Skip to content

The New Silobreaker Ransomware Report – An analysis of disclosure and messaging from open sources Learn More +

  • How it works
  • Solutions
        • Cyber Threat Intelligence
          • APT Monitoring
          • Asset Monitoring
          • Cyber Threat Landscape Intelligence
          • Data Breach Intelligence
          • Fraud Intelligence
          • Phishing Intelligence
          • Ransomware Intelligence
          • Supply Chain Threat Intelligence
          • Vulnerability Intelligence
        • Strategic and Political Intelligence
          • Competitor Benchmarking Intelligence
          • Conflict and Geopolitical Intelligence
          • Corporate Risk Intelligence
        • Physical Risk Intelligence
          • Areas of Operation Intelligence
          • Events and Activism Intelligence
        • Brand Threat Protection
        • Industries
          • Critical Infrastructure
          • Financial Services
          • Government and Defence
          • Healthcare and Pharma
          • Service Providers
          • Retail
          • Technology and Telecoms
  • Alerts
        • Silobreaker Demo

          See a demo of Silobreaker in action

          Request a demo +

        • Free Intelligence Email Alerts
          • COVID-19 Threat Alert​
          • Daily Cyber Alert
          • Weekly Cyber Digest
          • Financial Services Threat Alert
          • Ransomware Rewind
          • Russia-Ukraine Insights Alert​
          • US Politics Media Watch​
  • Resources
        • Silobreaker ROI

          Answer more intelligence use cases with a single tool

          Read our ROI Report +

        • Data SheetsDownload our product information
        • EventsMeet our team of experts
        • Customer StoriesLearn how customers reduce risk
        • ReportsIn-depth analysis and insights
        • WebinarsOnline events you don’t want to miss
  • Partners
  • Company
        • Customer Support

          Get product support from our experts

          Contact support +
        • AboutLearn about our people and awards
        • CareersIt’s a great time to join Silobreaker
        • PressAll the latest buzz on the company
        • Contact usGet in touch with sales and support
  • Free Trial
  • Login
  • Request demo
Menu
  • Request demo

Ransomware Rewind

Home – Alerts – Ransomware Rewind – 16 May 2023

Weekly Update: 16 May 2023

Ransomware Rewind is a compilation of ransomware-related stories published over the past week.

Most Active Ransomware Operators

Volume of messages posted by operators during the last week.

Significant Campaigns & Incidents

Documents and discussion of significant ransomware campaigns, incidents, and associated actors.

BlackCat Ransomware Claims Academy Mortgage Cyber AttackThe Cyber Express – May 15 2023 05:17
Ransomware attack on PharMerica affected 5.8 million patientsDataBreaches.net – May 13 2023 17:41
Staten Island Hospital operating in network downtime amid ransomware attackSC Magazine US – May 12 2023 18:41
A harbinger of bad things to come?DataBreaches.net – May 11 2023 22:41
Multinational tech firm ABB hit by Black Basta ransomware attackBleepingComputer.com – May 11 2023 21:05
Methodist Family Health discloses breach potentially involving sensitive info on childrenDataBreaches.net – May 11 2023 19:41
NC: Gaston College still investigating February cyberattack; personal information stolen still being determinedDataBreaches.net – May 11 2023 13:11
Ransomware attack gets personal for Dragos chiefSC Magazine US – May 11 2023 12:27
Capita Says Ransomware Attack Will Cost It Up to $25 Million SecurityWeek – May 10 2023 12:00
BianLian #ransomware group added Deer Lakes School District () to their victim list. They claims to have access to 180 GB of organizations data.

#USA
#BianLian
#darkweb #databreach

FalconFeedsio Twitter – May 10 2023 11:18
National Gallery of Canada hit by ransomwareitworldca Twitter – May 10 2023 01:45
Play Ransomware Gang Behind KLC Network Services Cyber AttackThe Cyber Express – May 09 2023 12:46
1M records stolen from electronic health record software provider NextGenSiliconANGLE – May 09 2023 00:49

Tactics & Techniques

Discussion and mentions of significant techniques deployed by threat actors.

🎯 Since 2020, CrowdStrike has increasingly observed big game hunting (BGH) threat actors deploying Linux versions of ransomware tools specifically designed to affect VMWare’s ESXi vSphere hypervisor.

Learn more. ⬇️

CrowdStrike Twitter – May 15 2023 10:08
Russia-affiliated CheckMate ransomware quietly targets popular file-sharing protocolSecurity Affairs – May 13 2023 07:32
BlackSuit Ransomware Strikes Windows and Linux UsersCyble Blog – May 12 2023 12:41
CISA, FBI: Ransomware Gang Exploited PaperCut Flaw Against Education FacilitiesSecurity Week – May 12 2023 10:07
Iranian Threat Groups Abuse PaperCut Flaw: Warns MicrosoftCyware – May 11 2023 10:52
Analysis of CLR SqlShell Used to Attack MS-SQL ServersASEC Blog AhnLab English – May 11 2023 00:00
Cactus Ransomware Infiltrates Networks by Exploiting VPN FlawsHeimdal Security Blog – May 10 2023 14:45
Make them pay: Hackers device new tactics to ensure ransomware paymentCSO Magazine – May 10 2023 07:52

Researcher Analysis

Analysis, deep-dives and reverse engineering.

