Catalin Cimpanu reports: A disgruntled member of the Conti ransomware program has leaked today the manuals and technical guides used by the Conti gang to train affiliate members on how to access, move laterally, and escalate access inside a hacked company and then exfiltrate its data before encrypting files. Leaked on an underground cybercrime forum…
Category: Of Note
Waikato DHB wins injunction to stop Radio NZ using hacked data
Stuff reports: Waikato District Health Board has succeeded in court action to stop Radio New Zealand using data taken in a cyber-attack. In a decision released on Wednesday, the health board has won an interim injunction through the High Court restraining Radio NZ from accessing stolen data without consent and to permanently delete that data…
U.S. medical entities fall prey to Pysa threat actors, but many haven’t disclosed it – at least, not yet.
—– A DataBreaches.net report by Dissent and Chum1ng0 —– Since 2018, threat actors known as “Pysa” (for “Protect Your System Amigo”) have used mespinoza ransomware to lock up victims’ files after exfiltrating a copy of them. In early 2020, alerts about these “big-game hunters” were published by both the FBI and CNIL . Since then,…
Decryptor released for Prometheus ransomware victims
Catalin Cimpanu reports: Taiwanese security firm CyCraft has released a free application that can help victims of the Prometheus ransomware recover and decrypt some of their files. Available on GitHub, the decryptor effectively works by brute-forcing the encryption key used to lock the victim’s data. Read more on The Record.
Fr: Former police officer convicted of selling confidential information on the dark web
Marco A. De Felice reports: Christophe Boutry, a former DGSI ( Direction Générale de la Sécurité Intérieure ) agent, was sentenced to 7 years in prison (with a two-year suspension) for selling confidential information from law enforcement databases on the darkweb. Documents stolen from police archives include fake marriage permits and certificates and sensitive information on the Marseille…
DOJ says SolarWinds hack impacted 27 state attorneys’ offices
Catalin Cimpanu reports: The Russian hackers who orchestrated the SolarWinds supply chain attack pivoted to the internal network of the US Department of Justice, from where they gained access to Microsoft Office 365 email accounts belonging to employees at 27 state attorneys’ offices, the DOJ said in a statement on Friday afternoon. Read more on…