Security Affairs
AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack|Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)|Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes|Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation|A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach|Telegram-Hosted RedWing Malware Lets Anyone Rent Android Spyware Tools|U.S. CISA adds Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities catalog|CISA Deploys Anthropic’s Mythos AI to Hunt Vulnerabilities in U.S. Government Code|Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack|Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)|Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes|Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation|A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach|Telegram-Hosted RedWing Malware Lets Anyone Rent Android Spyware Tools|U.S. CISA adds Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities catalog|CISA Deploys Anthropic’s Mythos AI to Hunt Vulnerabilities in U.S. Government Code|Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Japanese Pharmaceutical giant Eisai hit by a ransomware attack

This week, the Japanese pharmaceutical giant Eisai has taken its systems offline in response to a ransomware attack. Eisai is a Japanese pharmaceutical company with about 10,000 employees and more than $5 billion in revenue. The company this week was forced to take certain systems offline in response to a cyber attack In response to the ransomware […]

Reynolds ransomware uses BYOVD to disable security before encryption ransomware

This week, the Japanese pharmaceutical giant Eisai has taken its systems offline in response to a ransomware attack.

Eisai is a Japanese pharmaceutical company with about 10,000 employees and more than $5 billion in revenue. The company this week was forced to take certain systems offline in response to a cyber attack

In response to the ransomware attack, the company immediately established an internal task force and launched an investigation into the security incident. Eisai announced it is working to recover the impacted systems and determine the scope of the security breach. The company also notified law enforcement.

“A ransomware incident that encrypted some of Eisai Group’s servers was detected late night on Saturday, June 3, Japan time. We immediately implemented our incident response plan and launched an investigation with the aid of our cybersecurity partners.” reads a notification of ransomware incident published on the company’s website. “A company-wide task force was convened to rapidly work on response procedures.”

The attack was discovered on June 3, 2023, after threat actors encrypted multiple servers in Japan and abroad. The attack also impacted logistics servers, while the company’s corporate websites and email systems remain operational.

The company is investigating the possibility of a data breach, however, the notification of the incident doesn’t provide details about the attack such as the ransomware family that infected Eisai systems.

At the time of this writing, no ransomware group has claimed responsibility for the ransomware attack.

“Any potential impact of this incident on the consolidated earnings forecast of this fiscal year is currently under careful examination,” concludes the company’s notification.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, ransomware)