Lindsey O’Donnell-Welch reports: A series of campaigns, with links to the threat actor behind the SolarWinds supply-chain intrusion, have been targeting cloud service providers with a new malware loader variant called CeeLoader. Researchers with Mandiant in a Monday analysis said they identified two distinct clusters of activity, UNC3004 and UNC2652, which they associate with UNC2452 (also known…
Category: Malware
Maryland health department says there’s no evidence of data lost after cyberattack; website is back online
Christine Condon and Hallie Miller report: The Maryland Department of Health said Monday that there was “no evidence” any of its data had been compromised after a cyberattack forced the agency to take its website offline over the weekend. “There is no evidence at this time that any data have been compromised,” department spokesman Andy…
U.S. Military Has Acted Against Ransomware Groups, General Acknowledges
Julian E. Barnes reports: The U.S. military has taken actions against ransomware groups as part of its surge against organizations launching attacks against American companies, the nation’s top cyberwarrior said on Saturday, the first public acknowledgment of offensive measures against such organizations. […] General Nakasone would not describe the actions taken by his commands, nor…
Cyberattack freezes Maryland health department
Dan Diamond reports: A cyberattack took Maryland’s health department offline this weekend, as officials worked to assess the extent of the intrusion. “The Maryland Security Operations Center is investigating a network security incident involving the Maryland Department of Health,” Andy Owen, a department spokesman, said in a statement to The Washington Post. “Certain systems have…
Utility biz Delta-Montrose Electric Association loses billing capability and two decades of records after cyber attack
Gareth Corfield reports: A US utility company based in Colorado was hit by a ransomware attack in November that wiped out two decades’ worth of records and knocked out billing systems that won’t be restored until next week at the earliest. The attack was detailed by the Deltca-Montrose Electric Association (DMEA) in a post on…
Ransomware attack hits French-Public School Board, employee and student data stolen
Phillip Blancher reports from Ottawa: An October 18 ransomware attack has left personal data exposed by the local French-Public school board. The Conseil des écoles publiques de l’Est de l’Ontario issued a press release November 30 announcing it had been attacked, and that after resecuring the network it was discovered that some files stored at…