The following is a machine translation. Radio Gdańsk reports: Cyber attack on Elbląskie Przedsiębiorstwo Energetyki Cieplnej – the IT network has been infected with malware. The result was the loss of some customer data. Fortunately, the attack did not disrupt key heat supply systems for residents. – The key systems in the company, servicing the district…
Category: Malware
Ransomware LockBit: a hundred victims per month in the first half
Valéry Rieß-Marchive reports: In the first half of the year, more than 420 victims were claimed on the showcase site of the LockBit 2.0 franchise. This figure is lower than the reality. But to what extent? The examination of clues present in the source code of the showcase site sheds new light… on the level of…
When the data leak is not from the victim you named, Wednesday edition
Ever since threat actor groups started naming and leaking victims who do not pay their demands, groups have occasionally misidentified their victims. Today’s example is courtesy of Avos Locker, who added the Canadian Mental Health Association to their leak site in April. Inspection of the data in the leak, however, quickly raised questions as to…
“You really don’t understand the situation…. Google about our team,” Hive tells victim
SuperAlloy Industrial Company Ltd. (SAI) is an international company specializing in engineering and manufacturing lightweight metal products predominantly for the automotive industry. You may not recognize their name but might be driving around on their wheels, as SAI has produced lightweight forged aluminum wheels for McLaren, Ferrari, AMG, BMW, Jaguar, Daimler, and other manufacturers. SAI…
Son of Conti: Ransomware tries its hand at politics
Dina Temple-Raston and Sean Powers report: It has been a busy spring for the Russian-speaking ransomware group Conti. After an unprecedented leak of its internal chat logs earlier in the year that had experts predicting the group’s demise, Conti, or at least some subset of it, came back with a vengeance. In April it attacked Costa Rica, hacking…
Ransomware attack caused ongoing Napa Valley College internet and phone system outage
Edward Booth and Howard Yune report: The Napa Valley College website and network systems were knocked offline as the result of a ransomware attack roughly two weeks ago, a spokesperson for the school has confirmed. Napavalley.edu was still dark as of Saturday afternoon, as NVC continued an investigation that began shortly after the site vanished…