Updated: Mar 25, 2022
In this week's digest we dive into some of the latest ransomware attacks to hit organisations around the globe, including an attack carried out by a new group called Pandora. Keep reading to stay up to date with this week's biggest cyber security news.
Denso, a multibillion supplier to key automotive companies like Toyota, Mercedes-Benz and Ford, confirmed Monday that it was the target of a ransomware attack over the weekend. Denso confirmed the attack after a new ransomware gang Pandora began leaking files allegedly stolen in the attack. The Pandora group is relatively new, first being seen earlier this month. Data belonging to Toyota was leaked as part of the attacks, meaning this is the second time this year Toyota has been impacted by a supply-chain attack.
Video game developer Ubisoft has confirmed that it suffered a 'cyber security incident' that caused disruption to its games, systems, and services. The data extortion group Lapsus$ appears to be behind the attack. As a precautionary measure, Ubisoft initiated a company-wide password reset. There is no evidence indicating any personal information of players was exposed during the incident. The company has confirmed that all Ubisoft games and services are now functioning normally.
A number of websites belonging to the Israeli government have been impacted by a distributed-denial-of-service attack that hit a telecommunications provider. The attack led the Israel National Cyber Directorate to briefly declare a state of emergency, with sources claiming that attack to be the largest ever against Israel.
Researchers have discovered another destructive data-wiping malware targeting organisations in Ukraine, called CaddyWiper. This is the third data-wiping malware found attacking Ukrainian systems in the past few weeks, the others being HermanticWiper and IsaacWiper. CaddyWiper does not appear to share similarities with the other data-wipers except for one tactical overlap with HermeticWiper in that the malware, in one instance, was deployed via the Windows domain controller, indicating that the attackers had taken control of the Active Directory server.
Bridgestone Americas, one of the largest manufacturers of tires in the world, has suffered a ransomware attack which is being claimed by the LockBit ransomware group. The threat actor announced that they will leak all data stolen from the company and launched a countdown timer. It is unclear what data LockBit stole from Bridgestone or how detrimental leaking it would be to the company.