What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-10-11 18:25:55 | Engineering Company Weir Group Discloses Ransomware Hack (lien direct) | Engineering company Weir Group has acknowledged it was the victim of a ransomware attack that will likely affect revenue for the third quarter of the year. | Ransomware Hack | ||
 |
2021-10-11 13:20:23 | How to combat the most prevalent ransomware threats (lien direct) | Over the second quarter of the year, 73% of ransomware detections were related to the REvil/Sodinokibi family, while Darkside attacks expanded to more industries, McAfee says. | Ransomware | ||
 |
2021-10-11 05:18:44 | Pacific City Bank discloses ransomware attack claimed by AvosLocker (lien direct) | Pacific City Bank (PCB), one of the largest Korean-American community banking service providers in America, has disclosed a ransomware incident that took place last month. [...] | Ransomware | ||
 |
2021-10-09 07:52:18 | (Déjà vu) Cox Media Group took down broadcasts after a ransomware attack (lien direct) | American media conglomerate Cox Media Group (CMG) was hit by a ransomware attack that took down live TV and radio broadcast streams in June 2021. The American media conglomerate Cox Media Group (CMG) announced it was hit by a ransomware attack that caused the interruption of the live TV and radio broadcast streams in June […] | Ransomware | ||
|
2021-10-08 17:44:49 | The Week in Ransomware - October 8th 2021 - Making arrrests (lien direct) | This week's big news is the arrests of two ransomware operators in Ukraine responsible for hundreds of attacks targeting organizations worldwide. [...] | Ransomware | ||
|
2021-10-08 15:59:12 | Cox Media Group confirms ransomware attack that took down broadcasts (lien direct) | American media conglomerate Cox Media Group (CMG) confirmed that it was hit by a ransomware attack that took down live TV and radio broadcast streams in June 2021. [...] | Ransomware | ||
|
2021-10-08 11:36:12 | The Netherlands declares war on ransomware operations (lien direct) | The Dutch government will not tolerate ransomware attacks that could threaten national security, it will use intelligence or military services to curb them. The Dutch government announced that it will not tolerate cyberattacks that pose a risk to its national security and will employ intelligence or military services to counter them. Cyberespionage and sabotage attacks, […] | Ransomware | ||
|
2021-10-08 10:40:49 | Russian orgs heavily targeted by smaller tier ransomware gangs (lien direct) | Even though American and European companies enjoy the lion's share in ransomware attacks launched from Russian ground, companies in the country aren't spared from having to deal with file encryption and double-extortion troubles. [...] | Ransomware | ||
|
2021-10-08 08:36:06 | Attackers Encrypt VMware ESXi Server With Python Ransomware (lien direct) | A recently observed attack employed a Python-based ransomware variant to target an organization's VMware ESXi server and encrypt all virtual disks, Sophos reports. | Ransomware | ||
|
2021-10-08 08:20:41 | Engineering giant Weir Group hit by ransomware attack (lien direct) | Scottish multinational engineering firm Weir Group has disclosed by what it called an "attempted ransomware attack" that led to "significant temporary disruption" in the second half of September. [...] | Ransomware | ||
 |
2021-10-08 06:41:27 | Ransomware Group FIN12 Aggressively Going After Healthcare Targets (lien direct) | An "aggressive" financially motivated threat actor has been identified as linked to a string of RYUK ransomware attacks since October 2018, while maintaining close partnerships with TrickBot-affiliated threat actors and using a publicly available arsenal of tools such as Cobalt Strike Beacon payloads to interact with victim networks.
Cybersecurity firm Mandiant attributed the intrusions to a |
Ransomware Threat | ||
 |
2021-10-08 05:45:58 | Talos Takes Ep. #71 (NCSAM edition): Reflecting on ransomware in 2021 (lien direct) | By Jon Munshaw.
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page.
We are from the first (or last) people to say this, but 2021 is the year of ransomware. It's by far the biggest story...
