A few developments concerning ransomware attacks by Maze Team: Crossroads Technologies notifies a covered entity about ransomware attack I think I finally have some information on the Crossroads attack claimed by Maze Team on their site. So far, no one — not Crossroads Technologies and not CrossroadsNet have answered my repeated inquiries, despite the fact…
Category: Breach Incidents
SpiceJet dismisses data breach report of 1.2 million passengers
ANI reports: India’s privately-owned airline SpiceJet has denied the data breach reports of about a million passengers. The airline also said that there was no security lapse in its systems. “There was no data breach in any of SpiceJet’s servers. At SpiceJet, safety and security of our fliers’ data is sacrosanct. Our systems are fully capable and…
Maze Team updates its site, dumps more victims’ data
The Maze Team attackers continue to announce more of their ransomware victims that have not complied with their ransom demands, and they continue to dump data from those who do not pay them. When I checked their site again today, I noticed that they had announced that they have dumped all their files on the…
Greenville Water target of international cyber-attack, officials say
Anne Newman reports: Greenville Water was the recent target of an international cyber-attack, according to Emerald Clark, with Greenville Water. According to Clark, the attack caused technical difficulties for staff and a temporary inconvenience for customers. Read more on WYFF.
We’re dung for! Hackers hit firms with ransomware by exploiting Shitrix flaw
Graham Cluley writes: About two weeks ago alarm bells rang over a newly-discovered (and unpatched) flaw in Citrix servers. The vulnerability, technically dubbed CVE-2019-19781 but also known as “Shitrix”, was found to be present on Citrix Application Delivery Controller and Citrix Gateway servers (formerly known as Netscaler ADC and Netscaler Gateway respectively) commonly used on corporate networks. Then we…
Maze Team continues its campaign of naming, shaming, and dumping victims’ data while other attackers adopt the same model
In May, 2019, Lawrence Abrams of Bleeping Computer reported on threat actors using Maze ransomware, a then-new variant of ChaCha ransomware. As reported by Abrams, Jérôme Segura had found that the ransomware was being dropped by the Fallout exploit kit. In October, researchers also noted that it was being dropped using the Spelevo exploit kit. Since…