Felipe Cardoso reports (translation): Celg Geração e Transmissão (Celg GT) – reported, on the morning of this Friday, the 19th, that it suffered, during the night, a cyber attack that left access to the entire corporate network of applications and files compromised. It has not yet been possible to identify the extent of the damage…
Category: Malware
The Ransomware Plague: Is LATAM Surrendering to Digital Extortion?
This Research is the third part of the AdvIntel LATAM Series. To see other blogs within this series please visit: Part 1: Latin America Threat Landscape: The Paradox of Interconnectivity Part 2: Cyber Exploration: The Geostrategic Quest of APT Groups in LATAM Part 3: Economic Growth, Digital Inclusion, & Specialized Crime: Financial Cyber Fraud in…
REvil ransomware has a new ‘Windows Safe Mode’ encryption mode
Lawrence Abrams reports: The REvil ransomware operation has added a new ability to encrypt files in Windows Safe Mode, likely to evade detection by security software and for greater success when encrypting files. Windows Safe Mode is a special startup mode that allows users to run administrative and diagnostic tasks on the operating system. This…
Acer Data Breach, Sodinokibi ransomware group publishes first stolen data
Marco A. DeFelice reports: The Sodinokibi (REvil) ransomware group publishes on its website, within the Tor networks, the first documents stolen from Acer during a recent cyber attack. Acer, headquartered in Taipei, Taiwan, is one of the world’s leading manufacturers of computers, monitors, HD Ready televisions, virtual reality devices, smartphones and many other electronic products….
CISA-FBI Joint Advisory on TrickBot Malware
CISA and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory (CSA) on TrickBot malware. A sophisticated group of cyber criminals are using phishing emails claiming to contain proof of traffic violations to lure victims into downloading TrickBot. TrickBot is a highly modular, multi-stage malware that provides its operators a full suite of…
AU: Eastern Health cyber ‘incident’ cancels some surgeries across Melbourne
Asha Barbaschowre Some surgeries have been cancelled at Eastern Health facilities in Victoria, following a “cyber incident” experienced late Tuesday. Eastern Health operates the Angliss, Box Hill, Healesville, and Maroondah hospitals, and has many more facilities under management. In a statement, Eastern Health said it took many of its systems offline in response to the…