Earlier this week, DataBreaches.net reported that a Georgia dental group was surprised to get a phone call from threat actors informing them that their files had been exfiltrated by the ransomware threat actors. It seems that when they had detected anomalies, they wiped the server and reinstalled from backup, and perhaps never noticed any “read…
Category: Commentaries and Analyses
A rough week in ransomware….
The following are just a few of the entities hit by ransomware attacks this week: USNR LLC is a manufacturing firm in Woodland, Washington. On their site, they describe themselves as “the world’s largest, most comprehensive supplier of equipment and technologies for the wood processing industry.” And according to a notification they sent, on September…
Attacked by ransomware, Golden Gate Regional Center continues providing services to developmentally disabled clients
On September 29, DataBreaches.net sent an email to Golden Gate Regional Center (GGRC) asking about claims by Conti threat actors that they had encrypted GGRC’s system(s). As proof, the attackers had uploaded more than a dozen files. GGRC, a state- and federally-funded nonprofit organization serving individuals with developmental disabilities in Marin, San Francisco and San…
Persist, Brick, Profit -TrickBot Offers New “TrickBoot” UEFI-Focused Functionality
AdvIntel & Eclypsium write: TrickBot malware now has functionality designed to inspect the UEFI/BIOS firmware of targeted systems. This marks a significant step in the evolution of TrickBot. Firmware level threats carry unique strategic importance for attackers. It is clear that TrickBot will benefit greatly from including a UEFI level bootkit in their kill chain….
Three Estonian ministries had significant data breaches in November
Sten Hankewitz reports: According to the Estonian Information System Authority – also known by its Estonian acronym, RIA – three Estonian ministries reported cybersecurity incidents in November that resulted in significant breaches of personal data. The three ministries were the economy ministry, the foreign ministry and the social affairs ministry. “The affected ministries have been…
Federal agencies warn that hackers are targeting US think tanks
Maggie Miller reports: The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) warned Tuesday that major hacking groups are targeting U.S. think tanks. The agencies put out an alert noting that advanced persistent threat (APT) hacking groups were mainly targeting think tanks and individuals involved with international affairs or national security policies….