January 12, 2024 at 05:13PM
Ransomware gangs are targeting mortgage lenders, with recent attacks on loanDepot, Mr. Cooper, and title insurance companies. The Toronto Zoo and Tigo Business were also hit. In a positive turn, a Dutch police operation led to the arrest of a ransomware operator. The week also saw the discovery of new ransomware variants.
Based on the meeting notes provided, the key takeaways are:
1. Mortgage lenders and related companies are increasingly being targeted by ransomware gangs, leading to multiple cyberattacks in recent weeks.
2. Notable attacks include those on mortgage giants like loanDepot and Mr. Cooper, as well as title insurance companies such as First American Financial and Fidelity National Financial. These attacks have led to the exposure of sensitive data for millions of people.
3. The attackers are exploiting the large amounts of customer information held by these companies and conducting double-extortion attacks, making them lucrative targets.
4. Various ransomware gangs, including LockBit, Akira, Black Hunt, and others, have been actively launching attacks and posing a significant threat to organizations.
5. Cybersecurity researchers have identified new variants of ransomware, such as Phobos, STOP, Makops, Abyss, Dharma, and Xorist, with distinct file appending extensions and ransom notes.
6. Some positive developments include the arrest of a ransomware operator and the retrieval of decryption keys, allowing victims of the Tortilla ransomware to recover their files for free.
7. Security researchers and organizations, including @LawrenceAbrams, @malwrhunterteam, and @TrendMicro, played a crucial role in sharing new research and information on ransomware activities.
If you need further information or analysis on any specific aspect, feel free to ask!