Category: ransomware

Daily news paper ‘The Philadelphia Inquirer’ has been apparently hit by a cyber attack of ran-somware attack and it is unclear when the systems are likely to be restored. As of now, the IT staff of the news publisher based in Philadelphia have confirmed the news that the disruption of its systems is due to a cyber-attack that hasn’t been seen by them in the publisher’s history of 28 years. However, they are yet to confirm the news that it was caused due to the file encrypt-ing malware.

Sources reporting to Cybersecurity Insiders state that the incident took place in the early hours of Saturday and so prevented the complete publishing of the Sunday’s news printing.

Lisa Hughes the head publisher said that the time frame of restoration is yet to be known and the staff are busy restoring the content-management system as of now. Official statement is out that the staff of Inquirer will not be allowed to enter the office till Tuesday and the decision can be extended if things go out of control.

Previously, a similar publishing disruption took place due to a massive blizzard that stalled the staff’s operations for a couple of days in the year 1996. Now, the news coverage has been mas-sively hit on a digital note affecting mayoral election news coverage that was scheduled to take place from Tuesday. However, some senior journalists will be allowed to access the news room on the election night and a separate set-up for the publishing has been arranged.

FBI and other law enforcement agencies has been pressed into the service to investigate and file a report about the incident to the government.

Disruption of Media, utility and transportation services have been tagged as somber issues by the Biden led government. And if any state funded actor is found behind the incident, then the white house is ready to issue retaliation orders where the perpetrator will be brought and prose-cuted as per US laws, either virtually or physically……. though its tough to implement such laws outside United States.

NOTE- The online version of Inquirer.com is being updated normally as new stories are being updated on hourly basis.

The post Philadelphia Inquirer possibly hit by ransomware attack appeared first on Cybersecurity Insiders.

Micro-Star International—aka MSI—had its UEFI signing key stolen last month.

This raises the possibility that the leaked key could push out updates that would infect a computer’s most nether regions without triggering a warning. To make matters worse, Matrosov said, MSI doesn’t have an automated patching process the way Dell, HP, and many larger hardware makers do. Consequently, MSI doesn’t provide the same kind of key revocation capabilities.

Delivering a signed payload isn’t as easy as all that. “Gaining the kind of control required to compromise a software build system is generally a non-trivial event that requires a great deal of skill and possibly some luck.” But it just got a whole lot easier.

ABB Group that is into the business field of offering Automation Technology was reportedly hit by Black Basta Ransomware attack. The Swiss based multinational company said that the attack hits its business operations and has been contained. However, some of the core factory functions have been stalled until the malware encryption is removed.

Information is out that the attack was identified on May 7th,2023 and Black Basta, the crime group identified in April 2022 by the law enforcement was linked to the attack.

Black Basta is a ransomware as a service group that is into the theme of launching double ex-tortion attacks. Where the hacker first steals data from the company servers and then encrypts it until a ransom is paid. If the victim fails to pay the ransom, then the data is released into the dark web causing an embarrassment to the company among the competitors.

Moreover, if the information is leaked into the web, customers of the victimized company start to distrust the services offered by the firm, thus causing monetary loss to the firm on a long-term note.

Abb Group is been discussed to be aware of the consequences and so has already a business continuity plan in place to cater to the operational needs for the time being or until its security officers mitigate the risks to the core.

NOTE: Some hacking groups like LockBit convince the victim until a ransom is paid and thereafter leak their siphoned data to the web. Meaning, they do not stand by their words of re-turning the data after a ransom is paid……so, it’s better we all be aware of this fact!

The post Black Basta Ransomware attack on ABB Group LTD appeared first on Cybersecurity Insiders.

Twitter shares explicit photos without users' permission, one US company can look forward to a $1.4 billion payout seven years after an infamous cyberattack, and how might hackers target Eurovision? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by cybersecurity reporter John Leyden. Plus don't miss our featured interview with Outpost24's John Stock.

Australia’s HWL Ebsworth law firm has issued a statement stating that its servers have been hacked and the personal data of its clients and some employees were accessed and siphoned by criminals.

The Blackcat ransomware gang posted a statement on its website reiterating the same, stating that they had siphoned approximately 4TB of company data, including employee CVs, ID card details, financial reports, account information, client documentation, credit card information, and a blueprint containing the network map of the entire HWL Ebsworth computer network.

Blackcat, also known as ALPHV, is one of the three ransomware gangs that seems to focus on large organizations operating in Australia. According to the analysis conducted by Palo Alto Networks, the notorious group has started targeting businesses that operate in nations supporting Ukraine in its war with Russia, and this was reaffirmed by another cybersecurity firm named SOPHOS.

Security researchers from Sophos added in their statement that the gang of criminals was infiltrating networks by exploiting vulnerabilities created from unpatched software and firewalls. It immediately issued an alert to businesses to raise their defense line as per the needs of the current cyber landscape and can take the help of its experts in doing so.

Medibank, LJ Hooker, and Optus were among the other companies targeted by the ALPHV ransomware group. Therefore, the government led by Anthony Albanese warned all organizations in November last year to bolster their cybersecurity infrastructure before it was too late.

Blackcat usually demands a ransom of over $5 million on average, but HWL Ebsworth is not in the mood to entertain any such demands as it has an efficient data continuity plan in place.

The post BlackCat Ransomware group breaches Australia HWL Ebsworth law firm servers appeared first on Cybersecurity Insiders.

Students and teachers at the Minneapolis Public School (MPS) District, which suffered a huge ransomware attack< at the end of February, have had highly sensitive information about themselves published on the web, including allegations of abuse by teachers and psychological reports. Read more in my article on the Hot for Security blog.