[[ This is only the beginning! Please visit the blog for the complete entry ]] |
Ransomware | ||
 |
2021-10-08 00:00:00 | Ransomware Survey Review with a CISO Lens (lien direct) | Ransomware is a top of mind concern for organizations, and risk preparedness is a priority for CISOs. Learn about important takeaways from a global ransomware survey and what CISOs should prioritize when protecting against ransomware.
|
Ransomware | ||
 |
2021-10-07 22:00:58 | Ransomware as a Service: Criminal “Entrepreneurs” Evolve Ransomware (lien direct) | Entrepreneurial threat actors are providing “ransomware as a service” – platforms for budding cybercriminals looking to make it in the “industry.” | Ransomware Threat | ||
|
2021-10-07 21:38:17 | FIN12 ransomware gang don\'t implement double extortion to prioritize speed (lien direct) | Researchers detailed the activities of the FIN12 ransomware group that earned million of dollars over the past years. Researchers from Mandiant published a detailed report on the activities of a financially motivated ransomware group tracked as FIN12 that has been active since at least October 2018. The vast majority of FIN12 victims have more than […] | Ransomware | ||
 |
2021-10-07 16:46:24 | S3 Ep53: Apple Pay, giftcards, cybermonth, and ransomware busts [Podcast] (lien direct) | Latest episode - listen now! | Ransomware | ||
|
2021-10-07 16:06:33 | Aggressive Ransomware Group FIN12 Moves Fast, Targets Big Companies (lien direct) | A report published by Mandiant on Thursday details the activities and tools of FIN12, a highly aggressive ransomware group that has likely made a significant amount of money over the past years. | Ransomware | ||
 |
2021-10-07 14:11:17 | Ransom disclosure law would give firms 48 hours to disclose payments to ransomware gangs (lien direct) | Organisations who find their networks hit by a ransomware attack may soon have to disclose within 48 hours any payments to their extortionists. Read more in my article on the Tripwire State of Security blog. | Ransomware | ||
|
2021-10-07 13:53:05 | FIN12 hits healthcare with quick and focused ransomware attacks (lien direct) | While most ransomware actors spend time on the victim network looking for important data to steal, one group favors quick malware deployment against sensitive, high-value targets. [...] | Ransomware Malware | ||
 |
2021-10-07 13:00:00 | The Real Cost of Ransomware (lien direct) | Ransomware is an expensive cybercrime and getting more so all the time. Payouts have risen massively in the past few years. But while ransomware payment amounts make headlines, the real costs go far beyond what’s paid to the attackers. How Ransomware Works Now Ransomware has always been a problem. But in recent years, attackers have […] | Ransomware | ||
 |
2021-10-07 10:00:04 | Ransomware in the CIS (lien direct) | Statistics on ransomware attacks in the CIS and technical descriptions of Trojans, including BigBobRoss/TheDMR, Crysis/Dharma, Phobos/Eking, Cryakl/CryLock, CryptConsole, Fonix/XINOF, Limbozar/VoidCrypt, Thanos/Hakbit and XMRLocker. | Ransomware | ||
 |
2021-10-07 09:45:00 | Addressing the backup dilemma to ransomware recovery (lien direct) | Pas de details / No more details | Ransomware | ||
 |
2021-10-07 00:01:01 | FIN12: L'acteur prolifique de la menace d'intrusion des ransomwares qui a agressivement poursuivi les objectifs de soins de santé FIN12: The Prolific Ransomware Intrusion Threat Actor That Has Aggressively Pursued Healthcare Targets (lien direct) |
Aujourd'hui, Maniant Intelligence publie un rapport complet détaillant FIN12, un acteur de menace agressif et motivé par financièrement derrière des attaques de ransomwares prolifiques depuis au moins octobre 2018. FIN12 est unique parmi de nombreux acteurs axés sur les ransomwares suivis aujourd'hui parce queIls ne s'engagent généralement pas dans l'extorsion aux multiples facettes et ont eu un impact de manière disproportionnée dans le secteur des soins de santé.Ils sont également le premier acteur de FIN que nous faisons la promotion qui se spécialise dans une phase spécifique du déploiement de cyclistes de cycle de vie des attaques - tout en s'appuyant sur d'autres acteurs de menace pour avoir accédé initial aux victimes
Today, Mandiant Intelligence is releasing a comprehensive report detailing FIN12, an aggressive, financially motivated threat actor behind prolific ransomware attacks since at least October 2018. FIN12 is unique among many tracked ransomware-focused actors today because they do not typically engage in multi-faceted extortion and have disproportionately impacted the healthcare sector. They are also the first FIN actor that we are promoting who specializes in a specific phase of the attack lifecycle-ransomware deployment-while relying on other threat actors for gaining initial access to victims |
