The FBI and its international partners infiltrated Hive's operation in July last year. 3/
Follow
Click to Follow BrettCallow
Brett Callow
@BrettCallow
Shawnigan Lake 
Joined June 2009
Joined June 2009Brett Callow’s Tweets
Hive was responsible for this attack. 2/
1
Show this thread
"Two more class action lawsuits have been filed over the ransomware attack and data breach at Knox College that happened late last year." #Hive #Ransomware Via 1/
1
3
Show this thread
Check out this new job from
- remote US
- contract to FTE
- FTE medical benefits & 4 day work week
- lead a team running some of the biggest #bugbounty programs in the world
- email careers@Lutasecurity.com with questions or to apply
23
24
The Dutch police announced on Friday that they dismantled the Exclu encrypted communications platform after hacking into the service to monitor the activities of criminal organizations. <- Via
1
1
Ransomwhere has compiled a list of > 1,700 ransomware payment addresses used in the ESXi Nevada ransomware attacks, sourced from Censys and Shodan data.
2 payments worth $58k have been made so far. We will keep this updated.
2
20
28
Show this thread
The year is 2033. There are no more snow days because there is no more in-school education due to extreme weather and societal meltdown making it to too dangerous to go outdoors, but there are still #ransomware days.
GIF
read image description
ALT
1
7
Additional info. re: this very bizarre incident.
theregister.com/2023/02/06/sch
Quote Tweet
San Benito CISD - which had data stolen by #Karakurt last year - auctioned >3.5k devices in July, some of which contained employees’ and students’ PI. The district wants to buy the devices back, but doesn’t want to pay the asking price. #shitshow 1/2
govtech.com/education/k-12
Show this thread
#Royal has listed ICS. According to the company's website, it is "actively supporting the U.S. Department of Defense, the Cyber and Intelligence Community, multiple Federal and Civilian agencies, Mass Transit authorities, the Healthcare IT market ...." #ransomware
4
3
At least 7 districts with 205 schools between them have been impacted by ransomware already this year. Stats for 2022 in the link. 2/
1
Show this thread
>19k students of Berkley County Schools get a #ransomware day (probably ransomware, anyway.) Via with a h/t to 1/
1
1
Show this thread
This a yearly reminder to all the ransomware threat actors wanting to quit or screw over a former partner or rival group. You can reach me anonymously via XMPP at fabian.wosar@anonym.im or via Tox at 4544D87C884D6FAA11A91BAB190F98B2DDBC7547D94B0CCBC5ABE0FFD4CAE65D2A071A6EABB1.
1
8
33
Out of the 426 addresses listed here, it appears that there is only one with a balance (0.5 BTC, ~$11,700).
So far, the scale of disruption and destruction likely outweighs any financial gain for the threat actor.
Quote Tweet
I extracted the bitcoin wallet addresses from the affected ESXi ( 315 indexed by shodan at the moment of pulling them) feel free to PR and add new ones.
github.com/soufianetahiri
Show this thread
1
3
4
Tango down! #Balloon
Quote Tweet
I’m selling rapid-deploy, relocatable countersurveillance devices starting at 1 BTC. Image is for illustration purposes only and may not be an exact representation of the actual product #Balloon
2
Quote Tweet
I’m selling rapid-deploy, relocatable countersurveillance devices starting at 1 BTC. Image is for illustration purposes only and may not be an exact representation of the actual product #Balloon
2
Show this thread
"No evidence."
4
14
Hackers who breached ION say ransom paid; company declines comment.
2
3
In case anybody is interested, I still have a few of these left. Okay, okay, I have all of them left - but so what?
Quote Tweet
I’m selling rapid-deploy, relocatable countersurveillance devices starting at 1 BTC. Image is for illustration purposes only and may not be an exact representation of the actual product #Balloon
Multiple Wayne County police agencies were targeted on Friday in a #ransomware attack but were able to thwart a data breach thanks to quick actions.
🚨 Right now, at least 115 VMware ESXi servers (and counting) are compromised with this aggressive #Ransomware campaign. Beware!!! 👇
beta.shodan.io/search?query=h
/cc
Quote Tweet
A tous : Si vous utilisez ESXi 6.x, mettez à jour IMMÉDIATEMENT, un cryptolock est en train de se propager à toute vitesse !
If you're using ESXi 6.x, update IMMEDIATELY, a cryptolock is rolling out fast!Show this thread
15
217
448
Show this thread
Canon would pay up to $7.5k for monetary losses and $300 for out-of-pocket expenses to each victim of an August 2020 data breach that compromised the personal information of employees and their beneficiaries, under a proposed deal filed in federal court.
2
22
32
Show this thread
The FTC has imposed a fine of $1,500,000 on GoodRx Holdings for failing to report they were disclosing sensitive consumer health information to Google, Facebook, Criteo, Branch, Twilio, and other companies.
2
IKOULA is reporting their clients are experiencing semi-automated ransomware attacks targeting ESXi versions 6.5 and 6.7.
Speculation: CVE-2021–21974
Intel via &
Quote Tweet
Ransomware alert :
We have noticed that some client servers under OS ESXi (6.5 and 6.7) are victims of a Ransomware. 
We recommend you to check your servers, to filter the access on your firewall and to disable SSH access.9
38
92
Show this thread
#LockBit has listed Beth Rivkah Schools. So far this year - and we're only a little over a month in - six district with 174 schools between them have been impacted by #ransomware. At least three of the six had data stolen. 1/
1
10
6
Show this thread
A major hospital system in northern Florida said Friday it is diverting some emergency room patients and canceling surgeries after a security problem with information technology. #ransomware
1
1
This can't be stressed enough: employees should not be blamed for being phished. This professor's comment shows a profound .... oh, I'll just leave it at that.
Quote Tweet
Blame the phished employee? Utter bollocks. Security should be planned around the fact that humans make mistakes. If anybody is to be blamed, it's DCAD for failing to implement MFA (which could have prevented the incident.) 2/
Show this thread
3
7
Blame the phished employee? Utter bollocks. Security should be planned around the fact that humans make mistakes. If anybody is to be blamed, it's DCAD for failing to implement MFA (which could have prevented the incident.) 2/
3
38
100
Show this thread
TL;DR it paid $170k. Only two US local governments are known to have paid ransoms last year - but, as the details of this payment has only just been made public, there may well be more. #ransomware Via 1/
1
9
18
Show this thread
Tallahassee Memorial hospital is current dealing with a suspected ransomware attack. 3/
Quote Tweet
TMH is redirecting EMS patients due to a suspected #ransomware attack. <- Via @PeterSchorschFL 1/
floridapolitics.com/archives/58568
Show this thread
1
1
Show this thread
This is an excellent, and extremely disturbing, overview of the impact of the #ransomware attack on Ireland's public health system. The impact of attacks on health outcomes is an issue that receives too little attention. Kudos to 1/
bloomberg.com/news/features/
2
25
28
Show this thread
“We should stop pretending that there is no harm to human life from cyber attacks.” 3/
theverge.com/2021/8/19/2263
1
Show this thread
This is the 2nd incident involving a US hospital this year. In 2022, 25 health systems operating 290 hospitals were hit by ransomware. 2/
1
2
Show this thread