It appears that RansomExx threat actors have hit the Scottish Association for Mental Health (SAMH). On March 18, SAMH posted a notice on its website. The full notice says it was dealing with an “I.T incident, which is affecting our colleagues’ ability to receive and respond to emails across both our national and local service…
Category: Malware
“It took 6 hours to get access to every IT system” of Argentina’s Senate – Vice Society
The web site of Argentina’s senate was hit by a ransomware attack on or about January 12. Unlike other entities that do not disclose quickly, the Senate issued a statement on Twitter about Vice Society’s attack two days later: ?El Senado de la Nación sufrió el 12 de enero a las 4 AM un ataque…
WI: New development in Janesville school district ransomware incident
In October 2021, the School District of Janesville in Wisconsin disclosed that they had experienced a ransomware incident. At the time, they said that no data had been accessed or destroyed and that they had not received any ransom demand. In short order, their claims were challenged on a Russian-language forum where someone calling themself…
KOAM obtains document detailing cost of City of Joplin data breach
Chris Warner reports: In July of last year, the City of Joplin had what they called a “network security incident”. It ultimately shut down city phones, online services, and someone outside managed to take files out of the city’s network. That impacted employees, as some employer-sponsored health plan files were taken, and some residents were…
Newer Conti ransomware source code leaked out of revenge
“ContiLeaks,” generally believed to be a Ukrainian security researcher (although that is not confirmed), is at it again. Lawrence Abrams reports that they have now leaked newer malware source code for Conti. Read more about it BleepingComputer.
Indicators of Compromise Associated with AvosLocker Ransomware
There’s a new joint Cybersecurity Advisory (Product ID: CU-000164-MW) out this week. SUMMARY AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. AvosLocker claims to directly handle…