Ransomware Threat | ★★★ | |
 |
2021-10-06 20:34:28 | VMware ESXi Servers Encrypted by Lightning-Fast Python Script (lien direct) | The little snippet of Python code strikes fast and nasty, taking less than three hours to complete a ransomware attack from initial breach to encryption. | Ransomware | ||
|
2021-10-06 18:13:04 | Ransomware Risk Assessment Service Aims to Deflect Attacks (lien direct) | The function of cybersecurity is not to eliminate all attacks and compromises – that's impossible – but to make the attack so expensive and time-consuming on the attacker that he simply moves on to an easier target. That is the purpose of a new product/service designed to make commodity ransomware attacks less easy for the attacker. | Ransomware | ||
|
2021-10-06 13:00:00 | Banking and Finance Data Breaches: Costs, Risks and More To Know (lien direct) | As each year passes, cybersecurity becomes more important for businesses and agencies of every size, in nearly every industry. In 2020, ransomware cases grew by 150%, and every 39 seconds, a new attack is launched somewhere on the web. A data breach also causes rising costs in banking and finance. What Happens in a Banking […] | Ransomware Data Breach | ||
|
2021-10-06 10:33:00 | US lawmakers propose ransomware reporting rules (lien direct) | Pas de details / No more details | Ransomware | ||
 |
2021-10-06 08:48:00 | Atom Silo Uses DLL Side-Loading to Deploy Ransomware (lien direct) | New variant is exploiting Atlassian Confluence vulnerability | Ransomware | ||
|
2021-10-06 04:22:07 | Ransom Disclosure Act would give victims 48 hours to report payments (lien direct) | Victims of ransomware attacks in the United States may soon have to report any payments to hackers within 48 hours, as required by a new legislation proposal titled the 'Ransom Disclosure Act'. [...] | Ransomware | ||
 |
2021-10-06 00:00:00 | Using CRIMZON⢠to assess cybersecurity hazards with an insurance portfolioThe CRIMZON⢠framework allows insurance carriers to gain insights into the hazard of cyber without needing to run external scans.Read More (lien direct) | In recent years, the rise to prominence of cyber risk, both as a peril and as a line of business, has created opportunities and threats to insurance companies in equal measure. Insurance executives, exposure managers and underwriters need now more than ever to understand, quantify and manage their exposures, in order to sustain profitability and to protect their balance sheets. By definition, cyber events occur due to vulnerable technology. It is therefore tempting to conclude that understanding these exposures requires knowing the full map of technologies and service providers an insured relies upon, including the granular details on how data is stored and accessed. The issue with this approach is that while this information is certainly valuable to assess the risk, it is challenging to obtain atscale due to the difficulties that arise from accessing and analyzing the data properly. Help in solving this dilemma is provided by using techniques to analyze the cyber footprint of an insured,mapping the technologies and service providers most exposed to the external world. The premise being that such analysis provides insurers with the same point of view of potential threat actors. It is fair to say this is currently the gold standard of cyber hazard analysis. Insurance carriers with large affirmative cyberbooks rely on external scans for underwriting as well as for portfolio management, often augmenting this data with information provided by the insured, mostly from third-party vendors. A direct relationship with the insured is the best way forward to understand their level of risk, however,itâs disingenuous to assume every stakeholder in the insurance industry is able to access the same level of data. Within the same company, portfolio managers often donât have access to the same level of details as underwriters, and across entities reinsurers rely on their clients passing on data, which requires overcoming hurdles around data confidentiality as well as technical limitations on data volumes.Moreover, external scans are expensive and might not be a viable option when cyber coverage is offered as an endorsement on other lines of business.Assessing hazard insured by insured is therefore not always possible and cannot be expected to be the only way. Kovrr has developed an open framework, CRIMZON, which allows insurance stakeholders to understand hazard without running expensive analysis tools and collecting only a minimum amount of data points. This framework is designed to answer basic questions on cyber risk accumulations and estimates of Probable Maximum Loss (PML). It allows full flexibility around the type of risk analyzed,whether the focus is ransomware or cyber liability, and is consistent and compatible with the catastrophe model methodology deployed in our probabilistic cyber risk quantification solution.