The ransomware group demanded an $80 million ransom, but CDW only offered $1 million. CDW states that the affected servers are isolated and not customer-facing, and its systems remain fully operational.
The leaked data also included information from Bluenove, a technology and consulting firm, suggesting a broader cyberattack targeting multiple organizations. Neither Decathlon nor Bluenove have issued an official statement regarding the data leak.
SpyNote hides its presence on the Android home screen and Recents screen, making it difficult to detect, and grants itself additional permissions to record audio, phone calls, log keystrokes, and capture screenshots.
The group claims to have stolen 5TB of patients’ and employee’s information, backups, PII documents, and more. The gang also published a sample as proof of the stolen data.
The ALPHV ransomware group has claimed to have attacked QSI Inc., a major ITM and ATM solutions provider that works with NCR Corporation. The cyberattack could potentially expose sensitive data from various sectors.
The phishing attack starts with an HTML file disguised as a voice message, which leads to the download of a file hosted on a disguised AWS URL. The attackers initially impersonate Zoom but later switch to spoofing Outlook and Teams login pages.
The outages have affected various operations, such as new orders, payments, and access to support systems, leading to customer frustration and the posting of signs by employees.
DarkGate is a commodity loader that has been increasingly used in initial entry attacks, offering various malicious capabilities such as keylogging, browser information theft, and privilege escalation.
There were 2116 reported US data breaches and leaks in the first nine months of 2023, making it the worst year on record with a whole quarter left to go, according to the Identity Theft Resource Center (ITRC).
The FBI and the CISA recommend implementing application control mechanisms, limiting remote desktop services, and following best practices such as updating software and using strong passwords to defend against AvosLocker ransomware attacks.