Government Software Supplier Hit By Ransomware

Data Breach Today

Louisiana Government Recovering From Ransomware Attack

Data Breach Today

Governor Describes 'Aggressive' Incident Response Efforts After a ransomware attack on Monday forced Louisiana's government to take several servers and websites offline to prevent the malware from spreading, state officials spent Tuesday restoring online services

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Texas Says 22 Local Government Agencies Hit by Ransomware

Data Breach Today

Single Threat Actor' Suspected; Government Coalition Urges Greater Prevention Ransomware-wielding attackers continue to target not just big businesses and large government agencies, but increasingly their smaller counterparts too. In Texas, officials say a campaign tied to a "single threat actor" infected 22 local government agencies on Friday

Ransomware Increasingly Hits State and Local Governments

Data Breach Today

Yet These Victims Are Less Likely to Pay Any Ransom, Recorded Future Finds Over the past two years, the number of ransomware attacks against state and local government agencies has increased. But at the same time, these victims are paying less to attackers. A new analysis by threat intelligence firm Recorded Future asks: Why the discrepancy

City of Albany Latest Local Government Hit With Ransomware

Data Breach Today

Attack Comes After Others That Targeted Counties Albany, New York, is the latest unit of local government hit with ransomware in recent weeks, following similar attacks reported in Georgia and North Carolina that crippled government IT systems and disrupted service for local residents

Texas Government Agencies Hit by Ransomware

Adam Levin

The local governments and agencies from twenty-three Texas towns were hit by a coordinated ransomware campaign last week. . The Texas Department of Information Resources (DIR) became aware of the ransomware campaign after being contacted by the municipal governments of several towns that were unable to access critical files. Although the DIR has released few details about the ransomware campaign, they did confirm that it originated from a single “threat actor.”

Ransomware Increasingly Targeting Small Governments

Dark Reading

To get back up and running quickly, and because it's cheaper, city and county governments often pay the ransom, especially if insurance companies are footing the bill. The result: More ransomware

Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam

Krebs on Security

Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. federal government if the crooks who profit from the attack are already under economic sanctions, the Treasury Department warned today.

Government Employees Unprepared for Ransomware

Dark Reading

Data shows 73% are concerned about municipal ransomware threats but only 38% are trained on preventing these attacks

Coordinated Ransomware Attack Hits 23 Texas Government Agencies

Threatpost

Researchers say that the targeted ransomware cyberattack on 23 Texas local and state entities represents a shift from "attacks of opportunity" to more targeted, malicious attacks. Government Malware cyberattack malware ransom ransomware state and government ransomware Texas government ransomware

Latest Ransomware Trends: Lessons to Learn

Data Breach Today

Learning From Difficult Recoveries and Advice in Government Alerts As ransomware attacks on the healthcare sector continue to surge, entities should heed the lessons emerging from these incidents as well as the advice provided in alerts from government agencies, security experts say

CERT France – Pysa ransomware is targeting local governments

Security Affairs

CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities. Operators behind this campaign are spreading a new version of the Mespinoza ransomware (aka Pysa ransomware). pysa file extension that gives the name to this piece ransomware.

What’s Next for Ransomware in 2021?

Threatpost

Ransomware response demands a whole-of-business plan before the next attack, according to our roundtable of experts.

Iranian Hacking Group Suspected of Deploying Ransomware

Data Breach Today

ClearSky: 'MuddyWater' APT Linked to Attacks Targeting Israel, Others A hacking group with links to Iran's government is suspected of using ransomware in attempts to damage the systems of organizations in Israel and other countries, the security firm ClearSky reports

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

Krebs on Security

26, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the United States. “Multiple hospitals have already been significantly impacted by Ryuk ransomware and their networks have been taken offline,” Carmakal said. On Monday, Oct.

Researchers Mixed on Sanctions for Ransomware Negotiators

Threatpost

Government Malware evil corp fines penalties ransomware ransomware negotiators Sanctions to pay or not pay treasury departmentFinancial institutions, cyber-insurance firms, and security firms have all been put on notice by the U.S. Department of the Treasury.

Ransomware attack disabled Georgia County Election database

Security Affairs

A ransomware attack recently hit Georgia county government and reportedly disabled a database used to verify voter signatures. The media pointed out that this is the first reported case of a ransomware attack against a system used in the incoming 2020 Presidential election.

Georgia Election Data Hit in Ransomware Attack

Threatpost

With Election Day approaching, local governments need to be prepared for malware attacks on election infrastructure.

Vancouver Metro Disrupted by Egregor Ransomware

Threatpost

Government Hacks IoT Malware Compass cyberattack egregor Encryption kiosks Kmart malware ransom note ransomware ransomware gang Translink Vancouver metro

Experts Warn: Targeted Ransomware Attacks to Surge

Data Breach Today

McAfee and Microsoft Analysts Review 'Ransomware as a Service' Trends Targeted ransomware attacks against enterprises and government agencies are likely to surge in the coming months as "ransomware as a service" continues to evolve into a lucrative model for cybercriminals, security experts interviewed at RSA 2020 warn

FBI: COVID-19-Themed Phishing Spreads Netwalker Ransomware

Data Breach Today

Attacks Target Government Agencies and a Variety of Others The FBI is warning that attacks using a ransomware variant called Netwalker have increased since June, targeting government organizations, educational entities, healthcare firms and private companies in the U.S.

