Lawrence Abrams reports: A previously unnamed ransomware has rebranded under the name ‘Trigona,’ launching a new Tor negotiation site where they accept Monero as ransom payments. Trigona has been active for some time, with samples seen at the beginning of the year. However, those samples utilized email for negotiations and were not branded under a…
Category: Malware
Update: One week later, All India Institute of Medical Sciences (AIIMS) services still on manual system
Servers of the All India Institute of Medical Sciences (AIIMS) are still down as AIIMS works to recover from a ransomware attack. According to some sources, the attackers, who have not been named, had reportedly demanded about Rs 200 crore in cryptocurrency, but Delhi Police deny that AIIMS has reported receiving any such demand. Thirty…
Developing: Data purportedly from Kenosha Unified School District shows up on dark web
On October 22, DataBreaches reported that Kenosha Unified School District in Wisconsin had been added to Snatch Team’s leak site and then removed without explanation. The district had previously disclosed an incident in September. Snatch offered no proof pack and the quick removal of the listing left DataBreaches wondering if the district had decided to…
Ca: DDSB recovering from cyber attack that left schools without access to email or emergency contact information
Jordan Fleguel reports: The Durham District School Board (DDSB) says it’s currently recovering from what it calls a ‘cyber-incident’ that has left schools without access to phone or email services as well as emergency contact information. In a letter to parents and guardians on Sunday, the school board said the incident first came to their…
Southampton County, Virginia reports ransomware incident (updated)
Add Southampton County in Virginia to any list you may be keeping of governments hit by ransomware. According to their notification: On September 6, 2022, a single server at Southampton was encrypted by a cyber criminal. Fortunately, Southampton fought off this cyber-attack with no interruption to essential County operations. However, after Southampton recovered from this…
Bits ‘n Pieces (Trozos y Piezas)
MX: LV threat actors claim to have hacked UnitedAuto On November 19, LV BLog added UnitedAuto, a Mexican automotive company, to its leak site, claiming to have more than 2TB of stolen personal information. The threat actors criticized their victim, stating “United Auto does not have any basic protection for their system. The company has…