On-demand Webinar – World vs Cyber: Bridging the Gap to Mitigate Threats Learn More +

Ransomware Rewind

Weekly Update: 22 November 2022

Ransomware Rewind is a compilation of ransomware-related stories published over the past week.

Most Active Ransomware Operators

Volume of messages posted by operators during the last week.

Significant Campaigns & Incidents

Documents and discussion of significant ransomware campaigns, incidents, and associated actors.

Montreal-area city hit by ransomware: ReportIT World Canada – Nov 21 2022 15:49
Gateway Rehab issues notice about June ransomware incidentDataBreaches.net – Nov 19 2022 13:08
Two public schools in Michigan hit by a ransomware attackSecurity Affairs – Nov 17 2022 22:25

Tactics & Techniques

Discussion and mentions of significant techniques deployed by threat actors.

Previously unidentified ARCrypter ransomware expands worldwideBleepingComputer.com – Nov 17 2022 20:07
DEV-0569 finds new ways to deliver Royal ransomware, various payloadsMicrosoft Security Blog – Nov 17 2022 17:00
DAGON LOCKER Ransomware Being DistributedASEC Blog AhnLab English – Nov 16 2022 03:54

Researcher Analysis

Analysis, deep-dives and reverse engineering.

Netskope Threat Coverage: Prestige RansomwareNetskope Threat Labs – Nov 18 2022 15:18
Ransomware activity doubles in transportation, shippingSecurityBrief Europe – Nov 17 2022 18:03
AA22-321A: #StopRansomware: Hive RansomwareCISA Alerts – Nov 17 2022 17:00
LockBit Remains Most Prolific Ransomware in Q3Infosecurity Today – Nov 16 2022 09:30

Legal Actions and Discussion

Actions, consequences, and policy discussion by governments and organisations.

Ransomware is a global problem that needs a global solutionMedium Cybersecurity – Nov 21 2022 17:46
DOJ touts work with Kaseya, urges more ransomware victims to contact CISA, FBIThe Record by Recorded Future – Nov 16 2022 21:05

The content in this report was compiled by the use of our award-winning intelligence product Silobreaker Online. Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of any content in this report and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content in the report.