Ransomware Is Headed Down a Dire Path

WIRED Threat Level

2020 was a great year for ransomware gangs. For hospitals, schools, municipal governments, and everyone else, it’s going to get worse before it gets better. Security Security / Cyberattacks and Hacks

City Pays Ransom Despite Pre-Ransomware Outbreak Hack Alert

Data Breach Today

DoppelPaymer Hit Comes as Ransomware Attacks - and Data-Leaking Shakedowns - Surge The attack sounds ripped from an episode of TV show "24": Hackers have infiltrated a government network, and they're days away from unleashing ransomware. Unfortunately for Florence, a city in Alabama, no one saved the day, and officials are sending $300,000 in bitcoins to attackers for a decryption key

Texas Pummeled by Coordinated Ransomware Attack

Data Breach Today

Cybercrime Campaign Counts 23 Victims - Mostly Local Government Entities State officials in Texas say that at least 23 local government entities have fallen victim to a coordinated ransomware attack unleashed on Friday morning. Security experts say attackers continue to pummel local governments, and illicit profits have been rising

Maze Ransomware Gang Allegedly Retires

Adam Levin

The infamous Maze ransomware gang has announced they will cease operations, effective immediately. . The post Maze Ransomware Gang Allegedly Retires appeared first on Adam Levin. Data Security Government health care Featured Data breach featured ransomware maze

Louisiana Calls Out National Guard to Fight Ransomware Surge

Threatpost

Government Malware Cyberattacks emotet government offices kimjongrat louisiana malware municipal targets national guard ransomwareAn investigation showed a custom backdoor RAT and the Emotet trojan in the networks of municipal victims of the attacks.

Sopra Steria hit by the Ryuk ransomware gang

Security Affairs

French IT outsourcer Sopra Steria hit by ‘cyberattack’, Ryuk ransomware suspected. “Two sources tell us that the ransomware involved is none other than Ryuk. In March, the City of Durham shut down its network after Ryuk Ransomware attack.

At least 23 Texas local governments targeted by coordinated ransomware attacks

Security Affairs

At least 23 local governments were impacted by a wave of ransomware attacks that according to the experts are the result of a coordinated effort. Texas is the victim of an ongoing wave of ransomware attacks that are targeting local governments. At least 23 local government organizations were impacted by the ransomware attacks, the Department of Information Resources (DIR) is currently investigating them and providing supports to mitigate the attacks.

Ransomware at IT Services Provider Synoptek

Krebs on Security

Synoptek , a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. 20 warned against the dangers of phishing-based cyberattacks, less than three days prior to their (apparently phishing-based) Sodinokibi ransomware infestation. Ransomware rEvil Sodinokibi Synoptek

Netwalker ransomware operators leaked files stolen from K-Electric

Security Affairs

K-Electric, Pakistan’s largest private power company, did not pay the ransom and the Netwalker ransomware operators have leaked the stolen data. The news of the incident was first reported by BleepingComputer which was informed by the ransomware researcher Ransom Leaks.

Canon publicly confirms August ransomware attack and data breach

Security Affairs

Canon finally confirmed that it has suffered a ransomware attack in early August that resulted in the theft of data from its servers. Canon has finally confirmed that it was the victim of a ransomware attack in early August and that the threat actors also stole data from its servers.

Ransomware infected systems at state government of Louisiana

Security Affairs

Another ransomware attack made the headlines, the victim is the state government of Louisiana, numerous services have been impacted. The state government of Louisiana was hit by a ransomware attack that affected multiple state services including the Office of Motor Vehicles, the Department of Health, and the Department of Transportion and Development. A few days later, Lake City also agreed to pay nearly $500,000 in ransom after a ransomware attack.

Colocation data centers giant Equinix data hit by Netwalker Ransomware

Security Affairs

Equinix, one of the world’s largest providers of colocation data centers and Internet connection announced it was hit by Netwalker Ransomware. “Equinix is currently investigating a security incident we detected that involves ransomware on some of our internal systems.”

Hackers Release Student Data Following Ransomware Attack

Adam Levin

Ransomware operators have released the personal data of students in the Clark County School District in Nevada after officials refused to pay to have their files decrypted. The FBI strongly discourages paying ransom in response to ransomware attacks.

CISA Warns Government Agencies of Increasing Emotet Attacks

Adam Levin

Since August, CISA and MS-ISAC have seen a significant increase in malicious cyber actors targeting state and local governments with Emotet phishing emails. Since then, government agencies in the U.S.,

Netwalker ransomware hit K-Electric, the major Pakistani electricity provider

Security Affairs

K-Electric, the electricity provider for the city of Karachi, Pakistan, was hit by a Netwalker ransomware attack that blocked billing and online services. The news of the incident was first reported by BleepingComputer which was informed by the ransomware researcher Ransom Leaks.

Ransomware And Zoom-Bombing: Cyberattacks Disrupt Back-to-School Plans

Threatpost

Critical Infrastructure Featured Government Hacks Malware Vulnerabilities Web Security back to school clark county coronavirus COVID-19 cyberattack delay education first day of school hartford hrtford Las Vegas Phishing Public Schools ransomware remote learning school system zoom Zoom-bombing

FBI issued a flash alert about Netwalker ransomware attacks

Security Affairs

The FBI has issued a security alert about Netwalker ransomware attacks targeting U.S. and foreign government organizations. The FBI has issued a new security flash alert to warn of Netwalker ransomware attacks targeting U.S. and foreign government organizations.

Analysis: The Latest Ransomware Targets

Data Breach Today

The latest edition of the ISMG Security Report discusses the recent ransomware attacks on the city of New Orleans as well as other units of local government and schools. Also featured: discussion on security issues for IoT and legacy medical devices

The Hidden Cost of Ransomware: Wholesale Password Theft

Krebs on Security

Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. But all too often, ransomware victims fail to grasp that the crooks behind these attacks can and frequently do siphon every single password stored on each infected endpoint. VCPI) was hit by the Ryuk ransomware strain.