New ransomware group employs advanced virtualization attack tactics to maximize damage and hinder organizational recovery efforts. A newly emerged ransomware group known as BERT has introduced a particularly disruptive capability that sets it apart from traditional ransomware operations: the ability to forcibly terminate ESXi virtual machines before encryption, significantly complicating recovery efforts for targeted organizations....Read More
Ingram Micro, a large technology distributor, said the company has been hit with a ransomware attack that took down its systems. The press release confirms reports from BleepingComputer as well as comments on Reddit about the outage. Ingram Micro systems have been down since Thursday. The company said Tuesday that it has been restoring systems,...Read More
Ingram Micro has made significant progress in restoring its transactional and ordering functions online with additional safeguards on its network, following a global ransomware incident. On 5 July, Ingram Micro identified ransomware on its internal systems and took steps to secure the relevant environment, including proactively taking certain systems offline and implementing mitigation measures. Subscription...Read More
Breach Spells Chaos for Thousands of Customers It’s expected that the knock-on effects of this breach could be significant. Among them, Ingram Micro’s flagship AI platform, known as Xvantage, suffered extensive disruptions related to order tracking, billing automation, and inventory management systems. At the same time, customer-facing applications, including tools for ecommerce and technical support,...Read More
A recent ransomware attack in Gloucester County, Va., has compromised residents’ personal information and officials are monitoring its aftermath amid a state and federal investigation. The county’s Information Technology Department (ITD) detected the incident “on or about April 22,” according to an online update July 2, but staffers quickly secured and restored systems. The Maine...Read More
A newly identified ransomware group, BERT, tracked by Trend Micro as Water Pombero, has emerged as a significant threat to organizations across Asia, Europe, and the US. First observed in April, BERT targets critical sectors such as healthcare, technology, and event services, employing a dual-platform approach to infect both Windows and Linux systems. Threat Targeting...Read More
M&S confirmed today that the retail outlet’s network was initially breached in a “sophisticated impersonation attack” that ultimately led to a DragonForce ransomware attack. M&S chairman Archie Norman revealed this in a hearing with the UK Parliament’s Business and Trade Sub-Committee on Economic Security regarding the recent attacks on the retail sector in the country. While...Read More
A new report out today from endpoint security firm Morphisec Inc. reveals the resurgence of Pay2Key, a ransomware operation with ties to Iran’s Fox Kitten advanced persistent threat group, now rebranded as Pay2Key.I2P. Originally exposed in 2020, the updated threat actor is leveraging a ransomware-as-a-service model and incorporating techniques and components associated with the Mimic ransomware family, including a...Read More
Marks & Spencer chairman Archie Norman has described the recent ransomware attack on the retailer’s systems as something akin to an “out-of-body experience” as he called for cyber attack victims to be brave, bite the bullet, and be open and transparent about their experiences. Speaking before the Business and Trade Sub-Committee on Economic Security,...Read More
‘We’re not going to abandon Ingram. If we had the mindset that any partner who experiences a breach is off the table, we’d have zero partners. All the major companies, this is part of the game as you grow,’ says Antwine Jackson, president and founder of Enitech. Ingram Micro is making “important progress” on restoring...Read More
