Jonathan Horwitz reports: The College of the Desert has fallen victim to a second successful malware attack against its online network in as many years. Currently, most of the college’s online services are offline, its website is not available and at least some employees are lacking access to their email accounts, COD public information officer Nicholas Robles confirmed…
Category: Malware
AstraLocker ransomware shuts down and releases decryptors
Sergiu Gatlan reports: The threat actor behind the lesser-known AstraLocker ransomware told BleepingComputer they’re shutting down the operation and plan to switch to cryptojacking. The ransomware’s developer submitted a ZIP archive with AstraLocker decryptors to the VirusTotal malware analysis platform. Read more at BleepingComputer.
Update on Plainedge School District ransomware attack
On June 15, DataBreaches reported that BlackCat threat actors had added Plainedge School District in New York to their dedicated leak site. At the time, BlackCat (aka ALPHV) only offered a few files as proof but warned more data would be leaked if they did not hear from the district. The threat actors subsequently dumped…
UK: Thousands of students have data leaked on dark web by Vice Society
Kevin O’Sullivan and Michael Powell report on attacks by the ransomware team known as Vice Society on U.K. schools. Student data was disclosed on Vice’s dedicated leak site after their victims refused to pay ransom demands. The Daily Mail report includes Vice’s attacks on five schools and a sixth-form college, including Pilton Community College, The…
Dutch Uni Gets Cyber Ransom Money Back… With Interest
AFP reports that because the value of BTC had increased dramatically, a ransomware victim wound up getting back a small fortune when they recovered the bitcoin they had paid. The southern Maastricht University in 2019 had paid 200,000 euros ($208,000) in bitcoins to attackers who had encrypted hundreds of Windows servers and backup systems. But the…
CISA Alert (AA22-181A): MedusaLocker
CISA Alert: (AA22-181A) #StopRansomware: MedusaLocker Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication. Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders…