Over at SuspectFile, Marco A. De Felice writes: We are in the early days of last September when the American division of the Chinese multinational Hangzhou Great Star Industrial Co., Ltd (Great Star), in order to avoid the publication of administrative and company secrets documents, decided to negotiate with the Akira ransomware group and pay…
Category: Malware
Russian National Pleads Guilty to Trickbot Malware Conspiracy
In October 2021, Russian national Vladimir Dunaev, was extradited to the U.S. from Korea. On November 30, he pleaded guilty. From the Department of Justice press release: A Russian national pleaded guilty today to his role in developing and deploying the malicious software known as Trickbot, which was used to launch cyber-attacks against American hospitals…
60 credit unions facing outages due to ransomware attack on popular tech provider
Jonathan Greig reports: About 60 credit unions are dealing with outages due to a ransomware attack on a widely-used technology provider. National Credit Union Administration (NCUA) spokesperson Joseph Adamoli said the ransomware attack targeted the cloud services provider Ongoing Operations, a company owned by credit union technology firm Trellance. Read more at The Record.
If you’re in Rock County, Wisconsin, do NOT read this post. Absolutely do not read this post.
If you’re in Rock County, Wisconsin, it seems your Information Technology Director and Corporation Counsel do not want you to know certain things about the September ransomware attack — even though people in the rest of the country may already know what they have decided not to tell you. They didn’t even tell your own…
PA: Great Valley School District Falls Victim to Ransomware Attack
As DataBreaches noted yesterday on infosec.exchange, the Medusa ransomware gang claims to have hit Great Valley School District in Pennsylvania. They provide a filetree showing a lot of Skyward, Canvas, PowerSchool, and other internal files, as well as 20+ screencaps of student info and employee info files to support their claim. They are demanding $600k…
Proliance Surgeons notifying 437,392 patients after ransomware attack earlier this year
On November 17, Proliance Surgeons notified HHS that 437,392 patients were affected by a breach. An undated notice on their website explains that it was a ransomware attack in which files and systems were encrypted and some data was exfiltrated. “After a thorough forensic investigation, we discovered on May 24, 2023, that additional files may…