29 Jul 2021

BlackMatter & Haron, Evil Ransomware Newborns or Rebirths

According to researchers, disappeared ransomware groups DarkSide and REvil have simply rebranded as Haron and BlackMatter. The two ransomware groups took down their leak sites and forums, going dark over the past several months. However, researchers claim that Haron and BlackMatter contain many of the hallmarks of the formerly active

Read More
13 Jul 2021

Guess announces breach of employee SSNs and financial data after DarkSide ransomware attack

Fashion brand Guess has notified customers who have been impacted by a ransomware attack that occurred in February. The company has not clarified the number of victims, however, unauthorized access to certain Guess systems occurred in the early days of February, leading to a breach of driver’s license numbers, passport

Read More
28 May 2021

Feds Warn DarkSide May Not Stay Dark

DarkSide, a cybercriminal gang that allegedly disbanded following the Colonial Pipeline ransomware attack, may not stay out of the hacking game for long, according to a new report. Key government cybersecurity and counterintelligence officials stated that while DarkSide may have actually halted its operations, the group could re-emerge under a

Read More
24 May 2021

Ransomware: An update on the nature of the threat

The technology of ransomware has evolved in sophistication and the business models of the criminal groups behind it have as well. The result: The threat from ransomware has reached pandemic proportions. This post provides an executive level overview of the nature of this threat. This post is part of the OODA Cybersecurity Sensemaking series and is designed to be read as an introduction to our accompanying post on how to mitigate the threat of ransomware to your organization.

Read More
19 May 2021

Dark Side Reports Closing Shop: What’s the Future for Ransomware Gangs?

The ransomware attack against Colonial Pipeline revealed how disruptive this malware can be when it impacts civilian critical infrastructure.  The successful shutdown of 5,500 miles of pipeline created concern among gas-strapped populations and a government wondering if this attack was the work of cyber criminals or a foreign adversary looking for retribution.

Read More
14 May 2021

Toshiba unit struck by DarkSide ransomware group

On Friday, Toshiba Tec Corp announced that one of its units was targeted by a ransomware attack likely perpetrated by the DarkSide hacking group. Toshiba is well known for its production of barcode scanners, Point-of-Sale systems, printers, and other electrical equipment. The company stated that the unit targeted was located

Read More