Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)

External Penetration Testing

Secure Internet-facing IT assets.

Internal Penetration Testing

Secure internal networks and servers.

Web Application Penetration Testing

Secure mission-critical Web Apps & APIs.

Medical Device Penetration Testing

Secure smart medical equipment & data.

Cloud Security Services

Secure cloud-hosted assets & environments.

SCADA Cybersecurity Assessment

Secure SCADA / ICS systems & networks.

Cyber Maturity Assessment

Assess and prioritize your cybersecurity.

Red Team Security Services

Protect against sophisticated cyberattacks.

Consulting & Professional Services

Get advice and support from certified experts.

Compliance Services

Meet the requirements of various standards.

View All Vumetric Services →

SOLUTIONS BY STANDARD

SOLUTIONS BY INDUSTRY

SOLUTIONS BY CHALLENGE

Secure your network infrastructure

Protect your network from security breaches.

Secure your applications

Secure your missions-critical applications (Web, Mobile ,etc.).

Secure your cloud infrastructure

Ensure the security of your cloud environments.

Prevent ransomware attacks

Protect your business from ransomware attacks.

Contact a Cybersecurity Specialist →

Featured Resources

WHITEPAPERS

CASE STUDIES

VIEW ALL CYBERSECURITY RESOURCES →

Blog Articles

PENETRATION TESTING

APPLICATION SECURITY

Cybersecurity News

THE LATEST NEWS

Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)

2024-04-25

Microsoft releases Exchange hotfixes for security update issues

2024-04-23

Synlab Italia suspends operations following ransomware attack

2024-04-22

MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti Flaws

2024-04-22

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation

2024-04-17

Cisco Duo provider breached, SMS MFA logs compromised

2024-04-16

Microsoft will limit Exchange Online bulk emails to fight spam

2024-04-16

Hacker claims Giant Tiger data breach, leaks 2.8M records online

2024-04-15

Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400)

2024-04-12

GSMA releases Mobile Threat Intelligence Framework

2024-04-10

Researchers Discover LG Smart TV Vulnerabilities Allowing Root Access

2024-04-09

92,000+ internet-facing D-Link NAS devices accessible via “backdoor” account (CVE-2024-3273)

2024-04-08

Home Depot confirms third-party data breach exposed employee info

2024-04-08

Hoya’s optics production and orders disrupted by cyberattack

2024-04-04

New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

2024-04-04

New Chrome feature aims to stop hackers from using stolen cookies

2024-04-03

AT&T data leaked: 73 million customers affected

2024-04-02

XZ Utils backdoor update: Which Linux distros are affected and what can you do?

2024-04-01

INC Ransom claims responsibility for attack on NHS Scotland

2024-03-28

AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022)

2024-03-27

CISA urges software devs to weed out SQL injection vulnerabilities

2024-03-26

Exploit released for Fortinet RCE bug used in attacks, patch now

2024-03-21

PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153)

2024-03-19

Nissan breach exposed data of 100,000 individuals

2024-03-18

Google Introduces Enhanced Real-Time URL Protection for Chrome Users

2024-03-15

Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software

2024-03-14

Nissan to let 100,000 Aussies and Kiwis know their data was stolen in cyberattack

2024-03-14

About Vumetric

Learn more about Vumetric and discover why hundreds of organizations trust our experts.

Partnership Program

Unlock new business opportunites by reselling top-of-the-line cybersecurity services.

Certifications

Discover our team's cybersecurity and penetration testing certifications.

PTaaS Platform

Discover the modern way to launch and manage your penetration testing projects.

Methodologies

Discover our cybersecurity testing methodologies and standards.

Careers

Explore new career opportunities and join our team of passionate experts.

Canadian food retail giant Sobeys hit by Black Basta ransomware

Ransomware, Retail
November 14, 2022

Grocery stores and pharmacies belonging to Canadian food retail giant Sobeys have been experiencing IT systems issues since last weekend.

Sobeys is one of two national grocery retailers in Canada, with 134,000 employees servicing a network of 1,500 stores in all ten provinces under multiple retail banners, including Sobeys, Safeway, IGA, Foodland, FreshCo, Thrifty Foods, and Lawtons Drugs.

In a separate statement published on Sobeys’ official website with “Important information” regarding the retailer’s store services, Sobeys added that all stores remained open and were “Not experiencing significant disruptions.”

Based on ransom notes and negotiation chats BleepingComputer has seen, the attackers deployed Black Basta ransomware payloads to encrypt systems on Sobeys’ network.

Photographs shared by Sobeys employees online also show in-store computers displaying a Black Basta ransom note.

Black Basta ransomware was first spotted in attacks in mid-April 2022, with the operation quickly ramping up its attacks against companies worldwide in the coming months.

Share this article on social media: