Weekly Ransomware Review (September 4 – September 10)
Weekly Ransomware Review (September 4 – September 10)

Let’s take a look at a brief overview of ransomware attacks from the past week. In the spotlight: Conti, TrickBot, Cisco, Stop Ransomware, Phobos, Rival, Chaos, Ragnar Locker, Knight, Cyclops, Dallas, Sri-Lanka.

U.S. and U.K. authorities have imposed sanctions on 11 members of the Conti ransomware gang, who are also implicated in the distribution of the TrickBot botnet.

Cisco has issued an alert regarding a zero-day vulnerability present in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) products. This vulnerability, identified as CVE-2023-20269, is being exploited by ransomware attackers to gain initial access to corporate networks.

Cybersecurity experts have identified new variants of the Stop RansomwarePhobosRivalChaos.

The ransomware group Ragnar Locker has claimed responsibility for a cyberattack on the Israeli hospital ‘Mayanei Hayeshua’. The attackers have threatened the hospital administration with the release of 1 TB of data stolen during the breach of the institution’s IT networks, demanding a significant ransom in return.

Industry insiders have revealed that the notorious ransomware strain known as Cyclops has not disappeared but has been rebranded by its creators to “Knight”. Additionally, the Cyclops ransomware group has successfully engineered malware capable of infecting all major platforms: Windows, Linux, macOS, ESXi, and Android.

Authorities in Dallas, USA, have unexpectedly postponed the release of an official report concerning a ransomware attack on the city’s network infrastructure. The document was initially slated for release on September 6th.

Unidentified ransomware attackers have launched a cyber assault employing encryption software on the official governmental mail domain of Sri Lanka. The ramifications of this security breach are currently undisclosed.