U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

BlackCat ransomware gang claims to have hacked US defense contractor NJVC

Another US defense contractor suffered a data breach, the BlackCat ransomware gang claims to have hacked NJVC. The ALPHV/BlackCat ransomware gang claims to have breached the IT firm NJVC, which supports the federal government and the United States Department of Defense. The company supports intelligence, defense, and geospatial organizations. The company has more than 1,200 employees in locations worldwide.  BlackCat added NJVC to […]

BlackCat ransomware NJVC

Another US defense contractor suffered a data breach, the BlackCat ransomware gang claims to have hacked NJVC.

The ALPHV/BlackCat ransomware gang claims to have breached the IT firm NJVC, which supports the federal government and the United States Department of Defense. The company supports intelligence, defense, and geospatial organizations. The company has more than 1,200 employees in locations worldwide. 


BlackCat added NJVC to the list of victims on its Tor leak site and is threatening to release the allegedly stolen data if the company will not pay the ransom.  

“We strongly recommend that you contact us to discuss your situation. Otherwise, the confidential data in our possession will be released in stages every 12 hours. There is a lot of material,” reads the ALPHV’s statement.

BlackCat ransomware NJVC

At the time of this writing, the ALPHV’s Tor leak site is not reachable and it is not clear if there is some link with the NJVC hack. Experts reported that the site was intermittently online, and someone noticed that the name of NJVC was removed from the site.

“Interestingly enough, BlackCat’s leak site on the dark web was accessible on 30 September, but NJVC was no longer posted among the gang’s victims. The latest current victim on the leak site was posted on 27 September, a day before the DoD contractor was initially posted.” reported CyberNews.

BlackCat has been operating since at least November 2021 and launched major attacks in January 2022 to disrupt OilTanking GmbH, a German fuel company, and in February 2022 against the aviation company, Swissport. The group is targeting high-profile businesses in critical industries including energy, financial institutions, legal services, and technology.

Blackcat ransomware is one of the fastest-growing Ransomware-as-a-Service (RaaS) underground groups practicing so called “quadruple extortion” by pressing victims to pay – leveraging encryption, data theft, denial of service (DoS) and harassment.

The BlackCat is also known as “ALPHV”, or “AlphaVM” and “AphaV”, a ransomware family created in the Rust programming language.

Recently another defense contractor disclosed a ransomware attack, threat actors breached Elbit Systems of America, a subsidiary of defense giant Elbit Systems.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, NJVC)

[adrotate banner=”5″]

[adrotate banner=”13″]