Linda Smith, Rajat Wason, and Syed Zaidi of Sophos write: In May 2022, an automotive supplier was hit with three separate ransomware attacks. All three threat actors abused the same misconfiguration – a firewall rule exposing Remote Desktop Protocol (RDP) on a management server – but used different ransomware strains and tactics. The first ransomware…
Search Results for: ransomware
German school hit by ransomware
inFranken reports (machine translation): The computer systems of the Simon-Marius-Gymnasium in Gunzenhausen were temporarily unavailable last week. The reason for this was a cyber attack. The district office of Weißenburg-Gunzenhausen provided information about this in a press release on Tuesday (09/08/2022). The search for those responsible is now beginning. “This resulted in the deletion of…
SCOOP: ista International takes systems offline in wake of ransomware attack; Daixin Team claims thousands of servers encrypted
ista International GmbH is a multinational company that manages data and processes that make buildings climate-friendly, safe and comfortable. As they describe themselves: We see the future of our success in the Internet of Things (IoT). Very soon billions of devices will talk directly to each other. This communication will largely take place in and…
Louisiana Public Facilities Authority (LPFA) victim of ransomware attack
The following notification was first published on July 18 as a legal notice: 00110404 PUBLISH 07/18/22 – 09/02/22 Notice of Data Breach On or about February 26, 2022, the Louisiana Public Facilities Authority (LPFA) was the target of a ransomware attack by unknown persons. Our investigation indicates the attack may have gone on over a…
Leaked image shows ransomware attack hit Linn-Mar School District
Adam Carros and Ethan Stein report: Leaked screenshots show the Linn-Mar School District is dealing with a ransomware attack much more severe than the “technical difficulties” the district has described to staff and parents. A staff member shared with TV9 screenshots from district computers showing a warning message stating “all your files have been encrypted…
New GwisinLocker ransomware encrypts Windows and Linux ESXi servers
This site generally doesn’t cover or announce new types of ransomware, but this one targets the healthcare sector, so…. Bill Toulas reports: A new ransomware family called ‘GwisinLocker’ targets South Korean healthcare, industrial, and pharmaceutical companies with Windows and Linux encryptors, including support for encrypting VMware ESXi servers and virtual machines. The new malware is…