By mid-September, it was clear that school districts were under increased threat of ransomware attacks. In fact, when Clark County School District (CCSD) in Las Vegas and Fairfax County Public Schools (CFPS) in Virginia were added to the Maze cartel’s leak site, it seemed to portend potentially big data dumps. Since that dump, Maze dumped…
Search Results for: ransomware
Tyler Technologies finally paid the ransom to receive the decryption key
Pierluigi Paganini reports: Tyler Technologies has finally decided to paid a ransom to obtain a decryption key and recover files encrypted in a recent ransomware attack. Tyler Technologies, Inc. is the largest provider of software to the United States public sector. At the end of September, the company disclosed a ransomware attack and its customers reported…
“Front Door” into BazarBackdoor: Stealthy Cybercrime Weapon
Roman Marshanski & Vitali Kremez write: BazarBackdoor is the newer preferred stealthy covert malware leveraged for high-value targets part of the TrickBot group toolkit arsenal. It consists of two components: a loader and a backdoor. [1] Loaders are an essential part of any cybercrime campaign. They start the infection chain by distributing the payload. In…
MI: Walled Lake school district says it’s been hacked
ClickOnDetroit reports: In an email sent to parents late Sunday, Walled Lake Consolidated School District says a system outage has been linked to a cyberattack. The hack will not impact virtual learning. Superintendent Kenneth Gutman said virtual learning will proceed as normal when classes resume Monday morning. Read more on ClickOnDetroit to read the district’s…
Report: U.S. Cyber Command Behind Trickbot Tricks
Brian Krebs reports: A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet, a malware crime machine that has infected millions of computers and is often used to spread ransomware. A new report Friday says the coordinated attack was part of an operation carried out by the U.S. military’s Cyber Command. Read more…
Ryuk’s Return
From The DFIR Report: The Ryuk group went from an email to domain wide ransomware in 29 hours and asked for over $6 million to unlock our systems. They used tools such as Cobalt Strike, AdFind, WMI, vsftpd, PowerShell, PowerView, and Rubeus to accomplish their objective. Ryuk has been one of the most proficient ransomware…