Nefilim: The Australian logistics firm Toll has been hit with its second cyber-attack in three months, this time by the threat actors behind the Nefilim ransomware. Early this morning, Toll announced that they suffered the attack last week. Toll shut down their corporate networks as soon as they detected the presence of ransomware on their computer systems. According to a company spokesman, the ransomware used in the attack was Nefilim. However, as of this morning, there was no announcement on Nefilim’s site about the attack on Toll. The spokesman from Toll did confirm that at least one corporate server was affected by the attack and that the server housed information on past and present employees, as well as details of commercial agreements with current and former enterprise customers. Toll acknowledged that the investigation so far indicates that attackers stole data from that server before encrypting files, which means the attackers may threaten to release private records about employees or other sensitive information to the public in the future.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in