Bill Goodwin has an important update on the Maze ransomware group’s attack on a London entity that does clinical pharmacology testing. I had blogged about the attack on this entity after Maze went back on their public pledge to stop all activity against the medical sector. Although Maze had attacked the facility before their pledge,…
Category: Malware
Police investigate ransomware attack at Jamaica National
Jamaica Observer reports: The Jamaica National Group says the Jamaica Constabulary Force’s Major Organised Crime and Anti-Corruption Agency and other security agencies are now investigating a ransomware attack on the organisation which occurred last Saturday, March 14. The JN group said its Information Technology and Cybersecurity teams immediately acted to contain the effects of the…
(UPDATED) Healthcare Workers Targeted By Dangerous New Windows Ransomware Campaign Using Coronavirus As Bait
Update: I just caught up with Lawrence Abram’s excellent reporting on this topic. Abrams’ report gives a somewhat different impression than Forbes’ headline and report. Abrams reports that Netwalker ransomware is using COVID-19 in phishing emails that install the Netwalker ransomware, but from his reporting, it does not appear that Netwalker is specifically targeting the…
Liar, Liar, Pants on Fire? Did Maze Team go back on its word to leave medically related facilities alone?
We also stop all activity versus all kinds of medical organizations until the stabilization of the situation with virus. — Maze Team, March 18, 2020. Three days after issuing a press release claiming that they would stop all activity against all kinds of medical organizations, Maze Team appears to have gone back on its word….
Town of Houlton Police discloses malware attack — again.
On March 17, the Town of Houlton, Maine disclosed that they had experienced a malware attack. According to their disclosure, on October 16, 2019, they discovered that part of their network had been locked up by a virus that prevented access to files. The department was able to quickly restore from backup, and claim that…
Sodinokibi Ransomware Data Leaks Now Sold on Hacker Forums
Lawrence Abrams reports: … Recently, the Sodinokibi Ransomware operators published over 12 GB of stolen data allegedly belonging to a company named Brooks International for not paying the ransom. Read more on BleepingComputer.