- Iranian cybercriminals have been perpetrating ransomware attacks on victims, using “Dharma Ransomware” and a combination of publicly available hacking tools. They have been mainly targeting companies headquartered in Russia, Japan, China, and India.
- The ransomware is infamously known as Crysis, which has been sold or distributed as a RaaS (ransomware-as-a-service) model since the year 2016.
- It appeared to researchers that criminals did not have a well-defined plan of action regarding what to do with the networks they had infiltrated. After establishing RDP connections, the hackers determined the tools to be used to move ahead with the attack.
- They took the help of Defender Control and Your Uninstaller to disable the pre-existent antivirus software present in the victim’s system.
- Ahona Rudra | September 9, 2020
- Newcastle University is being held to ransom by cyber criminals in an attack which has been disrupting IT systems since the beginning of the month.
- The cyber crime group behind the attack - known as DoppelPaymer - previously leaked documents online relating to Elon Musk's companies SpaceX and Tesla.
- Newcastle University did not respond to Sky News' enquiries about whether it would pay the ransom to protect staff and students' personal data from being leaked online.
- Alexander Martin | September 8, 2020
San Diego Cyber Incident Response Guide
Learn more about San Diego’s region-wide cyber incident response guide and available local, state and federal resources.