LockBit Ransomware Demands $80 Million from CDW Technology Giant
Sirius Federal servers of the CDW technology service provider have fallen victim to the LockBit ransomware, which has left them in a digital stranglehold. In a bold move, the cybercriminals are demanding a hefty sum of $80 million to liberate the compromised systems from the clutches of this malicious software. Shockingly, reports reveal that CDW’s staff has offered a mere $1 million in exchange for a decryption key. However, the perpetrators appear resolute in their pursuit of pure profit, refusing to entertain any negotiations. The incident has prompted the launch of a forensic investigation, and the public eagerly awaits further developments on this front.
Kansas Court Systems Resort to Pen and Paper Amid Suspected Ransomware Attack
In a puzzling turn of events, court systems across Kansas, including those in Sedgwick County, have been forced to resort to pen and paper for several weeks. This comes as a suspected ransomware attack cripples the digital infrastructure of the legal system. Although Kansas Judge Phil Journey has acknowledged the disruption, it is yet to be officially labeled as a cyber-attack, as the matter remains under investigation. Court services will continue operating on Mondays as usual, but the efficiency of digital analysis and case processing may be compromised, with some online submissions possibly facing delays.
Colonial Pipeline Faces Ransomware Rumors, Denies Disruption
Recent rumors circulating on various telegram channels suggest that Colonial Pipeline fell victim to a ransomware group last Wednesday, resulting in operational disruptions. However, Colonial Pipeline issued a statement on Saturday vehemently denying any service interruptions, branding the claims by the Ransomed.vc gang as false. In an attempt to substantiate their assertions, the Ransomed group released some data, purportedly siphoned from an Excel file. Nevertheless, the data appears to be archived and of little to no value.
“Cuba Ransomware” Gang Targets Women Leaders in the EU
An intriguing development comes to light, as a criminal group known as Void Rabisu, also referred to by aliases UNC2596, Tropical Scorpius, and Storm-0978, singles out women leaders within the European Union’s military and political circles. This Cuba ransomware-linked gang is launching a series of attack campaigns designed to distribute an updated version of the RomCom RAT, named PEAPOD malware. This malware exhibits the capability to collect intelligence, transform into ransomware, and wipe data when necessary. Cybersecurity firm Trend Micro has uncovered that this attack campaign exclusively targets women political leaders who support Ukraine in its conflict with Russia and maintain ties to North Korean intelligence for data exchange.
Progress Software Users Urged to Patch Vulnerabilities
Security teams from Sophos are urging companies that utilize Progress Software to promptly patch their WS_FTP servers with the latest updates. Ransomware-spreading gangs, including Reichsadler Cybercrime Group, have shifted their focus to exploit these vulnerabilities. Reichsadler Cybercrime Group has been observed deploying ransomware payloads derived from the LockBit source code on computer networks linked to the healthcare industry. Vigilance and swift action are imperative to prevent potential security breaches.
