With schools worldwide back in session, ransomware operations are barraging them with cyberattacks that disrupt the start of the school year.
Over the past few weeks, we have seen a steady barrage of attacks against K-12 schools, colleges, and universities where ransomware operators target exposed remote desktop servers and network devices’ vulnerabilities.
To warn education institutions of these attacks, the U.K. National Cyber Security Centre (NCSC) has offered guidance on the steps organizations should perform to harden their defenses.
There have also been disastrous consequences to the attackers on universities, as one attacks thought they encrypted a university, but instead hit an affiliated hospital.
This mistake led to a disruption of emergency care services, which may have caused a patient’s death who had a life-threatening condition.
Thx to this week’s contributors: @LawrenceAbrams, @VK_Intel, @FourOctets, @malwrhunterteam, @jorntvdw, @struppigel, @DanielGallagher, @PolarToffee, @serghei, @fwosar, @malwareforme, @demonslay335, @Seifreed, @Ionut_Ilascu, @NCSC, @SophosLabs, @threatresearch, @AltShiftPrtScn, @Ax_Sharma, @TU_CARE, @Kangxiaopao, @emsisoft, @MarceloRivero, @JakubKroustek, @JAMESWT_MHT, @fbgwls245, and @GrujaRS.
Also Read: Do Not Call Registry Penalty: Important Tips to Consider
Fairfax County Public Schools (FCPS), the 10th largest school division in the US, was recently hit by ransomware according to an official statement published on Friday evening.
Xiaopao found new Xorist Ransomware variant that append the .BD extension.
Xiaopao found new Dharma Ransomware variant that append the .chuk extension.
Emsisoft has released a decryptor for the Crypt32 ransomware.
Marcelo Rivero found a new Dharma Ransomware variant that appends the .AHP extension to encrypted files.
Emsisoft has released a decryptor for the Cyborg ransomware that supports the .petra, .EncryptedFilePayToGetBack, .Cyborg1, and .LockIt extensions.
Michael Gillespie found a new Nefilim variant that appends the .MEFILIN extension and drops a ransom note named MEFILIN-README.txt.
Michael Gillespie found a new STOP variant that appends the .npph extension to encrypted files.
Also Read: 5 Brief Concepts Between Data Protection Directive vs GDPR
Michael Gillespie found a new ransomware called Zeoticus 2.0 that appends the extension “[email protected]” and drops a ransom note named README.html.
JAMESWT found the new Demonware python ransomware.
GrujaRS found a new PewPew Ransomware that appends the .abkir extension and wipes files.
University Hospital New Jersey (UHNJ) has suffered a massive 48,000 document data breach after a ransomware operation leaked their stolen data.
The LockBit ransomware gang has launched a new data leak site to be used as part of their double extortion strategy to scare victims into paying a ransom.
Jakub Kroustek found a new variant of the Dharma ransomware that appends the .TEREN extension.
Michael Gillespie found a new Xorist Ransomware variant that appends the .YOURPCISHACK16024752552658 extension to encrypted files.
dnwls0719 found a new DesuCrypt variant that calls itself DogeCrypt and appends the .DogeCrypt extension.
The Maze ransomware operators have adopted a tactic previously used by the Ragnar Locker gang; to encrypt a computer from within a virtual machine.
A person in a life-threatening condition passed away after being forced to go to a more distant hospital due to a ransomware attack.
Xiaopao found new Xorist variant that append the .TAKAextension.
Xiaopao found new BlackHeart variant that .Alix1011RVA extension and drops a ransom note named ReadME-Alix1011RVA.
Xiaopao found a new Dharma ransomware variant that appends the .lina extension to encrypted files.
MalwareHunterTeam found a new ransomware that targets Vietnam.
The U.K. National Cyber Security Centre (NCSC), has issued an alert about a surge in ransomware incidents targeting educational institutions, urging them to follow the recently updated recommendations for mitigating malware attacks.
IPG Photonics, a leading U.S. developer of fiber lasers for cutting, welding, medical use, and laser weaponry has suffered a ransomware attack that is disrupting their operations.
Established in 2018, Privacy Ninja is a Singapore-based IT security company specialising in data protection and cybersecurity solutions for businesses. We offer services like vulnerability assessments, penetration testing, and outsourced Data Protection Officer support, helping organisations comply with regulations and safeguard their data.
Singapore
7 Temasek Boulevard,
#12-07, Suntec Tower One,
Singapore 038987
