The Week in Ransomware - January 31st 2020 - Taking it to The Courts January 31, 2020 https://www.bleepingcomputer.com/ne...re-january-31st-2020-taking-it-to-the-courts/
London Offshore Consultants suffers ransomware attack January 31, 2020 https://splash247.com/london-offshore-consultants-suffers-ransomware-attack/
"Maryland poised to criminalize ransomware possession A bill proposed by Maryland lawmakers to criminalize ransomware possession looks set to pass a year after a costly cyber-attack hit the state’s biggest city. The creation and distribution of malware for criminal purposes is illegal under current US legislation, however, merely possessing malware or ransomware is not. This new state bill, proposed...on January 13, would criminalize ransomware ownership with intent to cause harm..." https://portswigger.net/daily-swig/maryland-poised-to-criminalize-ransomware-possession
Maze Ransomware Hits Law Firms and French Giant Bouygues February 3, 2020 https://www.infosecurity-magazine.com/news/maze-ransomware-law-firms-french/
Ransomware knocks city of Racine offline February 3, 2020 https://www.scmagazine.com/home/security-news/ransomware/ransomware-knocks-racine-city-offline/
New ransomware with ‘.SaveTheQueen’ extension discovered by Varonis February 4, 2020 https://www.information-age.com/new-ransomware-savethequeen-extension-discovered-varonis-123487551/ Varonis: A Queen’s Ransom: Varonis Uncovers Fast-Spreading “SaveTheQueen” Ransomware
Today there was a symposium by the university UM. The UM and Fox-IT told more about it. The symposium was only for guests but there was a live-stream: https://www.maastrichtuniversity.nl/um-cyber-attack-symposium-–-livestream (I assume you can later play it back, but I'm not sure about that). I don't know whether there are already English articles available; maybe they come later. Lots of Dutch sites have articles, in Dutch: https://nos.nl/artikel/2321732-hack...-maanden-in-netwerk-200-000-euro-betaald.html https://www.nu.nl/tech/6028600/univ...ijna-2-ton-losgeld-na-digitale-gijzeling.html https://www.security.nl/posting/642...esmet via phishingmail en verouderde software This evening Frank Groenewegen, security-expert at Fox-IT, will be on Dutch TV, Nieuwsuur: https://nos.nl/nieuwsuur/artikel/2321700-de-uitzending-van-5-februari.html In short, what happened according to the above articles: It all started already on 15 and 16 October 2019 with phishingmails, pointing to malicious document. There were two servers with unpatched OS. On 21 November the whole network was compromised: 267 servers and 2 workstations. The hacker needed to use a certain software to roll out the ransomware further. That was detected by a AV. The hacker then de-installed that AV. On 23 December the ransomware was rolled out. Backups were also encrypted. The UM paid about 197.000 euro (30 bitcoin). I hope that there will be later better articles in English than I gave here in this short summary.
Mailto (NetWalker) Ransomware Targets Enterprise Networks February 5, 2020 https://www.bleepingcomputer.com/ne...alker-ransomware-targets-enterprise-networks/
Tracker SA's systems hacked February 2, 2020 https://www.dispatchlive.co.za/news/2020-02-02-tracker-sas-systems-hacked/
Tracker hack hints at more ransomware attacks in South Africa February 5, 2020 https://www.itweb.co.za/content/LPp6VMr4YxNvDKQz/pXnWJadMba7bjO1e
Some more info, mostly in Dutch: The livestream of the symposium (in Dutch) can be replayed back later. There is a big report from Fox-IT (in Dutch). https://www.maastrichtuniversity.nl/um-cyber-attack-symposium-–-lessons-learnt Fox-IT report in Dutch in .pdf format : https://www.maastrichtuniversity.nl/file/foxitrapportreactieuniversiteitmaastrichtpdf (BTW: I wonder whether they didn't forget the dot before the pdf extension in that link there) The Observant has already an article in Dutch: https://www.observantonline.nl/Home...-grote-morele-bezwaren-tegen-betaling-losgeld They are saying (at the moment) on their English version that more info will come later: https://www.observantonline.nl/Engl.../17954/Paid-ransom-confirmed-during-symposium
Ransomware suspected after CUNA, a credit union lobbyist, knocked offline February 5, 2020 https://techcrunch.com/2020/02/05/cuna-ransomware-offline/
About that ransomware and the UM : That article in English is in the meanwhile ready: https://www.observantonline.nl/Engl...reat-moral-objections-against-paying-a-ransom
Ransomware Exploits GIGABYTE Driver to Kill AV Processes February 6, 2020 https://www.bleepingcomputer.com/ne...xploits-gigabyte-driver-to-kill-av-processes/ Sophos: Living off another land: Ransomware borrows vulnerable driver to remove security software
Ryuk ransomware used to attack Volusia library computers, records show February 6, 2020 https://www.news-journalonline.com/...ware-used-to-attack-volusia-library-computers
Allegheny Intermediate Unit investigates malware attack, avoids ransom payment February 6, 2020 https://triblive.com/local/pittsbur...tigates-malware-attack-avoids-ransom-payment/
Translink systems "crippled" by hackers 'holding firm to ransom' It is understood a virus has infected the firm's intranet February 7, 2020 https://www.belfastlive.co.uk/news/belfast-news/translink-systems-crippled-hackers-holding-17704725
The Week in Ransomware - February 7th 2020 - Exploiting Drivers February 7, 2020 https://www.bleepingcomputer.com/ne...somware-february-7th-2020-exploiting-drivers/
North Miami Beach Affected By Cyber Attack February 7, 2020 https://miami.cbslocal.com/2020/02/07/north-miami-beach-affected-by-cyber-attack/
Toll transport hack leaves customers demanding answers on parcel delivery delays https://www.abc.net.au/news/2020-02...es-customers-and-deliveries-in-limbo/11949036
Ransomware cripples Havre Public Schools computer system February 10, 2020 https://www.missoulacurrent.com/business/2020/02/ransomware-havre-schools/
Ragnar Locker Ransomware Targets MSP Enterprise Support Tools February 10, 2020 https://www.bleepingcomputer.com/ne...somware-targets-msp-enterprise-support-tools/
Report: The cost of ransomware in 2020. A country-by-country analysis https://blog.emsisoft.com/en/35583/...omware-in-2020-a-country-by-country-analysis/
Nacogdoches ISD consults city of Garrison after recent ransomware attack February 12, 2020 https://www.ktre.com/2020/02/12/nac...city-garrison-after-recent-ransomware-attack/
Ransomware meets sextortion: this ransomware demands explicit pics to unlock your data https://blog.emsisoft.com/en/35679/...re-demands-explicit-pics-to-unlock-your-data/