AdvIntel & Eclypsium write: TrickBot malware now has functionality designed to inspect the UEFI/BIOS firmware of targeted systems. This marks a significant step in the evolution of TrickBot. Firmware level threats carry unique strategic importance for attackers. It is clear that TrickBot will benefit greatly from including a UEFI level bootkit in their kill chain….
Category: Malware
Ransomware attack on Hampton Roads Sanitation District knocks out billing system
Robyn Sidersky reports: A ransomware attack on the Hampton Roads Sanitation District’s computer network is affecting all of its customers because the billing system is down. The attack, which occurred on Nov. 17, resulted in the entire network being taken offline, which included suspending the billing system, said HRSD spokeswoman Leila Rice. Read more on…
CV: Cyber Attack: Government does not confirm ransom request
Islands Express reports (translation follows): The Finance Minister said today he had no information on any type of bailout requested following the cyber attack on the State’s Private Technology Network (RTPE), which occurred on Thursday, 26. “I do not have this information, but what I say is that the important thing is that until now…
K12 online schooling giant pays Ryuk ransomware to stop data leak
Lawrence Abrams reports: Online education giant K12 Inc. has paid a ransom after their systems were hit by Ryuk ransomware in the middle of November. K12 creates tailored online learning curriculums for students to learn from home while in kindergarten through 12th grade. Over 1 million students have utilized K12 to learn from home rather…
Intersport victim of cyberattack for a second time in 2020?
First it was a Magecart attack on their web sites in Slovenia, Croatia, Serbia, Bosnia and Hercegovina and Montenegro, as reported in June. Now it appears to be a ransomware attack by Conti threat actors, who dumped more than two dozen files as alleged proof of access and exfiltration from the international sporting goods retailer….
Statement by Gardiner Public Schools about Ransomware Attack
On November 26, DataBreaches.net reported that two more k-12 districts appeared to have been attacked by ransomware threat actors. One was Spring ISD in Houston, Texas, but DataBreaches.net did not name the other district at the time as they had not confirmed the breach. DataBreaches.net has now received a statement from the Gardiner Public Schools…