Reading Time: ~ 2 min.
Garmin Hit with WastedLocker Ransomware
Nearly a week after the company announced they had suffered
a system outage, Garmin
has finally admitted to falling victim to a ransomware attack, likely from the increasingly
popular WastedLocker variant. As is the norm for WastedLocker, the attack was
very specific in its targeting of the company (even mentioning Garmin by name
in the ransom note) and took many of their services offline. Though Garmin has
confirmed that no customer data was affected, they are still unsure when their
services will return to full functionality.
Israeli Marketing Firm Suffers Data Breach
More than 14 million user accounts held by the Israeli
marketing firm Promo
were compromised in a recent breach. Subsequently, at least 1.4 million
decrypted user passwords were found for sale on a Dark Web forum, along with 22
million records containing highly sensitive information. The company has since
contacted affected customers and is pushing a forced password reset.
Netwalker Ransomware Targets U.S. Government Organizations
The FBI has released a security statement concerning Netwalker
ransomware attacks, which have targeted both U.S. and foreign government
agencies in recent months. Netwalker is known for exploiting remote desktop
utilities to compromise major enterprise networks. It also offers ransomware-as-a-service
to other cybercriminals. The best methods for blocking these types of attacks
is setting up two-factor authentication (2FA) and creating offline data backups
to protect in case of a successful breach.
Lazarus Hacking Group Branches Out to Ransomware
The North Korean state-sponsored hacking group Lazarus
has added ransomware to their latest attacks. Unfortunately for the group, the
ransomware variant they’ve chosen is inefficient at encrypting data, sometimes
taking up to 10 hours to fully encrypt a single system. These attacks are
similar to those targeting Sony Pictures in 2014 and those that affected the
2018 Winter Olympic games, both of which are suspected to have been conducted
by state-backed actors.
Nefilim Ransomware Begins Publishing Dussman Groups Data
At least 14GB of data belonging to a subsidiary of Dussmann
Group, a major German MSP, is being leaked by the operators of the Nefilim
ransomware variant. The operators have confirmed they were able to obtain
roughly 200GB of data from the subsidiary after discovering a still-unknown method
for compromising the network. Customers affected by the leak have already been