Windows TCO: Cicada, Planned Parenthood, City of Columbus, and More
-
The Register UK ☛ Cicada ransomware may be a BlackCat/ALPHV rebrand
Cicada shares other characteristics with BlackCat, including how it tries to delete shadow copies that Windows Server can create to create point-in-time replicas of useful files. Deleting those copies could make ransomware recovery harder. The malware manipulates Windows' Volume Snapshot Service (vssadmin) which helps to create the shadow copies, and then it calls on Windows Management Instrumentation (WMI). It also tampers with the "bcdedit" utility in an attempt to prevent victims from recovering encrypted systems.
-
The Register UK ☛ Planned Parenthood scrambles to repair IT after cyber-attack
This comes as ransomware crew RansomHub boasted it had broken into the nonprofit, and stolen its data, which it is threatening to leak unless payment is made.
-
Security Week ☛ City of Columbus Sues Researcher Who Disclosed Impact of Ransomware Attack
Ross, however, immediately contacted local media to provide evidence that the stolen data was, in fact, intact and that it included names, Social Security numbers, and other types of sensitive data. A large amount of information pertained to police officers and crime victims. Advertisement. Scroll to continue reading.
According to the city’s complaint against Ross (PDF), the Rhysida ransomware group posted on the dark web data extracted from backup prosecutor and crime databases, which included information on cases dating back to at least 2015.
-
NPR ☛ Columbus gets restraining order to block cybersecurity expert from releasing data hack information
Goodwolf declined to comment on the restraining order. He said he is looking to hire a lawyer.
Columbus City Attorney Zach Klein said at a press conference on Thursday afternoon the city isn't going after Goodwolf for embarrassing the city. Klein claims the city is trying to stop him from giving out the information to untrustworthy people.
Goodwolf has also been critical of the city in interviews with WOSU.
-
NPR ☛ Columbus gets restraining order to block cybersecurity expert from releasing data hack information | WOSU Public Media
Klein did not say whether Goodwolf's work is what ultimately led the city to discover what was leaked to the dark web. He did not reveal how much the city has been able to find out to date compared to Goodwolf.