Header image

Adversary Dossier: Ryuk Ransomware Anatomy of an Attack in 2021

Posted on by Dissent

Vitali Kremez, Al Calleo, and Yelisey Boguslavskiy report: This report illustrates some of the new and existing Tactics, Techniques, and Procedures (TTPs) of the Ryuk ransomware variants that Advintel has witnessed throughout their investigations in 2021. Initial Attack Vector: RDP Brute Force / Other Means of Initial Attack Vector Ryuk operators gain initial access to…

Read more

BR: The National Library website falls victim to a ransomware attack and goes offline

Posted on by chum1ng0

Wellington Arruda reports (translation): Last Sunday [April 11], the National Library website was the target of a ransomware attack and needed to be taken down. The agency, linked to the Special Secretariat for Culture, opted to shut down the servers to alleviate the potential problems caused and new invasions. However, last Tuesday [April 13] the site was activated again, and…

Read more

CH: Schaffhausen hospitals suffer major IT failures

Posted on by chum1ng0

Philipp Anz reports (translation): On the night of April 13, the Schaffhausen hospitals were victims of a network infrastructure interruption in the cantonal IT service, mainly affecting the administrative and communication area. Read more on inside-it. On April 15, IT company KSD reported “The network of Schaffhausen hospitals became fully functional as of 2:30 am,…

Read more

“Without Undue Delay,” Saturday edition: D.C.’s Planned Parenthood reports data was breached last fall

Posted on by Dissent

Brittany Renee Mayes reports: Planned Parenthood of Metropolitan Washington, D.C., on Friday revealed it had a breach of patient information last fall. In a notice posted to its website, the organization revealed that it found “unusual” activity on its networks on Sept. 3. At that time, it began securing its systems, started an investigation and…

Read more