Conversation

Notices

1. Embed this notice
   Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 03-Dec-2024 06:40:21 JST Kevin Beaumont

   ENGlobal Corporation, an energy company, have filed an 8K with the SEC for ransomware (missing the word ransomware). https://www.sec.gov/ix?doc=/Archives/edgar/data/933738/000165495424015098/eng_8k.htm

   #threatintel #ransomware

   • Embed this notice
     iam_sysop (iam_sysop@cyberplace.social)'s status on Wednesday, 04-Dec-2024 08:06:25 JST iam_sysop

     in reply to

     @GossiTheDog

     follow-up from El-Reg -- this seems a juicy target --

     https://www.theregister.com/2024/12/03/us_energy_contractor_englobal_ransomware/

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 28-Jan-2025 07:34:28 JST Kevin Beaumont

     in reply to

     ENGlobal Corporation has filed an updated 8K with the SEC to say they have evicted the ransomware actor from their network and restored service, two months later. #threatintel #ransomware

   • Embed this notice
     Dissent Doe :cupofcoffee: (pogowasright@infosec.exchange)'s status on Tuesday, 28-Jan-2025 08:46:01 JST Dissent Doe :cupofcoffee:

     @GossiTheDog Being explicit that an attack is "ransomware" is only really helpful if we all only call an attack "ransomware" if ransomware is actually deployed and encrypts the victim's files. If there's no encryption of files, maybe we should call it a hack with an extortion attempt. Right now, too many folks use "ransomware" to describe incidents in which nothing's encrypted and I think that creates a wrong impression and may cause even more unease.