Slightly more than one year after it managed to avoid an investigation by the ICO over its data protection practices, the University of Hertfordshire joined the ranks of the many educational institutions crippled by a ransomware attack. The attack reportedly occurred on April 14, and was reported on April 15. As of today, the university…
Category: Malware
Avaddon starts dumping data from Malta’s Nationalist Party
Marco A. De Felice reports: The Avaddon ransomware group has managed to enter the IT structure of the Partit Nazzjonalista ( Nationalist Party of Malta). Last night the cybercriminals , after the non-payment of the ransom, decided to publish a first part of the exfiltrated documents on their website. Avaddon publishes a note claiming to be in possession of the…
Codecov discloses 2.5-month-long supply chain attack
Catalin Cimpanu reports: Codecov, a software company that provides code testing and code statistics solutions, disclosed on Thursday a major security breach after a threat actor managed to breach its platform and add a credentials harvester to one of its tools. The impacted product is named Bash Uploader and allows Codecov customers to submit code coverage reports…
FR: The Grésivaudan clinic victim of a cyberattack
Redaction Grenoble reports (translation): The computers of the Grésivaudan clinic, in La Tronche ( Isère ) have been stopped since Friday, April 17, 2021 . “We are on a break, we can not do anything”, we confirm at the reception of the establishment. At issue: a cyberattack that affects at least 12 establishments of the French Student Health Foundation (Fsef), of which the Isère…
Phone House Spain hit by Babuk ransomware, 3 million users affected.
Marco A. DeFelice reports: Before the news became public, SuspectFile had tried in vain to contact Phone House Spain already on Friday morning informing them that, in the event of non-payment of the ransom of 6 million dollars (just over 97 bitcoins at the exchange rate of Friday 16 April ed) and that the following day ( Saturday 17…
Adversary Dossier: Ryuk Ransomware Anatomy of an Attack in 2021
Vitali Kremez, Al Calleo, and Yelisey Boguslavskiy report: This report illustrates some of the new and existing Tactics, Techniques, and Procedures (TTPs) of the Ryuk ransomware variants that Advintel has witnessed throughout their investigations in 2021. Initial Attack Vector: RDP Brute Force / Other Means of Initial Attack Vector Ryuk operators gain initial access to…