a malicious URL at least once.
UAE telecommunications company Etisalat falls victim to the LockBit group
Etisalat is a UAE state-owned telecommunications company. It is the 18th largest mobile network operator in the world by number of subscribers. Thousands of contracts and customers' sensitive data were collected and encrypted by LockBit, it was reported on February 16. The ransomware request was $10 million.
Acronis threat intelligence shows that 29.1% of users experienced at least one malware detection during March and 25.5% tried to visit a malicious URL at least once in the United Arab Emirates.
Turkish defense contractor Oyak Savunma Ve Guvenlik Sistemleri A.S. attacked by LockBit
Oyak Savunma Ve Guvenlik Sistemleri A.S. is an enterprise with the main office in Ankara. The company operates in the security systems services sector. LockBit announced the contractor was a victim of theirs on March 15, along with the information that they stole, including personal data, contracts and various financial information. The damage was estimated at millions of dollars.
Turkey's cyberspace is not safe: we saw 35% of users experiencing at least one malware detection during March and 24.4% trying to visit a malicious URL at least once.
Bright Wires of Saudia Arabia was compromised by the Qilin ransomware gang
Bright Wires is a representative of many international vendors in Saudi Arabia, and is the kingdom’s leading provider of telecommunication, enterprise information technology and electrical solutions. The Qilin gang named it as their victim on March 7. Bright Wires was most likely compromised with the help of spear phishing, malicious scripts and RDP access via stolen credentials. The cybercriminals exfiltrated miscellaneous documents, including personal data, invoices, financial data, purchase orders, certificates, etc.
Acronis threat intelligence shows that 14.9% of users experienced at least one malware detection during March and 23.4% Saudis tried to visit a malicious URL at least once.
South African manufacturing company Nampak became another victim of LockBit
Nampak (National Amalgamated Packaging) is a South African company based in Johannesburg, South Africa that specializes in the manufacturing and design of packaging. Nampak is the largest diversified packaging company in Africa. Using phishing techniques, LockBit compromised it and stole sensitive data, including personal information, financial documents, internal credentials and the results of various experiments. The hack was announced on March 27.
We saw a high volume of threats in South Africa in March with 25.9% of users experiencing at least one malware detection during the month and 21.9% trying to visit a malicious URL at least once.
