From an urgent notice on their web site: On March 17, 2021, Stratus Technologies, Inc. was the victim of a ransomware event. Upon detecting suspicious activity, we took several systems offline to isolate the issue and began to initiate our business continuity plan. Additionally, we notified federal law enforcement authorities and enlisted third-party subject matter…
Category: Malware
Ca: Nunavut schools confirm school information system vendor suffered ransomware attack
On March 3, this site noted that a security incident affecting Manitoba school districts sounded like a ransomware attack on Edsembli. Yesterday, Nunavut’s Department of Education confirmed it was a ransomware attack on the territory’s school information system that stores grades, attendance and student enrolment. That system is maintained by Edsembli. No data has reportedly…
Br: Hacker attack compromises operation of Celg-GT applications and files
Felipe Cardoso reports (translation): Celg Geração e Transmissão (Celg GT) – reported, on the morning of this Friday, the 19th, that it suffered, during the night, a cyber attack that left access to the entire corporate network of applications and files compromised. It has not yet been possible to identify the extent of the damage…
The Ransomware Plague: Is LATAM Surrendering to Digital Extortion?
This Research is the third part of the AdvIntel LATAM Series. To see other blogs within this series please visit: Part 1: Latin America Threat Landscape: The Paradox of Interconnectivity Part 2: Cyber Exploration: The Geostrategic Quest of APT Groups in LATAM Part 3: Economic Growth, Digital Inclusion, & Specialized Crime: Financial Cyber Fraud in…
REvil ransomware has a new ‘Windows Safe Mode’ encryption mode
Lawrence Abrams reports: The REvil ransomware operation has added a new ability to encrypt files in Windows Safe Mode, likely to evade detection by security software and for greater success when encrypting files. Windows Safe Mode is a special startup mode that allows users to run administrative and diagnostic tasks on the operating system. This…
Acer Data Breach, Sodinokibi ransomware group publishes first stolen data
Marco A. DeFelice reports: The Sodinokibi (REvil) ransomware group publishes on its website, within the Tor networks, the first documents stolen from Acer during a recent cyber attack. Acer, headquartered in Taipei, Taiwan, is one of the world’s leading manufacturers of computers, monitors, HD Ready televisions, virtual reality devices, smartphones and many other electronic products….