The REvil/Sodinokibi ransomware hackers that struck celebrity law firm Grubman, Shire, Meiselas and Sacks and threatened to release information on clients like Lady Gaga and Madonna as well as President Trump likely exploited an unpatched Citrix vulnerability, and have now turned their sights to a major food company, Sherwood Forest and Harvest Distributors.

“...Sherwood has been aware of and dealing with this attack for over a week, although it had not gone public, according to researchers at DarkOwl, who said the attackers posted a notice online Friday threatening to download eight of the company’s proprietary files as a preview of releases to come. The first link contains around 2,300 files.

“These files contain highly sensitive data including cash-flow analysis, sub-distributor info, detailed insurance information, proprietary vendor information – including that of Kroger, Albertsons, Sprouts – scanned drivers license images for drivers in their distribution networks, etc.,” the researchers said in a blog post.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.