Redaction Grenoble reports (translation): The computers of the Grésivaudan clinic, in La Tronche ( Isère ) have been stopped since Friday, April 17, 2021 . “We are on a break, we can not do anything”, we confirm at the reception of the establishment. At issue: a cyberattack that affects at least 12 establishments of the French Student Health Foundation (Fsef), of which the Isère…
Vermont Health Connect had 10 data breaches last winter
Katie Jickling reports that there were 10 instances where individuals saw other individuals’ information when connecting to Vermont Health Connect. I wouldn’t call that 10 data breaches. It sounds more like one problem that happened to 10 people. In any event, she reports: Andrea De La Bruere, executive director of the Agency of Human Services,…
NY State Comptroller DiNapoli Releases School District Audits
New York State Comptroller Thomas P. DiNapoli announced school district audits this week. Here are the summaries with links to the audit reports: Hudson City School District – Information Technology (Columbia County) District officials did not adequately secure and protect its information technology (IT) systems against unauthorized use, access and loss. The board and district…
Phone House Spain hit by Babuk ransomware, 3 million users affected.
Marco A. DeFelice reports: Before the news became public, SuspectFile had tried in vain to contact Phone House Spain already on Friday morning informing them that, in the event of non-payment of the ransom of 6 million dollars (just over 97 bitcoins at the exchange rate of Friday 16 April ed) and that the following day ( Saturday 17…
Adversary Dossier: Ryuk Ransomware Anatomy of an Attack in 2021
Vitali Kremez, Al Calleo, and Yelisey Boguslavskiy report: This report illustrates some of the new and existing Tactics, Techniques, and Procedures (TTPs) of the Ryuk ransomware variants that Advintel has witnessed throughout their investigations in 2021. Initial Attack Vector: RDP Brute Force / Other Means of Initial Attack Vector Ryuk operators gain initial access to…
BR: The National Library website falls victim to a ransomware attack and goes offline
Wellington Arruda reports (translation): Last Sunday [April 11], the National Library website was the target of a ransomware attack and needed to be taken down. The agency, linked to the Special Secretariat for Culture, opted to shut down the servers to alleviate the potential problems caused and new invasions. However, last Tuesday [April 13] the site was activated again, and…