TRU Security

Greece's largest distributor of natural gas, National Natural Gas System Operator S.A. (or DEFSA), has stated that they've suffered a limited-scope data breach and IT system outage following a cyberattack. Further details were confirmed after their data was leaked by the Ragnar Locker ransomware gang.

The SideWinder APT group was first discovered in 2018, and since earlier this year has been actively targeting military, defense and other industries in South Asia. They used to spread phishing emails with Word files that downloaded additional files to decode, drop and start the malware, which collects and uploads victims’ data to remote servers. They've since infected Android devices with malicious apps in Google Play.

South Staffordshire Water, a British company that supplies clean water to 1.6 million consumers, has confirmed that they were disrupted by a cyberattack. Fortunately, the attack only affected office IT systems and did not impact the water distribution systems, so the water supply is safe.

Cybercrime group RansomHouse claims to have compromised eight Italian districts. The group has published 2.1 TB of exfiltrated data from the IT infrastructures of the union of Tuscan municipalities, in the metropolitan city of Florence.

Argentina's Judiciary of Córdoba has shut down its IT systems and online portal after suffering a ransomware attack, claimed by the new 'PLAY' ransomware operation. The Judiciary confirmed that it has engaged with Microsoft, Cisco and other local specialists to investigate the attack.

Hydrox was first spotted by Twitter user Petrovich on July 29, 2022. On August 3, EnigmaSoft described this threat as a harmful malware that actually wipes users' data. This conclusion was made from a “ransom note” which didn’t actually contain any credentials or links for paying the ransom.

Multi-national tech conglomerate Cisco has confirmed that the Yanluowang ransomware gang breached its corporate network in late May, and that the group tried to extort them by threatening to leak stolen files online. The Yanluowang gang claims to have stolen 2.8 GB of data, consisting of approximately 3,100 files which Cisco has described as "not sensitive."