Valéry Rieß-Marchive reports (machine translation): A new impersonator of the LockBit 3.0 ransomware franchise has just been spotted. Like the one who attacked the André-Mignot hospital in Chesnay-Rocquencourt at the beginning of December, he does not offer a Web interface accessible via Tor to discuss with his victims and, if necessary, negotiate the requested ransom: the…
Category: Malware
Ca: School board confirms hack; attacker sent note through photocopiers
James Hopkin reports: The Huron-Superior Catholic District School Board has confirmed that board officials received a note this morning — delivered through photocopiers at its main office and a number of schools — advising them that the board’s computer and phone systems had been hacked. Spokesperson Jim Fitzpatrick was tight-lipped this afternoon when asked by SooToday if…
A second group of threat actors has now leaked Kenosha USD data
Oh what a tangled web we weave…. Back in October, DataBreaches reported that Snatch Team had listed Kenosha Unified School District in Wisconsin on its dedicated leak site. By the end of the day, however, the listing had been removed without any data having been leaked. Then in November, REvil listed KUSD on their leak…
Cost of HSE cyberattack by Conti rises to €80m, letter shows
Jennifer Bray reports: The cost of the cyberattack on the Health Service Executive has risen to €80 million, according to new information. In a letter to Aontú leader Peadar Tóibín last Friday, HSE chief information officer Fran Thompson said that the costs came to more than €42 million in 2021 and to nearly €39 million…
AirAsia’s parent company told to supply documents; government probes Daixin ransomware attack
John Bunyan reports: The Ministry of Communications and Digital has ordered Capital A, the parent of AirAsia, to submit supporting documents and data for the investigation into the breach of the airline’s networks that exposed the personal information of millions of passengers and staff. Communications and Digital Minister Fahmi Fadzil said the security breach affecting…
HC3: Analyst Note: Royal Ransomware
December 07, 2022 TLP:CLEAR Report: 202212071400 Executive Summary Royal is a human-operated ransomware that was first observed in 2022 and has increased in appearance. It has demanded ransoms up to millions of dollars. Since its appearance, HC3 is aware of attacks against the Healthcare and Public Healthcare (HPH) sector. Due to the historical nature of…