Security Affairs
Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Egregor ransomware attack paralyzed for 3 days payment systems at Metro Vancouver’s transportation agency TransLink

The Egregor ransomware operators hit Metro Vancouver’s transportation agency TransLink disrupting services and payment systems. Egregor ransomware operators made the headlines again, this time they hit Metro Vancouver’s transportation agency TransLink causing the disruption of its services and payment systems. The news was also confirmed by Global News which has obtained the ransom letter sent […]

Reynolds ransomware uses BYOVD to disable security before encryption ransomware

The Egregor ransomware operators hit Metro Vancouver’s transportation agency TransLink disrupting services and payment systems.

Egregor ransomware operators made the headlines again, this time they hit Metro Vancouver’s transportation agency TransLink causing the disruption of its services and payment systems.

The news was also confirmed by Global News which has obtained the ransom letter sent to TransLink after the company announced to have detected “suspicious network activity” this week that has caused several major problems across the transit system.

On December 1st, TransLink’s announced that they were having IT issues that impacted phones, online services. The payments with credit or debit cards were not possible for three days, according to the company, the transit services were unaffected by IT problems.

Upon restoring the payment systems, Metro Vancouver’s transportation agency TransLink issued a statement announcing that a ransomware attack was the root cause of IT issues.

TransLink CEO Kevin Desmond confirmed the ransomware attack in a media release late Thursday.

“We are now in a position to confirm that TransLink was the target of a ransomware attack on some of our IT infrastructure. This attack included communications to TransLink through a printed message,” said Desmond.

Global BC anchor Jordan Armstrong shared a picture of the ransom note that was repeatedly printed by TransLink printers after the attack. The image confirmed that the company was hit by the Egregor operators, a group that intensifies its operations after the Maze ransomware shutdown its activities.

Egregor is known to target printers of the compromised organizations, instituting them to print the ransom note.

The Egregor ransomware operators recently targeted several other major companies worldwide, including Barnes and NobleCencosudCrytekKmart, and Ubisoft.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Egregor ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]