âââMr. Hetul Patel, Advisor to Kovrr and Chief Actuary atLiberty Mutual Re said: âCRIMZON⢠are a novel way to address the very real need for better cyber risk aggregation.Recent events have clearly highlighted that cyber loss events canât be managed through the traditional tools that reinsurers currently use. CRIMZON have the potential to create a market standard, similar to the way cresta zones are used for natural catastrophe modelling. The use of which goes beyond aggregate and risk management, and into outward reinsurance purchasing and attracting third party capital.â ââGrouping Companies Together by CRIMZONâ¢Kovrrâs open framework Cyber Risk Accumulation Zones (CRIMZONâ¢) groups companies together based on three characteristics: industry, location and entity size. This framework for grouping is based on research that shows that companies sharing these characteristics tend to share cyber risks. Cyber attacks would then be more likely to spread through companies within the same CRIMZON rather than hitting companies randomly.For example, a cyber attack might b | Ransomware Tool Threat | ★★★ | |
|
2021-10-05 19:00:00 | What Happens to Victims When a Ransomware Gang Vanishes? (lien direct) | Not long after launching a major supply chain attack in July 2021, the REvil ransomware gang went offline. The group’s infrastructure, including its surface and dark web portals used for ransom negotiations and data leaks, shut down on July 12, according to Bleeping Computer. Russian digital crime forum XSS banned Unknown, a user believed to […] | Ransomware | ||
 |
2021-10-05 18:28:00 | Anomali Cyber Watch: New APT ChamelGang, FoggyWeb, VMWare Vulnerability Exploited and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, FoggyWeb, Google Chrome Bugs, Hydra Malware, NOBELIUM and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Google Just Patched These Two Chrome Zero-day Bugs That Are Under Attack Right Now
(published: October 1, 2021)
Google has warned users of Google Chrome to update to version 94.0.4606.71, due to two new zero-days that are currently being exploited in the wild. This marks the second update in a month due to actively exploited zero-day flaws. The first of these common vulnerabilities and exposures (CVEs), CVE-2021-37975, is a high severity flaw in the V8 JavaScript engine, which has been notoriously difficult to protect and could allow attackers to create malware that is resistant to hardware mitigations.
Analyst Comment: Users and organizations are recommended to regularly check for and apply updates to the software applications they use, especially web browsers that are increasingly used for a variety of tasks. Organizations can leverage the capabilities of Anomali Threatstream to rapidly get information about new CVEs that need to be mitigated through their vulnerability management program.
Tags: CVE-2021-37975, CVE-2021-37976, chrome, zero-day
Hydra Malware Targets Customers of Germany's Second Largest Bank
(published: October 1, 2021)
A new campaign leveraging the Hydra banking trojan has been discovered by researchers. The malware containing an Android application impersonates the legitimate application for Germany's largest bank, Commerzbank. While Hydra has been seen for a number of years, this new campaign incorporates many new features, including abuse of the android accessibility features and permissions which give the application the ability to stay running and hidden with basically full administrator privileges over a victim's phone. It appears to be initially spread via a website that imitates the official Commerzbank website. Once installed it can spread via bulk SMS messages to a user's contacts.
Analyst Comment: Applications, particularly banking applications, should only be installed from trusted and verified sources and reviewed for suspicious permissions they request. Similarly, emails and websites should be verified before using.
