Brian Krebs reports: Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “Zeppelin” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin. After two weeks…
Vanuatu island hit by ransom attack, cripples government
WION reports: The small archipelago of the South Pacific Ocean, Vanuatu, was attacked by ransomware on 4 November, Friday and stranded the country for over a week. According to civil servants in the government, they noticed that their official emails started bouncing back from government addresses, this was the first sign when they found that…
Alert (AA22-321A) #StopRansomware: Hive Ransomware
CISA has issued an alert about the Hive ransomware group. Summary Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of…
TX: Tuloso-Midway Independent School District discloses March 2022 data security incident
Another Texas school district has disclosed that it was the victim of a cyberattack. Tuloso Midway Independent School District in Nueces County, Texas, has slightly under 3,900 students. A notice posted on their website yesterday explained that on March 16, 2022, one employee’s email account was accessed without authorization. The statement does not reveal when…
Meta Fires Employees and Contractors for Improperly Accessing Users’ Accounts and Selling Them to Hackers
Daniel Kreps reports: Meta, the parent company of Facebook, has fired or disciplined dozens of employees and contractors — including Meta security guards — following an internal probe that revealed they were improperly accessing users’ accounts for reasons including bribery. The Wall Street Journal reports that, for years, the employees and contractors wrongly used Facebook’s internal mechanism for helping password-forgetting…
Updating: Michigan school districts reopen after three-day closure due to ransomware attack
Jonathan Greig reports: Public schools in two Michigan counties are reopening on Thursday after a ransomware attack crippled their ability to function and closed doors to students for three days. All of the public schools in Jackson and Hillsdale counties announced their reopening on Thursday in letters to parents, assuring them that cybersecurity experts, tech officials…