TRU Security

The LockBit ransomware gang has announced that it is working to take its operation to the triple-extortion level. The gang is now looking to add DDoS as an extortion tactic on top of encrypting data and exfiltrating it (to threaten future leaks).

Baker & Taylor, the world's largest distributor of books to libraries worldwide, confirmed it's still working on restoring systems after being hit by ransomware more than a week ago. With an annual revenue of $4.6 billion, the Charlotte, North Carolina-based firm currently services more than 5,000 public and academic libraries.

A new threat campaign has seen cryptocurrency-mining malware distributed across at least 11 countries, disguised as translator apps and music download apps. The app itself provides the advertised functionality, but also hides a sneaky downloader.

The Dominican Republic's Instituto Agrario Dominicano (IAD) has suffered a ransomware attack by the Quantum group. According to the ransom note, at least four physical servers and eight virtual servers with the databases, applications and emails were compromised.

The RansomEXX ransomware gang is claiming responsibility for the cyberattack against Bombardier Recreational Products (BRP), which was disclosed by the company on August 8, 2022.

Greece's largest distributor of natural gas, National Natural Gas System Operator S.A. (or DEFSA), has stated that they've suffered a limited-scope data breach and IT system outage following a cyberattack. Further details were confirmed after their data was leaked by the Ragnar Locker ransomware gang.

The SideWinder APT group was first discovered in 2018, and since earlier this year has been actively targeting military, defense and other industries in South Asia. They used to spread phishing emails with Word files that downloaded additional files to decode, drop and start the malware, which collects and uploads victims’ data to remote servers. They've since infected Android devices with malicious apps in Google Play.