Valéry Rieß-Marchive reports some details on the ransomware incident involving André-Mignot hospital. He suggests that someone — but not the LockBit 3.0 franchise itself — used LockBit 3.0 Black to attack the hospital and to issue a $100,000 ransom demand. You can read his reporting and analysis on LeMagIT. From reviewing his material and additional…
Author: Dissent
In: After AIIMS, Chinese hackers ATTACK ICMR website over 6000 times in a day
Zee Media reports: Days after targeting the Delhi AIIMS and Safdarjung Hospital websites, a group of hackers allegedly tried to hack the website of the Indian Council of Medical Research (ICMR). According to reports, the ICMR website was attacked around 6000 times in a day. The sources citing government officials said that hackers apparently from…
Little Rock School Board approves paying ransom
There’s an update to the ransomware incident involving Little Rock schools, and it’s not a happy one. The Northwest Arkansas Democrat-Gazette reports that at a school board meeting yesterday, the board authorized paying $250,000 “plus other fees.” The incident was first detected on November 11. A number of issues concerning transparency and compliance with Arkansas…
Amnesty International Canada hit by cyberattack out of China, investigators say
Murray Brewster reports: The Canadian branch of Amnesty International was the target of a sophisticated cyber-security breach this fall — an attack forensic investigators believe originated in China with the blessing of the government in Beijing. The intrusion was first detected on October 5, the human rights group said Monday. The attack showed signs of being the…
Iran Arrests News Agency Deputy After Reported Cyberattack
AFP reports: Iran has arrested the deputy chief editor of Fars news agency, state media said, more than a week after the agency was reportedly hit by a cyberattack. “The deputy head of Fars news agency, Abbas Darvish Tavanger, has been arrested for falsifying news,” state broadcaster IRIB said late Monday. Read more at Barron’s….
Sneaky hackers reverse defense mitigations when detected
Bill Toulas reports: A financially motivated threat actor is hacking telecommunication service providers and business process outsourcing firms, actively reversing defensive mitigations applied when the breach is detected. The campaign was spotted by Crowdstrike, who says the attacks started in June 2022 and are still ongoing, with the security researchers able to identify five distinct…