Ionut Ilascu reports: Hackers commonly exploit vulnerabilities in corporate networks to gain access, but a researcher has turned the table by finding exploits in the most common ransomware and malware being distributed today. Malware from notorious ransomware operations like Conti, the revived REvil, the newcomer Black Basta, the highly active LockBit, or AvosLocker, all came with…
Category: Malware
Lincoln College was already struggling. Then came ransomware.
Emily Bamforth reported this on April 21 on EdScoop. Somehow I missed it, but it’s so important that I am adding it now: As Illinois’ Lincoln College approached its two-week winter hiatus last December, workers walked in one weekend to find printers spewing threatening notes saying the school’s data was locked up and could only…
Lockbit ransomware attack cripples parts of German library service
Graham Cluley reports: One of the largest library services in Germany, EKZ Bibliotheksservice, has been impacted by a ransomware attack that has left book lovers unable to rent and borrow eBooks, audio books, and electronic magazines. In an FAQ on its website, Reutlingen-based EKZ says it is currently trying to repair the damage caused by the…
Security is a pain for American Dental Association: Ransomware infection feared
Jessica Lyons Hardcastle reports: The Black Basta crime gang has claimed it infected the American Dental Association with ransomware. While the professional association confirmed to The Register it was the victim of a “cybersecurity incident” that occurred on or around April 21, it did not disclose the nature of the attack. As of Friday last week, the organization…
REvil ransomware returns: New malware sample confirms gang is back
Lawrence Abrams reports: The notorious REvil ransomware operation has returned amidst rising tensions between Russia and the USA, with new infrastructure and a modified encryptor allowing for more targeted attacks. In October, the REvil ransomware gang shut down after a law enforcement operation hijacked their Tor servers, followed by arrests of members by Russian law enforcement. […] A…
Conti ransomware group responsible for RIPTA cyberattack
Tolly Taylor reports: The ransom note the Rhode Island Public Transit Authority received on Aug. 5 began with a chilling statement. “All of your files are currently encrypted by Conti strain,” the cyberhackers wrote. The next day, RIPTA hired Coveware Inc., a firm that helps entities recover hacked data, according to new documents obtained by…