Daily NCSC-FI news followup 2019-12-28

U.S. Coast Guard Says Ryuk Ransomware Took Down Maritime Facility

www.bleepingcomputer.com/news/security/us-coast-guard-says-ryuk-ransomware-took-down-maritime-facility/ The systems encrypted by Ryuk Ransomware directly impacted the facility’s “entire corporate IT network (beyond the footprint of the facility)” [emphasis ours] and physical access and camera control systems, and it also led to “loss of critical process control monitoring systems.”

Ransomware Hits Maastricht University, All Systems Taken Down

www.bleepingcomputer.com/news/security/ransomware-hits-maastricht-university-all-systems-taken-down/ Maastricht University (UM) announced that almost all of its Windows systems have been encrypted by ransomware following a cyber-attack that took place on Monday, December 23.. UM is a university from the Netherlands with over 18,000 students, 4,400 employees, and 70,000 alumni.

Ransomware at IT Services Provider Synoptek

krebsonsecurity.com/2019/12/ransomware-at-it-services-provider-synoptek/ Synoptek, a California-based cloud hosting and IT management services provider suffered a ransomware attack this week that has disrupted operations for many of its clients.. Two sources who work at the company have now confirmed their employer was hit by Sodinokibi, a potent ransomware strain also known as rEvil.

Ransomware Situation Goes From Bad to Worse

www.darkreading.com/attacks-breaches/ransomware-situation-goes-from-bad-to-worse/d/d-id/1336664 The surge in ransomware attacks on cities, municipalities, schools, and healthcare organizations this year is just a foretaste of what is likely come in 2020.. Threat actors have sensed a very real opportunity to make big returns attacking enterprise organizations using ransomware and are refining their tools and techniques to increase their chances for success, say worried security experts.

30 years of ransomware: How one bizarre attack laid the foundations for the malware taking over the world

www.zdnet.com/article/30-years-of-ransomware-how-one-bizarre-attack-laid-the-foundations-for-the-malware-taking-over-the-world/ In December 1989 the world was introduced to the first ever ransomware – – and 30 years later ransomware attacks are now at crisis levels.

Leveraging Disk Imaging Tools to Deliver RATs

www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/leveraging-disk-imaging-tools-to-deliver-rats/ This year we observed a notable uptick in disc imaging software (like .ISO) being used as a container for serving malware via email, with .ISO archives attributing to 6% of all malware attachment archives seen this year.

Ring and Amazon get slammed with a federal lawsuit that claims the companies failed to secure cameras against hackers

www.businessinsider.com/ring-amazon-sued-federal-court-security-hacking-2fa-2019-12 The lawsuit alleges that, as a manufacturer of security products, Ring failed to meet its “most basic obligation by not ensuring its Wi-Fi enabled cameras were protected against cyber-attack.”

You might be interested in …

[NCSC-FI News] Ransomware gang threatens to overthrow’ new Costa Rica government, raises demand to $20 million

The ransomware group behind an attack on several Costa Rican government ministries levied several violent warnings against the country this weekend, raising the ransom demand to $20 million and threatening to “overthrow” the government of new President Rodrigo Chaves In two messages posted to their leak site on Saturday, the Conti ransomware group – which […]

Read More

Daily NCSC-FI news followup 2021-10-26

FBI: Ranzy Locker ransomware hit at least 30 US companies this year www.bleepingcomputer.com/news/security/fbi-ranzy-locker-ransomware-hit-at-least-30-us-companies-this-year/ The FBI said on Monday that Ranzy Locker ransomware operators had compromised at least 30 US companies this year from various industry sectors. “The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, […]

Read More

[NCSC-FI News] More Conti ransomware source code leaked on Twitter out of revenge

A Ukrainian security researcher has leaked newer malware source code from the Conti ransomware operation in revenge for the cybercriminals siding with Russia on the invasion of Ukraine Last month, the researcher published almost 170, 000 internal chat conversations between the Conti ransomware gang members. The researcher later leaked old Conti ransomware source code dated […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.