The following is all machine translation of a notice from CERT-RO (Romania) SRI, in cooperation with CERT-RO and the Clinical Hospital No.1 CF Witting in Bucharest, recently investigated a cyber attack with the ransomware application PHOBOS, which targeted the entity’s servers in the field of health. Following the encryption of the data, the attackers requested…
Category: Malware
Mobile County Commission notifies employees of data breach; threat actors dump more data
WKRG reports an update to a ransomware attack on Mobile County that was previously reported in June after SuspectFile broke the story of Grief’s attack and claims. As previously addressed in statements published by Mobile-area media, Mobile County recently discovered suspicious activity related to some of its computer systems. We immediately shut down and launched…
Emma Willard School hit by ransomware attack
Kathleen Moore reports: Emma Willard School has been dealing with a ransomware attack that struck the school last week, school Head Jennifer Rao said in a letter to the school community. Personal financial information for some members of the Emma Willard community was stolen. Employees’ Social Security numbers were also taken, she said in the…
Q2 Ransom Payment Amounts Decline as Ransomware becomes a National Security Priority
Seen on Coveware: If you had told us at the beginning of 2021 that then President elect Biden would be having a nose to nose face off with Putin over ransomware, we would have speculated that some serious escalation must have occurred. In reality, the lackadaisical indifference of one threat actor (DarkSide) set off a…
Za: Transnet reports disruption on its IT network, employees told to shut down
Transnet SOC Ltd is a large South African rail, port and pipeline company. Today, they tweeted that they were experiencing a disruption: Transnet experiencing disruption on its IT network pic.twitter.com/bGwGweySL0 — Transnet SOC Ltd (@follow_transnet) July 22, 2021 Transnet experiencing disruption on its IT network [Johannesburg; 22 July 2021] Transnet Ltd SOC (“Transnet”) is currently…
Estonian “Russian2015” Botnet Operator Pleads Guilty to Computer Fraud and Abuse
The following is a press release from the U.S. Attorney’s Office, District of Alaska: An Estonian national pleaded guilty today in the District of Alaska to two counts of computer fraud and abuse. According to court documents, Pavel Tsurkan, 33, operated a criminal proxy botnet by remotely accessing and compromising more than 1,000 computer devices…