Tags: Banking and Finance, EU, Hydra, trojan
New APT ChamelGang Targets Russian Energy, Aviation Orgs
(published: October 1, 2021)
A new Advanced Persistent Threat (APT) group dubbed “ChamelGang” has been identified to be targeting the fuel and energy complex and aviation industry in Russia, exploiting known vulnerabilities like Microsoft Exchange Server’s ProxyShell and leveraging both new and existing malware to compromise networks. Researchers at Positive Technologies have been tracking the group since March 2017, and have observed that they have attacked targets in 10 countries so far. The group has been able to hi |
Ransomware Malware Tool Vulnerability Threat Guideline | Solardwinds Solardwinds APT 27 | |
|
2021-10-05 16:13:36 | Unnamed Ransomware gang uses a Python script to encrypt VMware ESXi servers (lien direct) | An unnamed ransomware gang used a custom Python script to target VMware ESXi and encrypt all the virtual machines hosted on the server. Researchers from Sophos were investigating a ransomware attack when discovered that the attackers employed a Python script to encrypt virtual machines hosted on VMware ESXi servers. In the attack investigated by the […] | Ransomware | ||
 |
2021-10-05 16:00:48 | Collaborative Research on the CONTI Ransomware Group (lien direct) | Ransomware remains one of the pre-eminent cyber threats, with the evolution in tactics, techniques and procedures (TTPs) amongst threat actor groups over recent years upping the stakes for both victims and defenders. In addition to Team Cymru's involvement with the Ransomware Task Force, our analysts have also been collaborating over recent months with a [...] | Ransomware Threat | ||
|
2021-10-05 14:37:19 | Qualys Ransomware Risk Assessment service aims to help you thwart potential attacks (lien direct) | Free for the first 60 days, the new service is designed to help you better understand your organization's exposure to ransomware and automate the steps needed to reduce your risk. | Ransomware | ||
|
2021-10-05 13:48:46 | Europol announces two more ransomware busts in Ukraine (lien direct) | "Two in custody," as they say. Cars, cash and cryptocoins nabbed as well. | Ransomware | ||
 |
2021-10-05 13:00:02 | New Python ransomware targets virtual machines, ESXi hypervisors to encrypt disks (lien direct) | By targeting ESXi, encryption was achieved in less than three hours on a corporate network. | Ransomware | ||
 |
2021-10-05 11:50:20 | How Do Initial Access Brokers Enable Ransomware Attacks? (lien direct) |
Editor's Note: Unlock the knowledge, resources and expert guidance you need to successfully prevent ransomware attacks from impacting your organization's operations with this complimentary Ransomware Toolkit...
This October marks the 18th iteration of Cybersecurity Awareness Month, formerly called National Cybersecurity Awareness Month (NCSAM). Together with the National Cyber Security Alliance (NCSA), the U.S. Cybersecurity & Infrastructure Security Agency unveiled Do Your Part. #BeCyberSmart as this year's theme. They also named “Be Cyber Smart” as the focus for the week of October 4 (Cybersecurity Awareness Month Week 1). |
Ransomware | ||
|
2021-10-05 10:45:00 | New Python-based ransomware attacks unfold in record time (lien direct) | Pas de details / No more details | Ransomware | ||
|
2021-10-05 10:42:39 | Atom Silo ransomware operators target vulnerable Confluence servers (lien direct) | A weaponized exploit used by the cybercriminals was only disclosed in August. | Ransomware | ||
 |
2021-10-05 09:00:00 | Google Protects Your Accounts – Even When You No Longer Use Them (lien direct) | Posted by Sam Heft-Luthy, Product Manager, Privacy & Data Protection Office What happens to our digital accounts when we stop using them? It's a question we should all ask ourselves, because when we are no longer keeping tabs on what's happening with old accounts, they can become targets for cybercrime.In fact, quite a few recent high-profile breaches targeted inactive accounts. The Colonial Pipeline ransomware attack came through an inactive account that didn't use multifactor authentication, according to a consultant who investigated the incident. And in the case of the recent T-Mobile breach this summer, information from inactive prepaid accounts was accessed through old billing files. Inactive accounts can pose a serious security risk.For Google users, Inactive Account Manager helps with that problem. You can decide when Google should consider your account inactive and whether Google should delete your data or share it with a trusted contact. Here's How it WorksOnce you sign up for Inactive Account Manager, available in My Account settings, you are asked to decide three things:When the account should be considered inactive: You can choose 3, 6, 12 or 18 months of inactivity before Google takes action on your account. Google will notify you a month before the designated time via a message sent to your phone and an email sent to the address you provide.Who to notify and what to share: You can choose up to 10 people for Google to notify once your Google Account becomes inactive (they won't