I haven’t had time nor inclination to investigate all of Maze Team’s claimed victims, but of course, I have kept an eye out for ones involved health data or student data. Thanks to HealthITSecurity, I learned that the threat actors also attacked a chiropractic practice in South Dakota. The practice, called All About Potential Family…
Category: Breach Incidents
More Maze Team victims are revealed
A few developments concerning ransomware attacks by Maze Team: Crossroads Technologies notifies a covered entity about ransomware attack I think I finally have some information on the Crossroads attack claimed by Maze Team on their site. So far, no one — not Crossroads Technologies and not CrossroadsNet have answered my repeated inquiries, despite the fact…
SpiceJet dismisses data breach report of 1.2 million passengers
ANI reports: India’s privately-owned airline SpiceJet has denied the data breach reports of about a million passengers. The airline also said that there was no security lapse in its systems. “There was no data breach in any of SpiceJet’s servers. At SpiceJet, safety and security of our fliers’ data is sacrosanct. Our systems are fully capable and…
Maze Team updates its site, dumps more victims’ data
The Maze Team attackers continue to announce more of their ransomware victims that have not complied with their ransom demands, and they continue to dump data from those who do not pay them. When I checked their site again today, I noticed that they had announced that they have dumped all their files on the…
Greenville Water target of international cyber-attack, officials say
Anne Newman reports: Greenville Water was the recent target of an international cyber-attack, according to Emerald Clark, with Greenville Water. According to Clark, the attack caused technical difficulties for staff and a temporary inconvenience for customers. Read more on WYFF.
We’re dung for! Hackers hit firms with ransomware by exploiting Shitrix flaw
Graham Cluley writes: About two weeks ago alarm bells rang over a newly-discovered (and unpatched) flaw in Citrix servers. The vulnerability, technically dubbed CVE-2019-19781 but also known as “Shitrix”, was found to be present on Citrix Application Delivery Controller and Citrix Gateway servers (formerly known as Netscaler ADC and Netscaler Gateway respectively) commonly used on corporate networks. Then we…