Reading Time: ~ 2 min.
Florida City Sees Lasting Effects of Ransomware Attack
Nearly three weeks after the City of Jupiter,
Florida suffered a ransomware attack that took many of their internal
systems offline, the city has yet to return to normal. City officials announced
they would be working to rebuild their systems from backups, rather than paying
any ransom, and were able to get their main website up and running again, along
with many essential services. The timing of the attack couldn’t have been
worse, as most of the City’s staff were under lockdown and unable to access compromised
machines in a quick and safe manner.
Hackers Breach San Francisco International Airport
Late last Month, Russia-based hackers attempted to breach
the internal networks of San
Francisco International Airport using a simple injection script to obtain
employee credentials. By forcing the use of the SMB file-sharing protocol, the
hackers could quickly grab the usernames and hashed passwords, which would then
allow them to deploy any number of malicious payloads or access extremely
sensitive information. Shortly after the attack was detected and subsequently ended,
the IT staff issued a forced password reset for all staff in hopes of
minimizing any further damage.
Critical Exploits Patched by Microsoft
patched three zero-day exploits that could allow remote code execution, privilege
increases, and even creating new accounts with full OS permissions. Two of the
patched flaws related to the Adobe Type Manager Library and were functional on
multiple Windows® operating systems, but performed different tasks based on the
environment in which they were deployed.
DDoS Suspect Arrested in Netherlands
Two Dutch government websites that were created to
distribute information related to the COVID-19 pandemic fell victim to a DDoS
attack for several hours. Dutch authorities, who have been heavily involved
in many cybersecurity operations, have arrested at least one suspect and shut
down 15 sites offering DDoS services. Hopefully, the shutdowns will help reduce
the number of these types of attacks going forward.
RagnarLocker Takes Down Portuguese Energy
One of the largest energy providers in Europe, Energias
de Portugal (EDP), became the victim of a ransomware attack that used the
RagnarLocker variant. In exchange for the estimated 10TB of data stolen during
the attack, attackers demanded a ransom of $10.9m to be paid in cryptocurrency.
The authors behind RagnarLocker have already begun posting segments of the
stolen data to their main website, along with the promise to release the rest
and make their entire client list aware of the breach, if the ransom isn’t met.
The post Cyber News Rundown: Ransomware Wrecks Florida City appeared first on Webroot Blog.