Security Affairs
FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

US Govn contractor Electronic Warfare Associates infected with Ryuk ransomware

The popular US government contractor Electronic Warfare Associates (EWA) has suffered a ransomware attack, the news was reported by ZDNet. Last week, the US government contractor Electronic Warfare Associates (EWA) has suffered a ransomware attack that also infected its web servers. Electronic Warfare Associates provides electronic equipment to the US government, the list of customers […]

Electronic Warfare Associates

The popular US government contractor Electronic Warfare Associates (EWA) has suffered a ransomware attack, the news was reported by ZDNet.

Last week, the US government contractor Electronic Warfare Associates (EWA) has suffered a ransomware attack that also infected its web servers.

Electronic Warfare Associates provides electronic equipment to the US government, the list of customers includes the Department of Defense (DOD), the Department of Homeland Security (DHS), and the Department of Justice (DOJ).

Evidence of the hack is still visible online because Google has cashed the ransom notes and encrypted files.

The encrypted files and ransom note are associated with a Ryuk ransomware infection.

In response to the incident, the company took down the infected web servers, but according to ZDNet other EWA websites have been impacted, including EWA Government Systems Inc., EWA Technologies Inc., Simplicikey, and Homeland Protection Institute.

At the time, Electronic Warfare Associates has yet to disclose the security breach and it is not clear if attackers have exfiltrated data from the company.

A few days ago, security experts from MalwareHunterTeam have discovered a new version of the Ryuk Stealer malware that has been enhanced to allow its operators to steal a greater amount of confidential files related to the military, government, financial statements, and banking.

The new variant of the Ryuk Stealer malware implements a new file content scanning feature and is able to search for additional keywords in the filenames for data exfiltration.

It is not clear if the malware was developed by the threat actors behind Ryuk Ransomware for data exfiltration.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – EWA, Ryuk)

[adrotate banner=”5″]

[adrotate banner=”13″]