SpearTip | March 4th, 2022

SpearTip discovered a new Conti ransomware attack method utilizing Log4j vulnerabilities to infiltrate networks. The SpearTip team neutralized the attack before it was able to gain an environmental foothold.

Toyota Motor Corporation was forced to stop production at all Japan-based plants following a ransomware attack on a key supplier. 14 factories have since been able to resume vehicle manufacturing.

A Canadian healthcare organization was hit simultaneously by two competing Russian ransomware operations. Karma ransomware exfiltrated the compromised data while the Conti group encrypted sensitive data.

NVIDIA, confirms that approximately 1TB of data, including intellectual property and employee information, was stolen by the Lapsus$ ransomware group. Among the demands, threat actors are pressuring NVIDIA to open source their GPU drivers to enable faster crypto mining and gaming.

Researchers at Microsoft detected Cuba ransomware exploiting Exchange vulnerabilities to launch malicious attacks against Ukrainian infrastructure. The Federal Bureau of Investigation (FBI) recently published a notice of the ransomware group’s targeting of critical infrastructure via RDP vulnerabilities and phishing campaigns.

If your company is experiencing a breach, call our Security Operations Centers at 833.997.7327 to speak directly with an engineer.