Gareth Corfield comments: UK authorities could lawfully copy the FBI and forcibly remove web shells from compromised Microsoft Exchange server deployments – but some members of the British infosec industry are remarkably quiet about whether this would be a good thing. In the middle of last week the American authorities made waves after deleting web shells…
Category: Non-U.S.
SK: State institution in Slovakia target of ransomware attacks
Irena Jenčová reports: The National Security Authority (NBÚ) registered a series of significant ransomware attacks on targets in Slovakia on Friday, that saw hackers request hundreds of thousands of euros for reopening the systems and restoring their full functionality. “At the moment, the National Security can confirm that these cyber-attacks have affected the information technology…
Avaddon starts dumping data from Malta’s Nationalist Party
Marco A. De Felice reports: The Avaddon ransomware group has managed to enter the IT structure of the Partit Nazzjonalista ( Nationalist Party of Malta). Last night the cybercriminals , after the non-payment of the ransom, decided to publish a first part of the exfiltrated documents on their website. Avaddon publishes a note claiming to be in possession of the…
The Incredible Rise of North Korea’s Hacking Army
Ed Caesar reports: Shimomura was a member of the Yamaguchi-gumi, the largest yakuza crime family in Japan. When one of his superiors asked him if he wanted to make a pile of fast money, he naturally said yes. It was May 14, 2016, and Shimomura was living in the city of Nagoya. Thirty-two years old and…
FR: Press statement from Trescal about cyberattack
Trescal describes itself as the global leader in calibration services, and a single-source provider for measurement, repair and asset management. The following is a press release they issued this week: (Translation:) Paris, April 15, 2021. Trescal is currently the target of a cyber attack affecting servers in some European and Asian countries. The security of our…
FR: The Grésivaudan clinic victim of a cyberattack
Redaction Grenoble reports (translation): The computers of the Grésivaudan clinic, in La Tronche ( Isère ) have been stopped since Friday, April 17, 2021 . “We are on a break, we can not do anything”, we confirm at the reception of the establishment. At issue: a cyberattack that affects at least 12 establishments of the French Student Health Foundation (Fsef), of which the Isère…