Joint Cybersecurity Advisory Product ID: AA22-335A December 1, 2022 TLP:CLEAR The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint CSA to disseminate known Cuba ransomware IOCs and TTPs associated with Cuba ransomware actors identified through FBI investigations, third-party reporting, and open-source reporting. This advisory updates the…
Author: Dissent
Brazilian debt collection firm pays Hive $500k ransom while SuspectFile spectates it all
Marco A. De Felice (aka @amvinfe) had a bird’s eye view of negotiations between a Brazilian credit recovery and financial solutions firm and the Hive ransomware team. He also got to track the victim’s payment over wallets. Reading his partial transcript from the negotiations, the victim quickly went from an offer of $50k — an…
Albanian IT Staff Charged With Negligence Over Cyberattack
AP reports: Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by alleged Iranian hackers. Prosecutors said the five IT officials of the public administration department had failed to check the security of the system and update it with the most recent…
Vanuatu officials turn to phone books and typewriters, one month after cyber attack
At the end of October, the tiny South Pacific archipelago of Vanuatu was hit by a cyberattack with devastating consequences. They officially acknowledged the incident as an attack on November 5. Now, almost a month later, they are still struggling to recover. Christopher Cottrell reports: One month after a cyber-attack brought down government servers and…
Hackers are locking out Mars Stealer operators from their own servers
Zack Whittaker reports: A security research and hacking startup says it has found a coding flaw that allows it to lock out operators of the Mars Stealer malware from their own servers and release their victims. Mars Stealer is data-stealing malware as a service, allowing cybercriminals to rent access to the infrastructure to launch their…
NJ: Internet issues caused by ‘unauthorized third party’ close South Jersey school
Trish Hartman reports: Classes are cancelled for the third day in a row in a Gloucester County school district due to technical problems caused by an “unauthorized third party,” according to notifications from the district. The Monroe Township School District cancelled classes on Tuesday, Wednesday and Thursday. Read more at 6ABC.