Qilin’s Dark Web Ransomware Targets Critical SectorsInfosecurity Today – May 15 2023 17:08
Cybercriminals who targeted Ukraine are actually Russian government hackers, researchers sayTechCrunch – May 15 2023 15:49
Newly identified RA Group compromises companies in U.S. and South Korea with leaked Babuk source codeTalos Blog – May 15 2023 12:00
LokiLocker, a Ransomware Similar to BlackBit Being Distributed in KoreaASEC Blog AhnLab English – May 15 2023 00:00
Ransomware Roundup – MaoriFortinet – May 12 2023 17:28
Technical Analysis of CryptNet RansomwareSecurity Boulevard – May 12 2023 15:30
Dissecting Rancoz RansomwareCyble Blog – May 11 2023 11:48
GRIT Ransomware Report: April 2023Security Bloggers Network – May 11 2023 10:00
Hypervisor Ransomware | Multiple Threat Actor Groups Hop on Leaked Babuk Code to Build ESXi LockersSentinelLabs – May 11 2023 09:55
New ransomware trends in 2023Kaspersky Lab – May 11 2023 08:00
The State of Ransomware 2023Sophos News – May 10 2023 10:00
Threat Assessment: Royal RansomwareUnit42 Palo Alto – May 09 2023 13:00

Legal Actions and Discussion

Actions, consequences, and policy discussion by governments and organisations.

To keep fighting ransomware, the United States needs more informationWashington Post – May 15 2023 21:03
Insured companies more likely to be ransomware victims, sometimes more than onceCSO Magazine – May 15 2023 09:43
A New Twist in the Ransomware Debate: Is it Negligent to Fail to Pay Ransom?JD Supra – May 15 2023 00:00
Did Oakland have right cyber insurance before the ransomware hack? Here’s what expert saysABC 7 News TV – May 13 2023 03:01
VPN vulnerability led to ransomware attack on Law Society: PDPCChannel NewsAsia – May 12 2023 08:58
Think tank to govt: Push Quad on clear ransomware policyInnovationsAus.com – May 11 2023 14:21
Further expansion advanced by Counter Ransomware InitiativeSC Magazine US – May 10 2023 16:46
Data ties healthcare cyberattacks to greater disruptions at nearby hospitalsSC Magazine US – May 09 2023 15:54

The content in this report was compiled by the use of our award-winning intelligence product Silobreaker Online. Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of any content in this report and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content in the report.

Get started today

Ready to try it for yourself? Request a demo of Silobreaker today.

Request demo
Silobreaker
Linkedin-in Twitter Facebook-f

Product

  • How it Works
  • Industries
  • How it Works
  • Industries

Log in

Resources

  • Alerts
  • Data Sheets
  • Webinars
  • Reports
  • Glossary
  • Alerts
  • Data Sheets
  • Webinars
  • Reports
  • Glossary

Partners

  • Integration Partners
  • Channel Partners
  • Integration Partners
  • Channel Partners

Company

  • About Silobreaker
  • News
  • Careers
  • Services
  • Legal
  • Privacy Policy
  • About Silobreaker
  • News
  • Careers
  • Services
  • Legal
  • Privacy Policy

Contact

  • Sales
  • Support
  • Offices
  • Sales
  • Support
  • Offices
Copyright © 2023 by Silobreaker Limited. All rights reserved.
Manage consent
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
__hssrcsessionThis cookie is set by Hubspot whenever it changes the session cookie. The __hssrc cookie set to 1 indicates that the user has restarted the browser, and if the cookie does not exist, it is assumed to be a new session.
cookielawinfo-checkbox-advertisement1 yearSet by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent1 yearRecords the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
elementorneverThis cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time.
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
CookieDurationDescription
__cf_bm30 minutesThis cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
__hssc30 minutesHubSpot sets this cookie to keep track of sessions and to determine if HubSpot should increment the session number and timestamps in the __hstc cookie.
bcookie1 yearLinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie1 yearLinkedIn sets this cookie to store performed actions on the website.
langsessionLinkedIn sets this cookie to remember a user's language setting.
lidc1 dayLinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory1 monthLinkedIn sets this cookie for LinkedIn Ads ID syncing.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
CookieDurationDescription
_uetsid1 dayBing Ads sets this cookie to engage with a user that has previously visited the website.
_uetvid1 year 24 daysBing Ads sets this cookie to engage with a user that has previously visited the website.
SRM_B1 year 24 daysUsed by Microsoft Advertising as a unique ID for visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
CookieDurationDescription
__hstc5 months 27 daysThis is the main cookie set by Hubspot, for tracking visitors. It contains the domain, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
_ga2 yearsThe _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_1737047_91 minuteSet by Google to distinguish users.
_gcl_au3 monthsProvided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid1 dayInstalled by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
hubspotutk5 months 27 daysHubSpot sets this cookie to keep track of the visitors to the website. This cookie is passed to HubSpot on form submission and used when deduplicating contacts.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
CookieDurationDescription
ANONCHK10 minutesThe ANONCHK cookie, set by Bing, is used to store a user's session ID and also verify the clicks from ads on the Bing search engine. The cookie helps in reporting and personalization as well.
MUID1 year 24 daysBing sets this cookie to recognize unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations.
test_cookie15 minutesThe test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
CookieDurationDescription
_clck1 yearNo description
_clsk1 dayNo description
AnalyticsSyncHistory1 monthNo description
CLID1 yearNo description
li_gc5 months 27 daysNo description
SMsessionNo description available.
SAVE & ACCEPT
Powered by CookieYes Logo