April 26, 2024

The BlackCat ransomware gang claimed responsibility for a attack that resulted in the theft of data from a Luxembourg power company.

The attack targeted Encevo S.A. electricity and gas pipeline subsidiary Creos Luxembourg S.A. between July 22 and 23 that had resulted in network intruders exfiltrating data.

The link to BlackCat, also known as ALPHV, emerged on when the group threatened to publish 180,000 stolen files totaling 150 GB in size if a ransom was not paid. The stolen data allegedly includes contracts, agreements, passports, bills and emails. As of now, the data has not been published.

Advertisements

The details of how the attack took place have not been disclosed. Encevo said it had filed a complaint with police in Luxembourg and notified relevant government authorities.

Security teams lack the high accuracy needed not only to establish a threat but also to understand the entire attack campaign versus just individual threats.

The ability to collect a full set of telemetry across different sources, link together the various indicators of compromise and build the puzzle automatically is critical to providing the full context needed by security teams to get ideally prevent the attack, be able to respond appropriately and quickly.

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

GitLab April 2024 Security Advisory – CVE-2024-2434

April 26, 2024

CISA KEV Update April 2024 – Part II

April 25, 2024

ArcaneDoor Exploits Cisco ASA and FTD

April 25, 2024

Google Fixes Critical Vulnerability in Chrome -CVE-2024-4058

April 24, 2024

Red Ransomware Victimized Targus

April 23, 2024

Oracle Virtual Box Vulnerability PoC Released – CVE-2024-21111

April 22, 2024

Discover more from TheCyberThrone

Subscribe now to keep reading and get access to the full archive.

Continue reading