be notified during setup). You can also give them access to some of your data. If you choose to share data with your trusted contacts, the email will include a list of the selected data you wanted to share with them, and a link they can follow to download that data. This can include things like photos, contacts, emails, documents and other data that you specifically choose to share with your trusted contact. You can also choose to set up a Gmail AutoReply, with a custom subject and message explaining that you've ceased using the account.If your inactive Google Account should be deleted: After your account becomes inactive, Google can delete all its content or send it to your designated contacts. If you've decided to allow someone to download your content, they'll be able to do so for 3 months before it gets deleted. If you choose to delete your Google Account, this will include your publicly shared data (for example, your YouTube videos, or blogs on Blogger). You can review the data associated with your account on the Google Dashboard. If you use Gmail with your account, you'll no longer be able to access that email once your account becomes inactive. You'll also be unable to reuse that Gmail username.Setting up an Inactive Account plan is a simple step you can take to protect your data, secure your account in case it becomes inactive, and ensure that your digital legacy is shared with your trusted contacts in case you become unable to access your account. Our Privacy Checkup now reminds you to set up a plan for your account, and we'll send you an occasional reminder about your plan via email.At Google, we are constantly working to keep you safer online. This October, as we celebrate Cybersecurity Awareness Month, we want to remind our users of the security and privacy controls they have at their fingertips. For m | Ransomware | ||
|
2021-10-05 09:00:00 | Ransomware gang encrypts VMware ESXi servers with Python script (lien direct) | Operators of an unknown ransomware gang are using a Python script to encrypt virtual machines hosted on VMware ESXi servers. [...] | Ransomware | ||
 |
2021-10-05 01:37:00 | Coup de filet majeur dans le milieu du ransomware : REvil démantelé ? (lien direct) | Les forces de l'ordre ont arrêté deux individus en Ukraine qui opéraient l'infrastructure d'un important rançongiciel. Il est probable qu'il s'agisse de REvil.  |
Ransomware | ||
|
2021-10-05 00:36:08 | Ransomware Hackers Who Attacked Over 100 Companies Arrested in Ukraine (lien direct) | Law enforcement agencies have announced the arrest of two "prolific ransomware operators" in Ukraine who allegedly conducted a string of targeted attacks against large industrial entities in Europe and North America since at least April 2020, marking the latest step in combating ransomware incidents.
The joint exercise was undertaken on September 28 by officials from the French National |
Ransomware | ||
|
2021-10-04 15:02:17 | Two \'Prolific\' Ransomware Operators Arrested in Ukraine (lien direct) | Two individuals who were allegedly part of a “prolific” ransomware group have been arrested in Ukraine, Europol and Ukraine's Cyber Police announced on Monday. | Ransomware | ||
|
2021-10-04 14:52:00 | Prolific Ransomware Operators Arrested in Joint Law Enforcement Action (lien direct) | The operators arrested were allegedly part of a group known for their extortionate ransom demands | Ransomware | ||
|
2021-10-04 13:48:04 | Pottawatomie County paid the ransom to recover its systems (lien direct) | Pottawatomie County restored operations that were suspended after a ransomware attack hit its systems on September 17, 2021. Officials at Pottawatomie County announced to have fully recovered their IT infrastructure that was hit by a ransomware attack on September 17, 2021. County Administrator Chad Kinsley announced that the county opted to pay the ransomware, they […] | Ransomware | ||
|
2021-10-04 13:13:08 | Two ransomware operators were arrested in Kyiv with EUROPOL\'s support (lien direct) | Two ransomware operators arrested in Kyiv, Ukraine, that are suspected to have attacked more than 100 companies causing more than $150M in damages. A joint international law enforcement operation led to the arrest of the ransomware operators in Kyiv, Ukraine on September 28. The operation was conducted by the Ukrainian National Police, with the support […] | Ransomware | ||
|
2021-10-04 12:33:13 | €70 million ransomware gang busted in Ukraine (lien direct) | Law enforcement agencies may have had a significant victory in the battle against ransomware gangs, following the arrest of two men in Ukraine. Read more in my article on the Hot for Security blog. | Ransomware | ||
|
2021-10-04 11:37:56 | Pottawatomie County Fixing Systems After Ransomware Attack (lien direct) | Computer systems are being restored in Pottawatomie County are after hackers launched a ransomware attack on Sept. 17, county officials said Friday. The county resolved the attack by paying less than 10% of the hackers' original demands, County Administrator Chad Kinsley said in a statement. | Ransomware |
To see everything:
Our RSS (filtrered)
