Samuel Lisec reports: Hive Ransomware Group, a FBI-identified criminal organization, has appeared to claim credit for ongoing “disruptions” to Knox College’s computer systems. In an email sent to a number of Knox students on Wednesday, a group claiming to be Hive says it has encrypted “critical infrastructure and data,” compromised the college’s backup servers and mined sensitive…
Category: Malware
Bits ‘n Pieces (Trozos y Piezas)
MX: Jalisco Congress Attacked by Play The Congress of Jalisco announced that it has been affected by a ransomware attack on December 6 by a group called “Play.” The attack encrypted 14 servers and some employees have received extortion demands seeking payment for a decryption key. At a press conference, the President of the Board…
New Ransom Payment Schemes Target Executives, Telemedicine
Brian Krebs has an interesting write-up about some of the goings-on involving ransomware groups targeting the healthcare sector. Krebs cites Alex Holden of Hold Security, a Milwaukee-based cybersecurity firm. Holden’s team reportedly gained visibility into discussions among members of two different ransom groups: CLOP (a.k.a. “Cl0p” a.k.a. “TA505“), and a newer ransom group known as Venus. Readers…
Cybersecurity firm ‘sniffed out’ hacked Tirupati hospital data on dark web. Now, it’s a ‘victim’ too
Regina Mihindukulasuriya reports on some eyebrow-raising claims. Last week, Bengaluru-based cybersecurity firm CloudSEK claimed it had found patient data from Sree Saran Medical Centre (SSMC) in Tirupati being sold on the dark web. This week, the company has itself become the victim of a cyber attack. Over 6-7 December, CloudSEK updated its blog about the…
Fr: Victim of a cyberattack, Trois Cantons ambulances in Peyrehorade alerts its patients
(Machine translation): The Trois Cantons ambulances in Peyrehorade have lost all their files and appointments for the next few weeks. “As if it had crashed”. Tuesday, December 6, around 5:30 p.m., the ambulances of the Three Cantons in Peyrehorade, in the south of the Landes, were the victims of a cyberattack with a ransom demand, indicates…
Google: N. Korean hackers exploited Seoul Halloween tragedy to spread malware
Reuters reports: North Korean government-backed hackers referenced the deadly Halloween crush in Seoul to distribute malware to users in South Korea, Google’s Threat Analysis group said in a report. The malware was embedded in Microsoft Office documents which purported to be a government report on the tragedy that killed more than 150 people after tens…