Cyber Hero Weekly 7/9/2021 - 7/15/2021

Copy of Learn More (2)

The ThreatLocker team provides the latest stories to keep you and your customers updated on ransomware and other malicious cybersecurity threats. Here's what's new this week:

Guess Confirms Ransomware Attack

Guess, a Los Angeles-based clothing retailer with 1,580 stores globally, has confirmed it was hit with a ransomware attack in February. DarkSide claims to have exfiltrated more than 200GB of data, and posted a number of samples as proof, according to While the ransomware group did not include a specific ransom demand, they advised Guess to use their insurance. 

A cybersecurity forensics firm determined that personal information related to certain individuals may have been accessed. Potentially exposed information includes Social Security numbers, driver's license numbers, passport numbers and financial information. It remains unclear if a DarkSide affiliate sold the stolen data on the dark web, and whether Guess has received the decryption key. As a result of the attack, the retailer is offering one year of prepaid identity theft monitoring to all victims.

Read More

Did REvil "Disappear" from the Internet?

The website run by the REvil group has suddenly become unreachable.  Speculation suggests the group may have been targeted by authorities amid growing tension between the U.S. and Russia over cybercrime.  Officials have declined to comment. Experts say the sudden disappearance of groups is not uncommon. 

Read More

Phishing Continues to Be an Easy Path for Ransomware

According to a survey conducted by Cloudian, 65% of ransomware victims reported phishing at the entry point despite conducting anti-phishing training sessions for employees. This highlights the increasing sophistication of phishing attacks, as criminals mimic emails from trusted associates including high-level executives, making it likely that even a wary individual will fall prey, according to the report.

Even more alarming - the speed at which ransomware groups operate when carrying out a phishing attack has increased. 76% of phishing victims noted attackers took over their systems in just 12 hours.

Read More

Where is ThreatLocker Headed Next?

Time to hit the road. Check out these live and virtual events ThreatLocker will be attending!

  • July 19-30: Channel Strong Tour - Register Here
  • July 21-22: ASCII SMB IT Success Summit: Chicago - Register Here
  • August 4-5: Black Hat USA: Las Vegas: Booth 1247 - Register Here
  • August 2-6: ConnectWise NA Evolve: Denver - Get Involved 
  • August 3-6: CompTIA ChannelCon Virtual - Register Here
  • August 3: Kaseya Connect IT Local: New Jersey 
  • August 4: Kaseya Connect IT Local: NY
  • August 9-13: HIMSS: Las Vegas - Register Here
  • August 15-17: XChange+: San Antonio - Register Here
  • August 16-20: ConnectWise EMEA Evolve: Manchester- Get Involved 
  • August 18-19: ASCII SMB IT Success Summit: Raleigh - Register Here
  • August 19: Kaseya Connect IT Local: Boston
  • August 18-20: CharTec Academy: Bakersfield, CA -  Register Here
  • August 30 - Sept 1: Build IT LIVE: Jersey City - Register Here

Recent Posts