OmniVision Says Personal Information Stolen in Ransomware Attack

May 21, 2024 at 06:16AM OmniVision Technologies disclosed a data breach caused by a ransomware attack in September 2023. A notification letter to the California Attorney General’s Office revealed that personal information was stolen and later leaked by the Cactus ransomware group. OmniVision is providing free credit monitoring and identity restoration services to the affected … Read more

Schneider Electric Division Responding to Ransomware Attack, Data Breach 

January 30, 2024 at 07:30AM Schneider Electric’s Sustainability Business division is affected by a ransomware attack and data breach, limited to its isolated network infrastructure. The incident impacted Resource Advisor and other systems, with access expected to resume in two days. The Cactus ransomware group is suspected to be behind the attack. This is not … Read more

Energy giant Schneider Electric hit by Cactus ransomware attack

January 29, 2024 at 03:12PM Schneider Electric was hit by a Cactus ransomware attack, compromising its Sustainability Business division and leading to data theft. The attack also disrupted its Resource Advisor cloud platform. The stolen data may include sensitive information about customers’ power utilization and compliance with environmental regulations. Schneider Electric is currently working on … Read more

Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware

December 4, 2023 at 12:00AM Microsoft alerts of a CACTUS ransomware spread through malvertising, deploying DanaBot for initial access, leading to attacks by the Storm-0216 group. DanaBot’s usage follows law enforcement disrupting QakBot. Recent attacks also exploit Qlik Sense vulnerabilities and a new macOS ransomware called Turtle has emerged. Clear Takeaways from Meeting Notes on … Read more

Cactus ransomware exploiting Qlik Sense flaws to breach networks

November 30, 2023 at 02:06PM Cactus ransomware targets Qlik Sense analytics platform vulnerabilities for network access, exploiting unpatched systems to gain control, download tools, and deploy ransomware. Updates have been released to address critical flaws; users are advised to install designated patches. Arctic Wolf reports Cactus uses advanced techniques for persistence, lateral movement, and data … Read more

Qlik Sense Vulnerabilities Exploited in Ransomware Attacks

November 30, 2023 at 09:42AM Arctic Wolf has linked three critical vulnerabilities in Qlik’s analytics products to ransomware attacks, notably Cactus ransomware. The vulnerabilities, reported by Praetorian and patched by Qlik, allow remote code execution and admin access, with over 17,000 internet-exposed instances. The same threat actor seems responsible for multiple intrusions. Meeting Takeaways: 1. … Read more

CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks

November 30, 2023 at 06:30AM A CACTUS ransomware campaign is exploiting vulnerabilities in Qlik Sense, noted by Arctic Wolf researchers. These exploits allow attackers to gain initial access and establish persistence through various means, including disabling security software. The broader ransomware landscape continues to adapt and prove lucrative despite crackdowns, with groups like Black Basta … Read more