The Department of Homeland Security CISA is warning critical infrastructure operators to redouble their security efforts after a natural gas compression facility was hit and shut down by a ransomware attack. The attackers used a spearphishing email containing a link to gain access to the operator’s network and then moved laterally to the target’s operational…
A school district and city in the same geographically area in Texas were each hit with ransomware this week with the city of Garrison making a quick recovery, however, the Nacogdoches Independent School District (NISD) is still struggling. School district officials said the attack struck on February 11 forcing IT admins to shut down the…
Two schools, two ransomware attack and two different outcomes. The Allegheny Intermediate Unit school system was able to fend off a recent ransomware attack using back up files, meanwhile the University of Maastricht just disclosed it paid 30 bitcoins to regain control of its encrypted computer network. Allegheny Intermediate Unit (AIU), a regional public education…
A newly discovered attack campaign has been abusing the online storage platform Bitbucket to maintain and update a wide assortment of malware, in a plot to infect computer users who download free, cracked versions of commercial software from the internet. Researchers at Cybereason’s Nocturnus team, who uncovered the threat, estimate that more than 500,000 machines…
A new threat intelligence report has underscored the serious threat posed by the recently discovered Snake ransomware, which not only encrypts files, but can disrupt certain industrial controls systems processes. ICS security firm Dragos issued the blog post report yesterday after initially sharing it privately with its clientele back in mid-January. Dragos refers to ransomware…
At least five law firms have been hit and held hostage by the Maze ransomware group in the last four days with these attacks being part of a wider campaign possibly affecting between 45 and 180 total victims in January. Maze is using a somewhat unique tactic with its latest victims. Instead of simply placing…
The city of Racine, Wis., was hit with a ransomware attack January 31 that knocked most of its non-emergency computer services offline. The Wisconsin-city’s website, email system and online payment collection systems were still down as of February 3 and the city police are unable to processes fee payments or provide copies of police and…
A Ryuk ransomware attack against U.S. Department of Defense contractor Electronic Warfare Associates (EWA) has reportedly affected the electronics company’s web server, making several of its websites in accessible. According to a ZDNet report, the attack took place last week and impacted the websites for the EWA Government Systems Inc., a subsidiary that sells electronic…
On the heels of a Ryuk ransomware attack on the Tampa Bay Times, researchers reported a new variant of the Ryuk stealer being aimed at government, financial and law enforcement targets. The Times attack didn’t result in a breach, noted David Ruiz, 0f Malwarebytes Labs, who cited the Times Publishing Company Chief Digital Officer Conan…
Citrix over the last six days has been releasing firmware updates to fix CVE-2019-19781, a critical remote code execution vulnerability in its Citrix Application Delivery Controller, Citrix Gateway and SD-WAN WANOP products, which cybercriminals have actively exploited in an attempt to deliver ransomware, backdoors and coin miners. The Fort Lauderdale, Fla.-based software company has now…
